www.walla.co.il Open in urlscan Pro
52.222.236.78 Public Scan

URL: https://mail.walla.co.il/

URL: https://fantasy-sport1.walla.co.il/?utm_source=app&utm_medium=hamburger&utm_campaign=RM_WallaSport
Title: ליגת החלומותלמשחק הרשמי

URL: https://news.walla.co.il/
Title: חדשות

URL: https://elections.walla.co.il/
Title: בחירות 2022

URL: https://sports.walla.co.il/
Title: ספורט

URL: https://finance.walla.co.il/
Title: כסף

URL: https://e.walla.co.il/
Title: תרבות

URL: https://celebs.walla.co.il/
Title: סלבס

URL: https://food.walla.co.il/
Title: אוכל

URL: https://fashion.walla.co.il/
Title: אופנה

URL: https://healthy.walla.co.il/
Title: בריאות

URL: https://travel.walla.co.il/
Title: תיירות

URL: https://tech.walla.co.il/
Title: טכנולוגיה

URL: https://cars.walla.co.il/
Title: רכב

URL: https://www.sheee.co.il/
Title: Sheee

URL: https://nadlan.walla.co.il/
Title: נדל"ן

URL: https://www.wallashops.co.il/?utm_source=wallahp1&utm_medium=walla&utm_campaign=hpnemalakniut_1
Title: קניות

URL: https://www.drushim.co.il/
Title: דרושים

URL: https://www.yad2.co.il/?utm_source=walla&utm_medium=logo

URL: https://b.walla.co.il/
Title: ברנז'ה

URL: https://marketing.walla.co.il/
Title: שיווק ודיגיטל

URL: https://mekomi.walla.co.il/
Title: מקומי

URL: https://home.walla.co.il/
Title: בית

URL: https://horoscope.walla.co.il/zodiacs
Title: הורוסקופ

URL: https://gaming.walla.co.il/
Title: גיימינג

URL: https://fun.walla.co.il/
Title: משחקים

URL: https://healthy.walla.co.il/category/594
Title: הורות וילדים

URL: https://judaism.walla.co.il/
Title: יהדות

URL: https://law.walla.co.il/
Title: משפטי

URL: https://mazaltov.walla.co.il/
Title: וואלה! מזל טוב

URL: https://now.walla.co.il/
Title: NOW

URL: https://calendar.walla.co.il/
Title: לוח שנה

URL: https://tv-guide.walla.co.il/
Title: לוח שידורים

URL: https://walla.co.il/shabbat-times
Title: כניסת שבת

URL: https://www.b144.co.il/?sitecode=10&subsitecode=1406&site=walla&utm_source=walla&utm_medium=header
Title: B144

URL: https://mazaltov.walla.co.il/weddingdresses/
Title: שמלות כלה

URL: https://tld.walla.co.il/
Title: טוב לדעת

URL: https://beauty.walla.co.il/
Title: ביוטי

URL: https://perfectmatch.walla.co.il/
Title: חיבורים מושלמים

URL: https://mumlazim.walla.co.il/
Title: מומלצים

URL: https://b144.walla.co.il/
Title: עסקים קטנים

URL: https://yoram.walla.co.il/
Title: לימודים

URL: https://career.walla.co.il/
Title: חיפוש עבודה

URL: https://paisculture.walla.co.il/
Title: פיס בתרבות

URL: https://tmirecycle.walla.co.il/
Title: קיץ של מחזור

URL: https://starkist.walla.co.il/
Title: כל מה שטוב בטונה

URL: https://dogsandcats.walla.co.il/
Title: כלבים וחתולים

URL: https://galil.walla.co.il/
Title: גליל, תשאלו כל דחליל

URL: https://yarokkl.walla.co.il/
Title: שומרים על כדור הארץ

URL: https://www.wallashops.co.il/%D7%93%D7%99%D7%9C-%D7%99%D7%95%D7%9E%D7%99?utm_source=WALLA&utm_medium=text_linkHP&utm_campaign=dilyomi
Title: דיל יומי

URL: https://www.wallashops.co.il/?utm_source=WALLA&utm_medium=text_linkHP&utm_campaign=wallashops
Title: וואלה!שופס

URL: https://www.wallashops.co.il/?utm_source=WALLA&utm_medium=text_linkHP&utm_campaign=mivtzeim
Title: מבצעים

URL: https://www.wallatours.co.il/zimmer/
Title: צימרים

URL: https://www.wallaprint.co.il/?utm_source=WALLA&utm_medium=HP&utm_campaign=PRINTtext
Title: אלבומים

URL: https://tld.walla.co.il/category/13221
Title: weshow

URL: https://vod.walla.co.il/movies
Title: סרטים

URL: https://vod.walla.co.il/tvshows
Title: סדרות

URL: https://viva.walla.co.il/
Title: ויוה

URL: https://www.facebook.com/wallanews

URL: https://twitter.com/WallaNews

URL: https://www.instagram.com/wallanews/

URL: https://www.tiktok.com/@walla.news

URL: https://help.walla.co.il/
Title: עזרה

URL: https://help.walla.co.il/section/12344
Title: כתבו לנו

URL: https://dcx.walla.co.il/walla/terms/terms.pdf
Title: תנאי שימוש

URL: https://dcx.walla.co.il/walla_news_files/a516a87cfcaef229b342c437fe2b95f7.pdf
Title: מדיניות פרטיות

URL: https://apps.walla.co.il/
Title: אפליקציות

URL: https://www.wallashops.co.il/?utm_source=WALLA&utm_medium=text_linkHP&utm_campaign=kniyot
Title: קניות

URL: https://bit.ly/3tk0q7d
Title: קניות!באילת

URL: https://bit.ly/3cy45s1
Title: וואלה!פרינט

URL: https://healthy.walla.co.il/category/13034
Title: הורים טריים

URL: https://horoscope.walla.co.il/
Title: הורוסקופ

URL: https://vod.walla.co.il/hot
Title: HOT VOD

URL: https://news.walla.co.il/breaking
Title: מבזקי חדשות

URL: https://news.walla.co.il/break/3531441
Title: 12:00ביהמ"ש גזר 10 שנות מאסר לצעיר שאנס שתי חיילות באילת

URL: https://news.walla.co.il/break/3531434
Title: 11:53מחדל ההפריה באסותא: משרד הבריאות מינה ועדת בדיקה

URL: https://news.walla.co.il/break/3531400
Title: 11:46חייל נפצע בינוני בהתהפכות רכב צה"ל בדרום הארץ

URL: https://news.walla.co.il/break/3531432
Title: 11:37פועל בן 35 נהרג לאחר שנפל מגובה באתר בנייה בביתר עילית

URL: https://news.walla.co.il/break/3531418
Title: 10:58שני צעירים ממזרח י-ם נעצרו בחשד שזרקו בקבוקי תבערה מבית חולים

URL: https://news.walla.co.il/break/3531445
Title: 12:19רוכב אופנוע נהרג מפגיעת מיניבוס סמוך לבאר שבע

URL: https://bit.ly/3QIYsbr

URL: https://news.walla.co.il/item/3531437

URL: https://news.walla.co.il/item/3531313
Title: משוגעים, רדו מהגגאסון ידוע מראש: פעלולי הפארקור שהסתיימו בטרגדיה

URL: https://finance.walla.co.il/item/3531396
Title: שהעשירים ייהנוטונה סטארקיסט קיבלה מתנת חג מפנקת. אנחנו נשלם

URL: https://celebs.walla.co.il/item/3531435
Title: צפוואז שאלנו את שרית פולק משהו קטן (מאוד) על סטטיק

URL: https://paisculture.walla.co.il/item/3530440
Title: בשיתוף מפעל הפיס, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.תומר שרון: "קיבלתי איומים ומכות בגלל פוסטים שכתבתי, היו מקרים שחששתי לחיי"בשיתוף מפעל הפיס

URL: https://sports.walla.co.il/item/3531371
Title: בחצות תהפוך לזריהלום בחיתוך טיפה: השעון הקצרצר של אוסקר ומיטש

URL: https://food.walla.co.il/item/3530992
Title: פיתה-פיתה-פיתהוהמחיר, אוי המחיר: מסע בבירת השווארמה של ישראל

URL: https://fashion.walla.co.il/item/3530998
Title: עכשיו זה קורהחגיגית, אבל מהממת: 9 המלצות שופינג שוות לראש השנה

URL: https://healthy.walla.co.il/item/3528840
Title: בשיתוף JAMA, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.כן קרה כלום: למה חשוב לתת תוקף למה שהילדים מרגישים?בשיתוף JAMA

URL: https://food.walla.co.il/category/13238
Title: כל המנות, כל המתכונים: מה מכינים לערב ראש השנה?

URL: https://travel.walla.co.il/category/13234
Title: מדריך הטיולים והאירועים של החגים

URL: https://finance.walla.co.il/item/3530874
Title: לא אצל החרדים: הסופר שיחסוך לכם 200 שקל מהעגלהד"ר חזי גור מזרחי

URL: https://tld.walla.co.il/item/3495186
Title: לנצח את הכאב בלי חשש: בי-קיור לייזר במבצע התנסות חסר תקדיםמוגש מטעם בי קיור לייזר

URL: https://www.outbrain.com/what-is/default/he

URL: https://news.walla.co.il/item/3531415
Title: מחדל ההפריה באסותא: משרד הבריאות מינה ועדת בדיקה

URL: https://news.walla.co.il/item/3531391
Title: מתי נגיע ל-10 מיליון תושבים, ולכמה ישראלים יש דירה?

URL: https://news.walla.co.il/item/3531386
Title: בעקבות פודקסאט: גבר שהורשע ברצח חברתו שוחרר אחרי 23 שנה

URL: https://news.walla.co.il/item/3531372
Title: דיווח: מפקד יחידת משטרת המוסר האיראנית הושעה מתפקידו

URL: https://news.walla.co.il/item/3531206
Title: ויליאם והארי בחזית מאוחדת לכבוד המלכה - למרות הקרע

URL: https://news.walla.co.il/item/3530962
Title: "מוות לדיקטטור": הפגנות ועימותים עם המשטרה לאחר מותה של צעירה באיראן

URL: https://elections.walla.co.il/category/13220
Title: טורים

URL: https://elections.walla.co.il/category/13222
Title: לא מצונזר

URL: https://elections.walla.co.il/category/13216
Title: אולפן וואלה

URL: https://elections.walla.co.il/category/13217
Title: כל הכתבות

URL: https://elections.walla.co.il/item/3531348
Title: תוצאות הבחירות בבליך: לפיד שותה קולות לגלאון, הדר מוכתר קרובה לאחוז החסימה

URL: https://elections.walla.co.il/item/3531390
Title: האם הוא צריך בכלל להיות במרצ? ח"כ אמיר אוחנה בלי צנזורה

URL: https://elections.walla.co.il/item/3531144
Title: שקרנית וצבועה או השראה לצעירים - מה הציבור חושב על הדר מוכתר?

URL: https://elections.walla.co.il/item/3531047
Title: גדעון סער פוסל ישיבה בממשלה עם טיבי ועודה: "דעות אנטי-ישראליות"

URL: https://news.walla.co.il/category/5108
Title: אסור לפספס

URL: https://fashion.walla.co.il/item/3531149
Title: מסר מתריס למלכה הסתתר על סוליית הנעל של מייגן מרקל?

URL: https://travel.walla.co.il/item/3526218
Title: הצצה לבית קברות איראני עם מצבות בצורת... אתם יודעים מה

URL: https://tld.walla.co.il/item/3413611
Title: מוגש מטעם בי קיור לייזר, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.בי-קיור לייזר - האם זה באמת עוזר להעלים כאבים?מוגש מטעם בי קיור לייזר

URL: https://www.sheee.co.il/item/3527268
Title: דוגמנית הותקפה מינית בסופר: "את ביקשת את זה"

URL: https://sports.walla.co.il/item/3531295
Title: בלי מים ואוויר, בלי סקס ואלכוהול: "אסון המונדיאל" כבר בדרך

URL: https://sports.walla.co.il/item/3531422
Title: רק לא למכבי חיפה: ההחלטה הייחודית של הפועל באר שבע

URL: https://sport1.maariv.co.il/square/article/954254/
Title: ג'ורדי מרטין הימם את עולם הבידור: "פיקה בגד עם בר רפאלי"

URL: https://sports.walla.co.il/item/3531100
Title: השדר שסירב לנקוב בשמם של שחקני מכבי חיפה הפך ל"גיבור"

URL: https://sports.walla.co.il/item/3530828
Title: "אאנוס בברוטאליות": עמוס לוזון, עומר אדם ואייל גולן בסערה

URL: https://tld.walla.co.il/item/3446048?lm_supplier=16893&lm_bc=9857
Title: מוגש מטעם א.ד. הזכויות בע"מ, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.מגיע לכם תו חניית נכה? ככה תשיגו אותו (תוכן מקודם)מוגש מטעם א.ד. הזכויות בע"מ

URL: https://tld.walla.co.il/item/3373407?lm_supplier=16893&lm_bc=9857
Title: מוגש מטעם "גברא", הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.הסוד לשיפור חיי המין שלכם – כעת במבצע מיוחד (תוכן מקודם)מוגש מטעם "גברא"

URL: https://tld.walla.co.il/item/3512046
Title: מוגש מטעם בי קיור לייזר, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.מהפכת טיפולי הפנים: בינה מלאכותית במכשיר ביתי (תוכן מקודם)מוגש מטעם בי קיור לייזר

URL: https://fantasy-sport1.walla.co.il/?utm_source=WallaDesktop&utm_medium=bannerHP&utm_campaign=RM_WallaSport

URL: https://e.walla.co.il/item/3531185
Title: האמת היא שמזמן לא נהניתי כמו שנהניתי מהדוקו על שלמה ארצי

URL: https://e.walla.co.il/item/3530799
Title: כיף לצאת מהקולנוע עם חיוך. הכל בזכות הסרט הנפלא הזה

URL: https://e.walla.co.il/item/3531215
Title: זה מתחיל כמו בילוי שמח בחוף הים. אט אט נחשף גודל האסון

URL: https://e.walla.co.il/item/3513347
Title: בשיתוף רכבת ישראל, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.המנגינה שאי אפשר להפסיק: 5 תחנות רכבת, 5 פסנתרנים, 5 סיפורים מרגשיםבשיתוף רכבת ישראל

URL: https://law.walla.co.il/item/3528855
Title: בשיתוף zap משפטי, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.חושדים בבגידה? עשו ואל תעשו ברגעי האמתבשיתוף zap משפטי

URL: https://law.walla.co.il/item/3528943
Title: בשיתוף zap משפטי, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית."ליווי משפטי מקצועי במקרה של תאונת עבודה מקצר ומייעל תהליכים"בשיתוף zap משפטי

URL: https://law.walla.co.il/item/3530058
Title: בשיתוף zap משפטי, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.מעוניינים במשכנתא לאחר פשיטת רגל? המדריך שיוביל אתכם לאישור הבקשהבשיתוף zap משפטי

URL: https://finance.walla.co.il/item/3528588
Title: בשיתוף בנק הפועלים, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.לא רק המשכנתא: רוכשים דירה? יש עוד הרבה הוצאות שאתם צריכים להכירבשיתוף בנק הפועלים

URL: https://hazihinam.walla.co.il/item/3530250
Title: בשיתוף חצי חינם, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.בלי לעבוד קשה: קדירת כתף עגל בפטריות יער, טימין ויין לבן לצד תפוח אדמה צלויבשיתוף חצי חינם

URL: https://b144.walla.co.il/item/3527472
Title: בשיתוף B144, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.הכול כלול: חברת ההפקות שמספקת מעטפת מלאה לכל סוגי האירועיםבשיתוף B144

URL: https://tech.walla.co.il/item/3529665
Title: בשיתוף "הטכנולוגית", חטיבת הטכנולוגיה של בנק הפועלים, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.התמונות הן רק יחסי ציבור: ההישג האמיתי של הטלסקופ ג'יימס וובבשיתוף "הטכנולוגית", חטיבת הטכנולוגיה של בנק הפועלים

URL: https://experis.co.il/kickstart/?utm_source=walla&utm_medium=circle&utm_content=hitech_career_change
Title: הסבה להייטק

URL: https://www.manpower.co.il/?utm_source=walla&utm_medium=circle&utm_content=job_search
Title: עבודה בהייטק

URL: https://jobs.experis.co.il/?utm_source=walla&utm_medium=circle&utm_content=hitech_job
Title: חיפוש עבודה

URL: https://finance.walla.co.il/item/3531358
Title: זורק מהשלוש: עומרי כספי נכנס לעולמות ה-Web3

URL: https://finance.walla.co.il/item/3531275
Title: תודה על התזכורת, הדר: מתי מותר לרשום דירה על הילדים?

URL: https://nadlan.walla.co.il/item/3531174
Title: ירושלים מתחרדת – והתושבים עוזבים. ומי עוד ברשימה?

URL: https://nadlan.walla.co.il/item/3530946
Title: צינון בהייטק? על מחירי המשרדים זה לא משפיע

URL: https://mekomi.walla.co.il/item/3527821
Title: בשיתוף מועצת גדרה, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.כך מגיעים ל- 97% זכאות לבגרותבשיתוף מועצת גדרה

URL: https://celebs.walla.co.il/item/3531335
Title: צופית גרנט מתנצלת בפני ליהיא גרינר: "טעיתי בענק"

URL: https://celebs.walla.co.il/item/3531150
Title: הולה: האם פיקה בגד בשאקירה עם בר רפאלי?

URL: https://celebs.walla.co.il/item/3531123
Title: נטלי דדון נגד הדר מוכתר: "את לא מבושלת לאירוע"

URL: https://celebs.walla.co.il/item/3531190
Title: פיקה שמיקה: בר רפאלי הגיעה להשקה נוצצת

URL: https://now.walla.co.il/item/3530991
Title: מי אמר את זה? גרסת גמר האח הגדול

URL: https://now.walla.co.il/item/3530880
Title: השנה היא 2004 ולא ידעתם

URL: https://www.manpower.co.il/?utm_source=walla&utm_medium=content&utm_campaign=jobs_search_new

URL: https://healthy.walla.co.il/item/3530933
Title: תאכלו היום - תרוויחו בעתיד: האגוז הכי בריא שיש

URL: https://healthy.walla.co.il/item/3530876
Title: הרופאים חיכו שזה יצא בשירותים, אבל בסוף היו חייבים להתערב

URL: https://healthy.walla.co.il/item/3531114
Title: מדאיג: האיום הסורי הכי גדול עכשיו על ישראל הוא לא טילים

URL: https://healthy.walla.co.il/item/3529803
Title: 9 סיבות להתנפל על רימון (כן, מספר 4 הדהים גם אותנו)

URL: https://healthy.walla.co.il/item/3525099
Title: SK Pharma, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.סובלים מצרבת? התרופה החדשה הזו תשנה לכם את החייםSK Pharma

URL: https://healthy.walla.co.il/item/3529766
Title: מלאכים: הזוג שגידל מעל 50 ילדים ונוער בסיכון במשך 20 שנה

URL: https://e.walla.co.il/category/12992

URL: https://e.walla.co.il/item/3531398
Title: הולך בדרכי אביו: הבן של שף תומר אגאי מגיע לאודישן בהפתעה

URL: https://e.walla.co.il/item/3531384
Title: "כל חיי נקטעו בשנייה אחת": המספרים מאחורי תאונות הכלים החשמליים

URL: https://e.walla.co.il/item/3531155
Title: כשמשחקי השף התחפשה לאהבה חדשה: "הדבר הזה כל כך מצחיק אותי"

URL: https://e.walla.co.il/item/3531158
Title: כבר לא צריך לסחוב אוכל מהבית - בתי מלון שמציעים מטבחים כשרים

URL: https://food.walla.co.il/recipe/641210
Title: מתכון לפנקייק

URL: https://food.walla.co.il/recipes
Title: מתכונים

URL: https://food.walla.co.il/item/3531436
Title: געוגוע לימים אחרים: מלך הקבבים של יפו הלך לעולמו

URL: https://food.walla.co.il/item/3531188
Title: שחררו מהגפילטע: 5 מתכוני דגים לחג שיכניסו קצת עניין

URL: https://hazihinam.walla.co.il/item/3529946
Title: בשיתוף חצי חינם, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.דגים חריפים (קצת אחרים) לשולחן החג שכו-לם אוהביםבשיתוף חצי חינם

URL: https://career.walla.co.il/item/3528833
Title: בשיתוף Manpower, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.מתי צריך לשנמך את קורות החיים וכיצד לעשות את זה?בשיתוף Manpower

URL: https://career.walla.co.il/item/3528831
Title: בשיתוף Manpower, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.עד כמה היציבות התעסוקתית עדיין משחקת תפקיד בשוק העבודה?בשיתוף Manpower

URL: https://career.walla.co.il/item/3509333
Title: בשיתוף Manpower, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.זום, עבודה היברידית ומבחני בית: כך השתנה שוק העבודה בישראלבשיתוף Manpower

URL: https://fashion.walla.co.il/item/3530950
Title: הלך לך השיער הקיץ? הנה כל מה שאת יכולה לעשות

URL: https://fashion.walla.co.il/item/3530502
Title: "אני לומדת להתאהב בחיוך שלי מחדש ואפילו להתגאות בו"

URL: https://fashion.walla.co.il/item/3529449
Title: בשיתוף פדני, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.בהשראת העונה החגיגית של השנה: הקמפיין החדש של פדני לחגיםבשיתוף פדני

URL: https://www.sheee.co.il/item/3531137
Title: תעשו כפיים יא בני ז***ות: כך תהפכי לסלב באפס מאמץ

URL: https://www.sheee.co.il/item/3530914
Title: מה היא עשתה? ניתוח הברבי של אביבית בר זוהר

URL: https://travel.walla.co.il/item/3531364
Title: בטיסה לדובאי: נוסע הוריד חולצה והחל לבעוט בחלון המטוס. צפו

URL: https://travel.walla.co.il/item/3531245
Title: סמים בדרך לעולם הבא: טקס מתים עתיק נחשף במרכז הארץ

URL: https://travel.walla.co.il/item/3531126
Title: "לכי תז***": שילמה 12 אלף דולר, פוצתה והעלתה את זה. צפו

URL: https://tmirecycle.walla.co.il/item/3519483
Title: בשיתוף תאגיד המיחזור תמיר, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית."המהפכה מתרחשת עכשיו": הצצה למפעלי המיחזורבשיתוף תאגיד המיחזור תמיר

URL: https://tmirecycle.walla.co.il/item/3523332
Title: בשיתוף תאגיד המיחזור תמיר, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית."זה הכי פשוט בעולם": האם הישראלים מזהים את הסימנים?בשיתוף תאגיד המיחזור תמיר

URL: https://tmirecycle.walla.co.il/item/3518707
Title: בשיתוף תאגיד המיחזור תמיר, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.בלי להתבלבל: כך סימון קטן אחד צפוי לחולל שינוי גדולבשיתוף תאגיד המיחזור תמיר

URL: https://tech.walla.co.il/item/3531368
Title: אחרי הסערה: אפל בתגובה לתקלה באייפון 14 פרו

URL: https://gaming.walla.co.il/item/3531263
Title: רוקסטאר מגיבה לראשונה על ההדלפה של GTA 6

URL: https://tech.walla.co.il/item/3515668
Title: רגע לפני ההשקה: בדקנו את האייפון 14 פרו. האם שווה לשדרג?

URL: https://tech.walla.co.il/item/3530936
Title: האם מאגרי הנתונים של אובר נפרצו? החברה חוקרת

URL: https://tech.walla.co.il/item/3531361
Title: "במהירות של 14 ק"מ": כדור אש מסתורי האיר את שמי בריטניה

URL: https://tech.walla.co.il/item/3531196
Title: כוחו עדיין במותניו: האבל צילם "חילזון" גלקטי יפהפה בחלל

URL: https://marketing.walla.co.il/item/3531393
Title: טיקטוק ממשיכה לצמוח ויוטיוב מעלה הילוך

URL: https://marketing.walla.co.il/item/3530341
Title: הטרנדים ה"שקטים" שדוחפים את העובדים לקיצון

URL: https://b.walla.co.il/item/3531377
Title: המסקנה החשובה מהמשדר הארוך והיקר בהיסטוריה

URL: https://b.walla.co.il/item/3530988
Title: אילה חסון נתבעה במיליונים; מה קבע ביהמ"ש?

URL: https://gaming.walla.co.il/item/3531225
Title: עכשיו תורה של בליזארד, וגם דיאבלו 4 דולף לרשת

URL: https://gaming.walla.co.il/item/3531059
Title: מפתחי GTA 6 שבורים: "ההדלפה הגדולה בהיסטורית הגיימינג"

URL: https://gaming.walla.co.il/item/3531003
Title: מתכוננים: קול אוף דיוטי Warzone במובייל נחשף

URL: https://horoscope.walla.co.il/item/3531244
Title: יש לכם את האות ס' בשם? יש בכם קצת מקלף השטן

URL: https://horoscope.walla.co.il/item/3531013
Title: שכלתני, קשה החלטה וחייכן: הכירו את בן מזל מאזניים

URL: https://horoscope.walla.co.il/item/3530838
Title: הורוסקופ שבועי: 18-24 בספטמבר 2022

URL: https://home.walla.co.il/item/3531153
Title: עושים לביתם: להדר מוכתר יש דירה, אבל היא גרה כאן - ולא לבד

URL: https://home.walla.co.il/item/3530301
Title: תה אחרון ופרידה: מסיבת תה שכולה מחווה למלכה אליזבת' השנייה

URL: https://home.walla.co.il/item/3529632
Title: פתח הניקוז של הכיור מסריח? כך תנקו אותו בקלות וביעילות

URL: https://home.walla.co.il/item/3530036
Title: לא רואים עליו את הגיל: בית ישן קיבל מתיחת פנים

URL: https://vod.walla.co.il/tvshow/3433097
Title: VODעקרון ההחלפה

URL: https://vod.walla.co.il/
Title: VOD

URL: https://vod.walla.co.il/movie/2600528
Title: VODמצוד גורלי

URL: https://viva.walla.co.il/tvshow/3246926
Title: VODחלומות בהקיץ - כל הפרקים

URL: https://vod.walla.co.il/tvshow/3432405
Title: VODשבאבניקים

URL: https://vod.walla.co.il/episode/3477309
Title: VODמלכות 2

URL: https://judaism.walla.co.il/item/3530888
Title: מוגש מטעם שובה ישראל, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.השבוע בתל אביב: מעמד האלפים בראשות האדמו"ר הרב פינטומוגש מטעם שובה ישראל

URL: https://judaism.walla.co.il/item/3531354
Title: מוגש מטעם שובה ישראל, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.סיום אלף ספרי הזוהר: הערב - הכינוס ההיסטורי בהיכל מנורהמוגש מטעם שובה ישראל

URL: https://judaism.walla.co.il/item/3531140
Title: מוגש מטעם שובה ישראל, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.כך ציינו בני הקווקז את הפריחה הרוחניתמוגש מטעם שובה ישראל

URL: https://cars.walla.co.il/item/3531235
Title: בדיקת ''וואלה רכב'': חוגגים על הלקוח הישראלי

URL: https://cars.walla.co.il/item/3530839
Title: מבחן מקומי ראשון: BYD אטו 3

URL: https://cars.walla.co.il/item/3531228
Title: פיג'ו מטרופוליס 400 המעודכן בישראל

URL: https://cars.walla.co.il/item/3530842
Title: הבולען הזה חשף את התקלה שנקראת התחבורה בגוש דן

URL: https://havazingboimworld.walla.co.il/
Title: חווה זינגבויים

URL: https://havazingboimworld.walla.co.il/item/3530293
Title: בשיתוף חוה זינגבוים, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.בלי מייקאפ או פילטר: כל הדרכים לטפל בפיגמנטציהבשיתוף חוה זינגבוים

URL: https://havazingboimworld.walla.co.il/item/3525167
Title: בשיתוף חוה זינגבוים, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.פריצות הדרך המדעיות מבית חוה זינגבוים שישנו את שגרת הטיפול שלךבשיתוף חוה זינגבוים

URL: https://havazingboimworld.walla.co.il/item/3515967
Title: בשיתוף חוה זינגבוים, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.הטכנולוגיה שהופכת רעיונות חדשניים למוצרי קוסמטיקה מהפכנייםבשיתוף חוה זינגבוים

URL: https://tld.walla.co.il/item/3451929?lm_supplier=16893&lm_bc=9857
Title: מוגש מטעם WORLD8, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.טסים לחו"ל? הסוד שחברות הסלולר לא רוצות שתגלו (תוכן מקודם)מוגש מטעם WORLD8

URL: https://tld.walla.co.il/item/3528908
Title: מוגש מטעם weshow, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.Mioshy: המיזם הדיגיטלי שיחזיר לכם את התשוקה והפרפרים לזוגיותמוגש מטעם weshow

URL: https://tld.walla.co.il/item/3529761
Title: מוגש מטעם weshow, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.לימודי שייט עם מיקי ויינשטיין: להפליג רחוק ולא רק בדמיוןמוגש מטעם weshow

URL: https://tld.walla.co.il/item/3530556
Title: מוגש מטעם weshow, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.החלונות הקסומים שמתאימים בדיוק למזג האויר בישראלמוגש מטעם weshow

URL: https://paisculture.walla.co.il/item/3529527
Title: ההבטחה של מחר: הגר אנגלבשיתוף מפעל הפיס

URL: https://healthy.walla.co.il/item/3530566
Title: בשיתוף גרבר, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.לקראת החגים: איך מבססים את הארוחות הראשונות של התינוק?בשיתוף גרבר

URL: https://celebs.walla.co.il/item/3529773
Title: בשיתוף קסטרו, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.חודש הסליחות: און רפאלי חושף למה הוא כועס על רביב כנרבשיתוף קסטרו

URL: https://mazaltov.walla.co.il/article/archive/8119/?fbclid=IwAR2x5jOxJEXJfRXFn4w4jW_l9vT2jKLXt86sI-r3F9WaZVOGBTmAhL3QdZA#utm_source=walla_news&utm_campaign=merkaz
Title: דוד מ"דוד ויוסף" בצעד קולינרי מפתיע

URL: https://mazaltov.walla.co.il/article/daily-bride/8115/#utm_source=walla_news&utm_campaign=merkaz
Title: שמש נצחית בשמלה לבנה: קולקציית 2023 של ענבל דרור

URL: https://mazaltov.walla.co.il/article/event-place/8118//?utm_source=walla_news&utm_campaign=merkaz
Title: שווה לחכות: מה מצפה לכם ב-The sen בחורף?

URL: https://fun.walla.co.il/game/3448057
Title: באבלס מנסטר

URL: https://fun.walla.co.il/game/3364725
Title: גאמבול גיימס

URL: https://fun.walla.co.il/game/3371880
Title: באבל בובל

URL: https://fun.walla.co.il/game/3460789
Title: מפוצץ הבלונים 2

URL: https://fun.walla.co.il/game/3386384
Title: טרפת איקס עיגול

URL: https://fun.walla.co.il/game/3167792
Title: באבלס הקול בראש

URL: https://e.walla.co.il/item/3516230
Title: "חשבנו שהצעירים רק בטיקטוק, ופתאום הם מנגנים יצירות על הפסנתר. זה מדהים"בשיתוף רכבת ישראל

URL: https://food.walla.co.il/item/3529660
Title: בשיתוף מוזס שופ, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.האנרגיה, הטעם, ובעיקר ההמבורגר: 5 סיבות מצוינות להרים מוזס שופ באמצע יום העבודהבשיתוף מוזס שופ

URL: https://home.walla.co.il/item/3530552
Title: בשיתוף קסטרו, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.קסטרו הום חוגגת שנה עם קולקציה חדשה וחגיגיתבשיתוף קסטרו

URL: http://www.enaim.co.il/
Title: הסרת משקפיים

URL: http://dominos.walla.co.il/?utm_source=Walla&utm_medium=Cooperation&utm_campaign=ongoing&utm_content=more_online
Title: פיצה אונליין

URL: https://www.b144.co.il/%D7%A4%D7%A8%D7%97%D7%99%D7%9D/%D7%AA%D7%9C-%D7%90%D7%91%D7%99%D7%91-%D7%99%D7%A4%D7%95/?&sitecode=10&subsitecode=1400&site=walla&d=1
Title: כל חנויות הפרחים

URL: https://www.b144.co.il/%D7%97%D7%A9%D7%9E%D7%9C%D7%90%D7%99%D7%9D/%D7%97%D7%A9%D7%9E%D7%9C%D7%90%D7%99%D7%9D-24-%D7%A9%D7%A2%D7%95%D7%AA/%D7%90%D7%96%D7%95%D7%A8-%D7%AA%D7%9C-%D7%90%D7%91%D7%99%D7%91-%D7%95%D7%94%D7%9E%D7%A8%D7%9B%D7%96/?&sitecode=10&subsitecode=1402&site=walla&d=1
Title: חשמלאים

URL: https://www.b144.co.il/%D7%92%D7%A0%D7%99-%D7%99%D7%9C%D7%93%D7%99%D7%9D-%D7%95%D7%A4%D7%A2%D7%95%D7%98%D7%95%D7%A0%D7%99%D7%9D/%D7%AA%D7%9C-%D7%90%D7%91%D7%99%D7%91-%D7%99%D7%A4%D7%95/?&sitecode=10&subsitecode=1401&site=walla&d=1
Title: גני ילדים

URL: https://www.b144.co.il/%D7%A0%D7%93%D7%9C%D7%9F/%D7%AA%D7%99%D7%95%D7%95%D7%9A/%D7%90%D7%96%D7%95%D7%A8-%D7%AA%D7%9C-%D7%90%D7%91%D7%99%D7%91-%D7%95%D7%94%D7%9E%D7%A8%D7%9B%D7%96/?&sitecode=10&subsitecode=1403&site=walla&d=1
Title: תיווך

URL: https://www.wallashops.co.il/?utm_source=walla&utm_medium=wallahp2&utm_campaign=hpnemalawallashops_2
Title: וואלה שופס

URL: https://www.seolinks.co.il/
Title: קידום אתרים

URL: https://hayoetzet.co.il/
Title: מציאת רופא מומלץ

URL: https://www.wallashops.co.il/%D7%94%D7%9E%D7%95%D7%A6%D7%A8%D7%99%D7%9D-%D7%94%D7%A0%D7%9E%D7%9B%D7%A8%D7%99%D7%9D-%D7%91%D7%99%D7%95%D7%AA%D7%A8#intref=HP-DealCubes&meta=%D7%94%D7%A0%D7%9E%D7%9B%D7%A8%D7%99%D7%9D-%D7%91%D7%99%D7%95%D7%AA%D7%A8?utm_source=walla&utm_medium=wallahp2&utm_campaign=hpnemalasale_2
Title: מבצעים

URL: https://www.leumi.co.il/Campaign/loan_all_clients/47071/
Title: הלוואה לכל מטרה

URL: https://www.sugat.com/all-recipes/
Title: מתכונים מנצחים

URL: https://www.wallashops.co.il/%D7%93%D7%99%D7%9C-%D7%99%D7%95%D7%9E%D7%99?utm_source=walla&utm_mediumhp2=walla&utm_campaign=hpnemaladeal_2
Title: דיל יומי

URL: http://m.onelink.me/b3fbc033
Title: חדשות בזמן אמת

URL: https://www.wallaprint.co.il/?utm_source=WALLA&utm_medium=textSEO&utm_campaign=odBAinternet
Title: וואלה! פרינט

URL: http://pricelist.yad2.co.il/
Title: מחירון רכב

URL: http://www.yad2.co.il/Nadlan/sales.php
Title: דירות למכירה

URL: http://www.yad2.co.il/Nadlan/rent.php
Title: דירות להשכרה

URL: https://yoram.walla.co.il/mivdak?utm_source=wallacampaign
Title: המבדק של יורם

URL: http://www.oref.org.il/11093-he/Pakar.aspx
Title: פיקוד העורף

URL: https://news.walla.co.il/category/1
Title: חדשות בארץ

URL: https://bama.bio/b2b
Title: הבמה שלך באינטרנט

URL: https://www.maariv.co.il/jewishism/shabat-times
Title: כניסת שבת

URL: https://www.hamal.co.il/
Title: חמ"ל

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://midhle.fun/ii/is/il HTTP 301
https://midhle.fun/ii/is/il/ HTTP 302
https://www.walla.co.il/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 82

https://ib.adnxs.com/getuid?https://ledger.crowdad.io/map-id?publisherId=WALLA&publisherUserId=&kaUserId=d445bb4e-a368-4e8f-a0b4-eb4a2bd8e4ee&adnxsUserId=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fledger.crowdad.io%2Fmap-id%3FpublisherId%3DWALLA%26publisherUserId%3D%26kaUserId%3Dd445bb4e-a368-4e8f-a0b4-eb4a2bd8e4ee%26adnxsUserId%3D%24UID HTTP 302
https://ledger.crowdad.io/map-id?publisherId=WALLA&publisherUserId=&kaUserId=d445bb4e-a368-4e8f-a0b4-eb4a2bd8e4ee&adnxsUserId=207039819888687976

Request Chain 162

https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent= HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/freewheel/c78d34d8bca6f4128348c719eaa4f4

Request Chain 169

https://creativecdn.com/cm-notify?pi=smilewanted HTTP 302
https://creativecdn.com/cm-notify?pi=smilewanted&tc=1 HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/Yt01Ciiz1XOm3yWnFuKm?pi=smilewanted&tc=1

Request Chain 179

https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 302
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=6f422dd2eeeb0011dd32bcb9da9bfb2c

Request Chain 181

https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjssUy-6HeRRBe7QNFRp0QReOEK3M_aqHw0L3kNd78pMZxAH8ZEFJjCuhebVxXPZHFafgnob7zKdoeULpnJVY1a1aB25UxA0b23Mj1i5BXCSQRpt-lBlDgA2rGK_4bmzODVVlSQdEWM3b4oN0IeZ7Ravesu42-X5JS60j55xMMM_wpNWpPZDuG2RZEu2gMVgOUKvqIJ3cijpPUpcZKCFjYIAG4_u4B6e0Qz7RtHiS102fbKeV7ws2NTE6JGUpc7mL5Y46wDKVMxUFmAXdJV1qGwFMG_TFUp9DVDn3voQn-aE5aS1nyq1zlN2AkryIErY7ar0CCHBlYNkKwG-iCKg%26sai%3DAMfl-YRUOV0QLUekeBcndN-CLReQGM_YmQdk7mf9SlJgW1I69MAZJBvLJADHTKr1BCyzGBdry6kEZDmknMpg2aq0gfCh5PL_9RdgHnZYVN_xN6WRIbCMjp_IDXpuVtOHcNE%26sig%3DCg0ArKJSzChOzCT2GDRtEAE%26uach_m%3D%5BUACH%5D%26urlfix%3D1%26adurl%3Dhttps://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDLh7jr_AEQARgBMghMyp1u-ZMMNg HTTP 302
https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDLh7jr_AEQARgBMghMyp1u-ZMMNg HTTP 301
https://tpc.googlesyndication.com/simgad/3664297453309006094

Request Chain 183

https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjsu3n2toM-xDSUrboWJcNVGDWYjxn_OiEGe1xFqZdRsnOtVDWk3v8VPw28mVDaoMVgK1SgytTJfEajUgSdM6mvJXuPYFfKafGL4uBX4TMYTdyOCH0fdNtOjMuQXiGaRoESbwkPJmXm2hHTEsEFhYpJvj4owQ6gAiI__pu8z7kT4qmEyEeRVSx0_33SFDZ8NaOb5J25g40SSuJQhr-pfKhnWFTqaWjNkmpAZfHkqsM1AdykIYnCAvS2DU4anPlfChbijsXLzXxWmvF_1M6E0MXZ1XTJXaNuwfmmUH5JXXSG4HF6KDOQ7QBvVvHKNbr3ifoLiXw4IZoY6X81aeX9w%26sai%3DAMfl-YRUNP0JCjWKcORZHmU9IWhdFTaMq0fAUnZKzt0rc4U0PzPQ6kaY2NvocAUrzflOieN4fR0R8k3s81d-IZUaU8HCEkDcfEswR3al-nvfXsTWHOFRgxtDCQnd9J_e7sU%26sig%3DCg0ArKJSzGIz8MrjfLEQEAE%26uach_m%3D%5BUACH%5D%26urlfix%3D1%26adurl%3Dhttps://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDLh7jr_AEQARgBMghMyp1u-ZMMNg HTTP 302
https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDLh7jr_AEQARgBMghMyp1u-ZMMNg HTTP 301
https://tpc.googlesyndication.com/simgad/3664297453309006094

Request Chain 194

https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjsuJMg5gYNH5qztd89CR2uT4Ky6kHZzSvhLVTcfx59ueda3GQvNVS1MB-46G3oeypq-CGcjRYKdIv9GLOQonAwzBEfuqitWmnxgs43zaaaHdKqfDPqcImnDWBPipwnsnuUjrMLfJPSalVK9CaiaeFE68m60jHBgiPiQ1O80_13vAhrtrQ1YUICKwcqoXnDprp2RhPrkyQlVW-Iqbtn66I8KcwIEaB-65OpWRTP-v1gtJRMGUy9Ivd7icK1YjUwNmDwEaY9_HUpuR2hOoQt-b4-e4RPiXIOn3lagY5X7jwV0PCJ3-TUfAy3x12CmOdXzebg29tUkXqRblTU1zfbfp%26sai%3DAMfl-YQOtNXAkzYt20fEb_kgNb3HeMVVzP-xbVDA2MWOld-vHkY9syKS9tLS18P2CGEqQXfVFCGX9ZWuptdKIX2SBDSbxaVaZyTedoFtAvKSkpwP0BEln_CsryW_fy01GOU%26sig%3DCg0ArKJSzB570xXBe7MVEAE%26uach_m%3D%5BUACH%5D%26urlfix%3D1%26adurl%3Dhttps://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDLh7jr_AEQARgBMghMyp1u-ZMMNg HTTP 302
https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDLh7jr_AEQARgBMghMyp1u-ZMMNg HTTP 301
https://tpc.googlesyndication.com/simgad/3664297453309006094

Request Chain 200

https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid] HTTP 302
https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1

Request Chain 202

https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010 HTTP 302
https://ice.360yield.com/ul_cb/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/%7BPUB_USER_ID%7D&partner_id=1010 HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/improve/ca0c24c8-4c64-4f7c-8b60-2c476a99ee70&partner_id=1010

Request Chain 212

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESECVedt_Qg0Yzw5EAzWUey7s&google_cver=1&google_push=AZmPxg-aoxtWy7pUu32PG7iF9laKQq_8xpkxrzfRp4bubmiLWFdJKSHx2nLFoiKXShTrhcaM19gro9wrS0lj96OWBVW6ZjuRIKw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE0NTQ0MTY2MDQ4MzY2NDAyNQ%3D%3D&google_push=AZmPxg-aoxtWy7pUu32PG7iF9laKQq_8xpkxrzfRp4bubmiLWFdJKSHx2nLFoiKXShTrhcaM19gro9wrS0lj96OWBVW6ZjuRIKw

Request Chain 213

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEEBmrmwXmEumVK9MxLOHYV8&google_cver=1&google_push=AZmPxg-Ezz4opyvusaOopc4w-BN6GWyntGIkknFyrb0681pnIA9IpMjyZAGKsq8JdC4fl8n7VB1kgwpET4HNIetD_K00RdsI1u0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg-Ezz4opyvusaOopc4w-BN6GWyntGIkknFyrb0681pnIA9IpMjyZAGKsq8JdC4fl8n7VB1kgwpET4HNIetD_K00RdsI1u0&google_hm=MjE1MTE2MTM2ODc0Mzk5NzE1

Request Chain 215

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFqQcLHtIiKOgfrAES2zId0&google_cver=1&google_push=AZmPxg_4-HQPltxy-ZKi3LQ9iOBl7K01PU-avwGNbyuMbMHf5Rqa2lCkaG7s6jmzIQ41_bf9dVpEvfZpl28xyx8wpeSc3Bb_DCg HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEFqQcLHtIiKOgfrAES2zId0&google_push=AZmPxg_4-HQPltxy-ZKi3LQ9iOBl7K01PU-avwGNbyuMbMHf5Rqa2lCkaG7s6jmzIQ41_bf9dVpEvfZpl28xyx8wpeSc3Bb_DCg&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFqQcLHtIiKOgfrAES2zId0&google_hm=Yym1VcH8vwiFSBs_qsoP7wAABLsAAAIB&google_nid=index&google_push=AZmPxg_4-HQPltxy-ZKi3LQ9iOBl7K01PU-avwGNbyuMbMHf5Rqa2lCkaG7s6jmzIQ41_bf9dVpEvfZpl28xyx8wpeSc3Bb_DCg

Request Chain 216

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEA-37ww6vqhDaswVeqTXyIo&google_cver=1&google_push=AZmPxg87oTzWNph8Q-Z_uamUHLIh0FyLqnSEmfOlO_M153Rj0uH38z8ID4ervaJl0E7SKwiaibix4zp3hK9_JY7fFKjG6HwRgq0 HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AZmPxg87oTzWNph8Q-Z_uamUHLIh0FyLqnSEmfOlO_M153Rj0uH38z8ID4ervaJl0E7SKwiaibix4zp3hK9_JY7fFKjG6HwRgq0&google_gid=CAESEA-37ww6vqhDaswVeqTXyIo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mzk4MjM5MTA5NzE4NDczMDQ4ODI5Ng%3D%3D&google_push=AZmPxg87oTzWNph8Q-Z_uamUHLIh0FyLqnSEmfOlO_M153Rj0uH38z8ID4ervaJl0E7SKwiaibix4zp3hK9_JY7fFKjG6HwRgq0

Request Chain 220

https://a.tribalfusion.com/i.match?p=b6&u=CAESEG5-V4_v9Pw5RLqHTGHFjJc&google_cver=1&google_push=AZmPxg-DXwOLs7RTsfdd4Pxsy0YW2oB8duswP6A_2mSmh_ydegWKAjPlrZVOqwIErsBOZefzUt3_82Q9B2elV_SvHeaRSxhRucw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg-DXwOLs7RTsfdd4Pxsy0YW2oB8duswP6A_2mSmh_ydegWKAjPlrZVOqwIErsBOZefzUt3_82Q9B2elV_SvHeaRSxhRucw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEG5-V4_v9Pw5RLqHTGHFjJc&google_cver=1&google_push=AZmPxg-DXwOLs7RTsfdd4Pxsy0YW2oB8duswP6A_2mSmh_ydegWKAjPlrZVOqwIErsBOZefzUt3_82Q9B2elV_SvHeaRSxhRucw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg-DXwOLs7RTsfdd4Pxsy0YW2oB8duswP6A_2mSmh_ydegWKAjPlrZVOqwIErsBOZefzUt3_82Q9B2elV_SvHeaRSxhRucw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 222

https://ads.travelaudience.com/google_pixel?google_gid=CAESEGzsSFXs-109ei6XoXVSuGo&google_cver=1&google_push=AZmPxg-d5kXMkBznQmkkiPWwggY67nqh9mZWLO3x5qVK8x6eW5Ko6cdmqOK1xddqO6IZyWtoDLXiKhjdFrUaDxvx8UMLbGTCBfw HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=K1vZoPv8T1GywBIWJo7hnw2&google_push=AZmPxg-d5kXMkBznQmkkiPWwggY67nqh9mZWLO3x5qVK8x6eW5Ko6cdmqOK1xddqO6IZyWtoDLXiKhjdFrUaDxvx8UMLbGTCBfw

Request Chain 223

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEEBmrmwXmEumVK9MxLOHYV8&google_cver=1&google_push=AZmPxg_uW6Pa3LMD7V2Z3a99NTY27U58EFyAlBqrJzltCCppGNwwoUwCPiQmmJ8AH1Os3z9mmHg70Ghi-Jonsj5iPsOdtaJobhM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg_uW6Pa3LMD7V2Z3a99NTY27U58EFyAlBqrJzltCCppGNwwoUwCPiQmmJ8AH1Os3z9mmHg70Ghi-Jonsj5iPsOdtaJobhM&google_hm=NDEyNjU3MjI0OTc2Nzc4NDE2Mw%3D%3D

Request Chain 224

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEAG9AOfZdCI9qQ7lmUFV90s&google_cver=1&google_push=AZmPxg8fI32SVUrMLuUHj_HsTPTe5KjOkFHcPOIdn4zo3YGNmPZ_bFjNUEo_KfOZnX3whxN1Le7zAUrpamfF5Ld01TIgCkXMZiU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg8fI32SVUrMLuUHj_HsTPTe5KjOkFHcPOIdn4zo3YGNmPZ_bFjNUEo_KfOZnX3whxN1Le7zAUrpamfF5Ld01TIgCkXMZiU

Request Chain 225

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEEGkoSIp0HJlcVUt2BvKs_w&google_cver=1&google_push=AZmPxg8YX-slmQyeGPhk0qUPFhynFbcbIF4Nat9f5B7KSTtuV8ZtV0Gt1MF2-PBb5fTy-eyT8HP465zrVwROR88qOckH730SQtk HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AZmPxg8YX-slmQyeGPhk0qUPFhynFbcbIF4Nat9f5B7KSTtuV8ZtV0Gt1MF2-PBb5fTy-eyT8HP465zrVwROR88qOckH730SQtk&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1663677781237 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-4626b40a-488b-485d-9cd5-c06ab77d095c-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAZmPxg8YX-slmQyeGPhk0qUPFhynFbcbIF4Nat9f5B7KSTtuV8ZtV0Gt1MF2-PBb5fTy-eyT8HP465zrVwROR88qOckH730SQtk%26google_hm%3DA0YmtApIi0hdnNXAard9CVw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg8YX-slmQyeGPhk0qUPFhynFbcbIF4Nat9f5B7KSTtuV8ZtV0Gt1MF2-PBb5fTy-eyT8HP465zrVwROR88qOckH730SQtk&google_hm=A0YmtApIi0hdnNXAard9CVw

Request Chain 226

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEDFzc-HeEAqfj-uHaWqqn2g&google_cver=1&google_push=AZmPxg-jArxCB68oxqP_1ELl7tccDMTLju5Qm2AeMfJyLR3ZBneWZaw9TD9FWBvgJOkWjs9_O7zCGDnc8EYjBuqmDPH0uyA7dOqm HTTP 302
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEDFzc-HeEAqfj-uHaWqqn2g&google_cver=1&google_push=AZmPxg-jArxCB68oxqP_1ELl7tccDMTLju5Qm2AeMfJyLR3ZBneWZaw9TD9FWBvgJOkWjs9_O7zCGDnc8EYjBuqmDPH0uyA7dOqm&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS03anZ4NXdwRTJ1SDJaSGFfbjA2VVM2Nkk3NUhocEsxNX5B&google_push=AZmPxg-jArxCB68oxqP_1ELl7tccDMTLju5Qm2AeMfJyLR3ZBneWZaw9TD9FWBvgJOkWjs9_O7zCGDnc8EYjBuqmDPH0uyA7dOqm

Request Chain 237

https://ssum-sec.casalemedia.com/usermatchredir?s=193216&cb=https://csync.smilewanted.com/set_partner_userid_get/indexexchange/ HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/indexexchange/Yym1VcH8vwiFSBs-qsoP7wAA%261211

Request Chain 306

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECyQiykcCufNxzYAEcrmU3k&google_cver=1

Request Chain 307

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yym1VcH8vwiFSBs-qsoP7wAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECyQiykcCufNxzYAEcrmU3k&google_cver=1

Request Chain 308

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEHPxTKdVPV9b6V1WWaLKAZQ&google_cver=1

Request Chain 309

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjA3MDM5ODE5ODg4Njg3OTc2

Request Chain 314

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECyQiykcCufNxzYAEcrmU3k&google_cver=1

Request Chain 315

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yym1VcH8vwiFSBs-qsoP7wAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECyQiykcCufNxzYAEcrmU3k&google_cver=1

Request Chain 316

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEHPxTKdVPV9b6V1WWaLKAZQ&google_cver=1

Request Chain 317

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjA3MDM5ODE5ODg4Njg3OTc2

Request Chain 318

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECyQiykcCufNxzYAEcrmU3k&google_cver=1

Request Chain 319

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yym1VcH8vwiFSBs-qsoP7wAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECyQiykcCufNxzYAEcrmU3k&google_cver=1

Request Chain 320

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEHPxTKdVPV9b6V1WWaLKAZQ&google_cver=1

Request Chain 321

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjA3MDM5ODE5ODg4Njg3OTc2

Request Chain 330

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEFVR3JfqG-IC0vJF5wQicBo&google_cver=1&google_push=AZmPxg9oWGRNjlpEE0X4ho6IPL96sokRx0uIifcR6VdXqiQVfn1V1qqUTcnW2dcN6ref2Erh0kUo3HKrnz-AxDjD4mOBO_DWE3Vp HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AZmPxg9oWGRNjlpEE0X4ho6IPL96sokRx0uIifcR6VdXqiQVfn1V1qqUTcnW2dcN6ref2Erh0kUo3HKrnz-AxDjD4mOBO_DWE3Vp

Request Chain 333

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMdqsH3zf7uk8aSD2AmDYyY&google_cver=1&google_push=AZmPxg9lApMZuaUWYKYtkzX23p6plyul9NBBA9yS7S9CMR4borSqLzTUDkzqqDNd8-titJHY_s5_gvh_gXRQX5pRIr0PCcwwrkeaRg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhBNlNNWlYtMjItRzBLTg==&google_push=AZmPxg9lApMZuaUWYKYtkzX23p6plyul9NBBA9yS7S9CMR4borSqLzTUDkzqqDNd8-titJHY_s5_gvh_gXRQX5pRIr0PCcwwrkeaRg

Request Chain 334

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEB4ox0KbiMI_At1civSDPuc&google_cver=1&google_push=AZmPxg_-yFi79v6HWy7MKDEu17ZI8DMCcCr_n6I_tpKn6LHzAdqR46H1kslgCToGtyYKI6yUliI9WUBe_N64ZIja7sjfOinEtm_LyQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AZmPxg_-yFi79v6HWy7MKDEu17ZI8DMCcCr_n6I_tpKn6LHzAdqR46H1kslgCToGtyYKI6yUliI9WUBe_N64ZIja7sjfOinEtm_LyQ

Request Chain 335

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEM94GEvOS9SwR2t9FP7xlQA&google_cver=1&google_push=AZmPxg93tizFi_TI08ChDLmYIP7mE63r4s90zEXJ7g56JLUsT9eSC-7xYLavZkb4lEc5SuKYX0UpWAPKyOZm2scoCdr-Y9NfYULBpQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mzk4MjM5MTA5NzE4NDczMDQ4ODI5Ng%3D%3D&google_push=AZmPxg93tizFi_TI08ChDLmYIP7mE63r4s90zEXJ7g56JLUsT9eSC-7xYLavZkb4lEc5SuKYX0UpWAPKyOZm2scoCdr-Y9NfYULBpQ

Request Chain 378

https://fw.adsafeprotected.com/rfw/st/1171009/65650039/4.js?ias_dspID=3&ias_campId=1008929676&ias_pubId=pub-4491659496372172&ias_chanId=1&ias_placementId=18252516133&bidurl=https://www.walla.co.il/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gwGLY1ALN4EfwHA5jCcLgR&adContainerId=brand_safety_VbUpY4GCGeCW9u8PltKLwAY&cbFunctionName=goog_wrapCb_VbUpY4GCGeCW9u8PltKLwAY&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.walla.co.il%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:cf5c56e4-e301-5005-e583-b3d2705c8f55,c:oL3NOP,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-6c95fbbff-rrg5g,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:4,mot:0,app:0,maw:0,fm:thYGqAs+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C181%7C182%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f1%7C1g%7C1h%7C1i*.1171009-65650039%7C1i1%7C1i2%7C1i3%7C1j1%7C1j2%7C1k1%7C1k2%7C1k3%7C1l1%7C1l2%7C1l3%7C1m%7C1n%7C1o,idMap:1i*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:DIV,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:32,oid:c39321b2-38e1-11ed-b658-a2b60ea64c43,v:19.8.352,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js

Request Chain 393

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPgEbLYHE1SOq0rzP9gO7AQ&google_cver=1&google_push=AZmPxg82893J6uDJtlyDjCuSTBO8IhGTsxHgotO0-iAOxBy28IpayEfD62OSR-yKltR6G2t-yx6w8D0DdX_tnkilw5X0O9rIrdiX HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg82893J6uDJtlyDjCuSTBO8IhGTsxHgotO0-iAOxBy28IpayEfD62OSR-yKltR6G2t-yx6w8D0DdX_tnkilw5X0O9rIrdiX&google_hm=MjE1MTE2MTM2ODc0Mzk5NzE1

Request Chain 394

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESENp1TqVNhYyUZ5Ae-LTcS_M&google_cver=1&google_push=AZmPxg_f5q52iXqAlzMDavcTKscKasAz6zM1W6fGo2pu7GXNhk6AvBGICL7O4h1eC1PefQMLETJEakdjPDcgz81s3F-LdJk-uvo HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESENp1TqVNhYyUZ5Ae-LTcS_M&google_cver=1&google_push=AZmPxg_f5q52iXqAlzMDavcTKscKasAz6zM1W6fGo2pu7GXNhk6AvBGICL7O4h1eC1PefQMLETJEakdjPDcgz81s3F-LdJk-uvo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzYyNDMxNzIxNzczMTgwMzk5MQ&google_push=AZmPxg_f5q52iXqAlzMDavcTKscKasAz6zM1W6fGo2pu7GXNhk6AvBGICL7O4h1eC1PefQMLETJEakdjPDcgz81s3F-LdJk-uvo

Request Chain 396

https://match.360yield.com/match/ebda?google_gid=CAESEAU0ugoTlMQOAttTUHIU6MU&google_cver=1&google_push=AZmPxg_4NPV0RiPihXEwuuLP2lzB4PAHbqOft_8wn69NfbTBGDFmlWqO9abjVxZNLf_5KEYFIBzB8r6TIM8g5kAAagkmB5VBF3Qj HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=ygwkyExkT3yLYCxHapnucA&google_push=AZmPxg_4NPV0RiPihXEwuuLP2lzB4PAHbqOft_8wn69NfbTBGDFmlWqO9abjVxZNLf_5KEYFIBzB8r6TIM8g5kAAagkmB5VBF3Qj

Request Chain 397

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESECR0Uj2ZjuSBjXCakigaAV0&google_cver=1&google_push=AZmPxg_y6cQBKB6VOrNsVRksSfz5nqu99TV3YkH2nTtAY4loZprrOFNtLO8fC71hKbMICAFgVTrNg9lc18cu2bA2G4z_1pGEBzw HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-4626b40a-488b-485d-9cd5-c06ab77d095c-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAZmPxg_y6cQBKB6VOrNsVRksSfz5nqu99TV3YkH2nTtAY4loZprrOFNtLO8fC71hKbMICAFgVTrNg9lc18cu2bA2G4z_1pGEBzw%26google_hm%3DA0YmtApIi0hdnNXAard9CVw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg_y6cQBKB6VOrNsVRksSfz5nqu99TV3YkH2nTtAY4loZprrOFNtLO8fC71hKbMICAFgVTrNg9lc18cu2bA2G4z_1pGEBzw&google_hm=A0YmtApIi0hdnNXAard9CVw

Request Chain 398

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEPt-ahUxnzb7zK6XLpbUgFQ&google_cver=1&google_push=AZmPxg8AGLMGJ2W9bz7k4M_7ThgGAIkElBU4WBnLXV4YUqmWF1g28JfZNUIcFb-c_OIvKYUSgTdEAVTkgWg-t1qM44PAYH1efDY65A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg8AGLMGJ2W9bz7k4M_7ThgGAIkElBU4WBnLXV4YUqmWF1g28JfZNUIcFb-c_OIvKYUSgTdEAVTkgWg-t1qM44PAYH1efDY65A HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 400

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEFVR3JfqG-IC0vJF5wQicBo&google_cver=1&google_push=AZmPxg8015nrEY9sTQ9UWyNj5pGOdYGdzd962VTFAG2STj-fMoekD6auM1s5OhR5opfbcTZmcS0WhUvGUrrizDhfYXmPaEsctiw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=EFpjKbVWQgCsHrwep4Kd4A&google_push=AZmPxg8015nrEY9sTQ9UWyNj5pGOdYGdzd962VTFAG2STj-fMoekD6auM1s5OhR5opfbcTZmcS0WhUvGUrrizDhfYXmPaEsctiw

Request Chain 404

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPgEbLYHE1SOq0rzP9gO7AQ&google_cver=1&google_push=AZmPxg-JPycodZCfc4WCxupgpj_BW1uZBUZt-_Nte_JOBl34NlCTHLeP2caBpoUPwviXe5J7JBL5i7nrrym5fM6lFx5uUnu8nU0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg-JPycodZCfc4WCxupgpj_BW1uZBUZt-_Nte_JOBl34NlCTHLeP2caBpoUPwviXe5J7JBL5i7nrrym5fM6lFx5uUnu8nU0&google_hm=MjE1MTE2MTM2ODc0Mzk5NzE1

Request Chain 405

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFfwMySZqm-WIoUnpcb-Ssc&google_cver=1&google_push=AZmPxg-UXziYKSDhhOr33CJid8vzndbGirY2i2cefJ7jXgUKw7w2qyWdBgfn7e0VGHilx7EmHAQGUbUm5gkdXWxTEvLW4Z3fLw HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFfwMySZqm-WIoUnpcb-Ssc&google_hm=Yym1VcH8vwiFSBs_qsoP7wAABLsAAAIB&google_nid=index&google_push=AZmPxg-UXziYKSDhhOr33CJid8vzndbGirY2i2cefJ7jXgUKw7w2qyWdBgfn7e0VGHilx7EmHAQGUbUm5gkdXWxTEvLW4Z3fLw

Request Chain 408

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEEI4zHIIHQ7xSCV1AuRh0Ig&google_cver=1&google_push=AZmPxg-KLjMQAN5zkrLdyx7FWchwM66xFLHhv6GceasOKyd0z1lKoTVX4TkBHHVeKky9T0BjkmFfDLUZXNqQculZOMjx0lWpPDux HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzY4NzY4ODU4MDcxNjc0MjMzNg==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEI4zHIIHQ7xSCV1AuRh0Ig&google_cver=1

Request Chain 410

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEKctdFDIOco2K4n5TOftVmQ&google_cver=1&google_push=AZmPxg_7M_mTt_NZqDz_FY62UjcOs0RqQ86f5WVgfVqZVRNL62Wuvx0g5m7Qc8GDmludUirBLkJHYo0rLIwuROL7fswl71Eqqof1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE0NTQ0MTY2MDQ4MzY2NDAyNQ%3D%3D&google_push=AZmPxg_7M_mTt_NZqDz_FY62UjcOs0RqQ86f5WVgfVqZVRNL62Wuvx0g5m7Qc8GDmludUirBLkJHYo0rLIwuROL7fswl71Eqqof1

Request Chain 411

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPgEbLYHE1SOq0rzP9gO7AQ&google_cver=1&google_push=AZmPxg9pQNrFrzFBW1vE0s5tbFiVoK0hKVoj0GOT9vzgS_e92raCz28PMsqed-fnqNrxRIdHJJhgEdLBKuxHgEwTvbtaHYRpbuPI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg9pQNrFrzFBW1vE0s5tbFiVoK0hKVoj0GOT9vzgS_e92raCz28PMsqed-fnqNrxRIdHJJhgEdLBKuxHgEwTvbtaHYRpbuPI&google_hm=MjE1MTE2MTM2ODc0Mzk5NzE1

Request Chain 413

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEPt-ahUxnzb7zK6XLpbUgFQ&google_cver=1&google_push=AZmPxg-rLAQvqgVS08-Vt-ON1T-GpHaSOMD61DcKFmK-ToLYWHVy4QTI7IPXi_pI3imNI7dJWG7DZ4A47wj-uDDFEtbKM6xDF5Ev HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg-rLAQvqgVS08-Vt-ON1T-GpHaSOMD61DcKFmK-ToLYWHVy4QTI7IPXi_pI3imNI7dJWG7DZ4A47wj-uDDFEtbKM6xDF5Ev

Request Chain 414

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEPt-ahUxnzb7zK6XLpbUgFQ&google_cver=1&google_push=AZmPxg-TVaqR5G7Xbye1NPJdha0dcUm1x1uTkl2Zk91YK31Roz7l6rN_XsfQB754VHGPUGnPWDf3g5Ss2FzVPc8swMY1td323UwC HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg-TVaqR5G7Xbye1NPJdha0dcUm1x1uTkl2Zk91YK31Roz7l6rN_XsfQB754VHGPUGnPWDf3g5Ss2FzVPc8swMY1td323UwC HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 465

https://gum.criteo.com/sid/json?origin=publishertag&domain=walla.co.il&sn=ChromeSyncframe&so=0&topUrl=www.walla.co.il&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=ksketnw4VnFEMEl6QVRpcStkTzc4a1M1ODVFeFVHRDJuQWNKSXdPOXlkcHExWGJtQXp5NkF6elVBOEZIdnNzYkpKN1RJK3JwaldiNUduQnVmUFQ4N0pab1plb0c5K1dxamFqSXBnazNCY1gzU3R4SWF4T1NhcWJhbTVISjJ1d1FxV215QUVDMGR0N1gxckMvTmVIVGhjYXV2OTZ5N1REY0dEa2NkUjcvT05JNWNlR0xDcllGYXhRR0RKeU1WWVJxaGpCQVBSS2hpUmk3WGh3ZXk5a0ticEplbjNxSWJ0ZDhlb0M1b3l1MmpSZU56QWhlV1BSdFRnWDFmTSthSGJjWWhGTDJQaFpxaUJOSmU4ZEpoUXRXcVIrZ2VCZz09fA&cppv=2

Request Chain 466

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.walla.co.il%2F&domain=www.walla.co.il&cw=1&pbt=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=gtUyH3xZUmtCT2pIYkRIWWFyOXJQWVpmb3pBTFNOeHJqMVlJMmhRUWs0ZFlOSTEyUDhqMjQ0dXRwWmtRaWtXdHd4U2x5cGVnazdkWTJWN3pHSEJMa0NmelpOU2draWI2Uk5KZ3hRMndTc01VUVJqMFhvb1RDSGYwOFJRakhHbnRReWpSU0o0c2tJUjkrVnlNUEIvcnA3MmxtaWF1S0IwYmZ6N3JaY2c0dFM2L1dNQkdxamlxNlVteXhhcWljc2d5OWFmeFJCc0RsMTJwaGMwemF1UmRJeTJUNmtzWStUR2RtVWU4RWdsUWFqUXVZSy9KN0dMbEJQSXZGclRoTm5LQldGd3FPV2hndnE4QjU3L2ZJc3FlYXVsWUpnT0tsdWc4Mmx6bFJRZHkvZFFjd1VaOD18&cppv=2

Request Chain 487

https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent= HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/freewheel/c78d34d8bca6f4128348c719eaa4f4

Request Chain 489

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yym1VcH8vwiFSBs_qsoP7wAABLsAAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yym1VcH8vwiFSBs_qsoP7wAABLsAAAIB&dcc=t

Request Chain 490

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yym1VcH8vwiFSBs_qsoP7wAABLsAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEFfwMySZqm-WIoUnpcb-Ssc&google_cver=1

Request Chain 491

https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=207039819888687976

Request Chain 492

https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]

Request Chain 493

https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5144588521474576935

Request Chain 495

https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=BfyTAFIR1OACAE5

Request Chain 498

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFUnC7bmH380KyQprQsG0CA&google_cver=1

Request Chain 499

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTliMTFlNzgwZTgxZTA3ZjEzYjgzMGZjZGExMzc3ZjNhMjA2ODVmZQ

Request Chain 501

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhBNlNNWlYtMjItRzBLTg==

Request Chain 502

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=w63W6IcmTQKloMhwGDy8Zw&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=w63W6IcmTQKloMhwGDy8Zw

Request Chain 503

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/b-ozZ2dRAxKw2VPWlAxkSMn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=215116136874399715

Request Chain 504

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8A6SMZV-22-G0KN

Request Chain 505

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=WQlTgt0VSFmbqE0oHExfRQ&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=WQlTgt0VSFmbqE0oHExfRQ

Request Chain 506

https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 302
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=6f422dd2eeeb0011dd32bcb9da9bfb2c

Request Chain 509

https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid] HTTP 302
https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1

Request Chain 514

https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID&__user_check__=1&sync_id=c51f4118-38e1-11ed-8b3c-180e33a50306 HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/spotx/c51f40b6-38e1-11ed-8b3c-180e33a50306

Request Chain 515

https://b1sync.zemanta.com/usersync/smilewanted?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Foutbrain%2F__ZUID__ HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0

Request Chain 518

https://csync.loopme.me/?redirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Floopme%2F%7Bdevice_id%7D&gdpr=0&gdpr_consent= HTTP 307
https://csync.smilewanted.com/set_partner_userid_get/loopme/73ee6fc7-942c-467a-952e-5f861e3fcef4?gdpr_consent=null&gdpr=0

519 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.walla.co.il/
Redirect Chain

https://midhle.fun/ii/is/il
https://midhle.fun/ii/is/il/
https://www.walla.co.il/

689 KB
320 KB

40ms
10ms

Document
text/html

52.222.236.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-78.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 2cc3d2ac988f04ee927611a3b0ac813d8e43a71b643846b4d957b54e3176543b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 15
cache-control: public, max-age=30
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 20 Sep 2022 12:42:42 GMT
etag: W/"ac447-uTkNxgw2fYk8vZ+IA/xx3FUuLsY"
server: openresty/1.15.8.1
vary: Accept-Encoding
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
x-amz-cf-id: U7qM_1_MFya58oBphib5nJI9nMjRG27SwMqWZcmJeHH5rHIz3CfL-A==
x-amz-cf-pop: FRA56-P4
x-cache: Hit from cloudfront
x-cached: HIT

Redirect headers

cache-control: no-cache, no-store, must-revalidate, max-age=0
content-length: 0
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Tue, 20 Sep 2022 12:42:57 GMT
location: https://www.walla.co.il/
platform: hostinger
server: LiteSpeed
x-content-type-options: nosniff
x-powered-by: PHP/7.4.30
x-xss-protection: 1; mode=block

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 80 KB
28 KB 56ms
21ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce48a63a4c7cfe80f750b7d64065936bfe1bc356b3a0e0857485a2a9c30c4184

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:42:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27725
x-xss-protection: 0
server: sffe
etag: "1339 / 799 of 1000 / last-modified: 1663672285"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 20 Sep 2022 12:42:57 GMT

GET
H2 200 chartbeat_mab.js Show response
static.chartbeat.com/js/ 23 KB
10 KB 72ms
8ms Script
application/x-javascript 2600:9000:2240:ea00:18:1fcd:351:7bc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_mab.js
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:ea00:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 11:19:29 GMT
content-encoding: gzip
last-modified: Wed, 20 Jul 2022 00:57:56 GMT
server: nginx
age: 5008
etag: W/"62d75314-5d6b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 fd4a8fa7c304171992e7f22fc8894904.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: oe62B5If2x9GErdgXNV34pqodgacoGTszRF13b705LS2RUAvvQJBvA==
expires: Tue, 20 Sep 2022 13:19:29 GMT

GET
H2 200 new-logo-mobile.svg
www.walla.co.il/public/assets/homepage2/ 1 KB
968 B 8ms
8ms Image
image/svg+xml 52.222.236.78
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/homepage2/new-logo-mobile.svg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-78.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: a1cb876b8d4ac161aa3960063801ce2a3e1f893863524b9132de74867fe9d16b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 07:27:44 GMT
content-encoding: gzip
last-modified: Tue, 20 Sep 2022 06:56:07 GMT
server: openresty/1.15.8.1
age: 18913
etag: W/"473-18359aebb58"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: WvM6xYEygmrNnTJBNCNrDR-SwquxrZYpTtzAUA9Ig-_AFUMbEsddIA==
x-cached: MISS

GET
H2 200 icon-weather-mobile.svg
www.walla.co.il/public/assets/icons/ 2 KB
1 KB 10ms
10ms Image
image/svg+xml 52.222.236.78
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/icons/icon-weather-mobile.svg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-78.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: fd3121a04a4b745f71058c38f7902b207de37f86aa3a9674eda80a2baf366382

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 07:27:41 GMT
content-encoding: gzip
last-modified: Tue, 20 Sep 2022 06:56:08 GMT
server: openresty/1.15.8.1
age: 18916
etag: W/"7ee-18359aebf40"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: OrRDXvA_6Y7SRMMFkzYGaEVQ3EoWp_Kk1hiyGzpKB8tFnqtw8T2vSA==
x-cached: MISS

GET
H2 200 icon-mail-no-bg.svg
www.walla.co.il/public/assets/homepage2/ 464 B
824 B 8ms
8ms Image
image/svg+xml 52.222.236.78
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/homepage2/icon-mail-no-bg.svg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-78.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 50795dddaa17612e809ddf339489bc1fdff6f7bcc76115ba6eeb17eccb68eb47

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 07:27:42 GMT
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
last-modified: Tue, 20 Sep 2022 06:56:07 GMT
server: openresty/1.15.8.1
age: 18915
etag: W/"1d0-18359aebb58"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
content-length: 464
x-cached: MISS
x-amz-cf-id: 122MZW1y42sCMO0IXI7mpRVdlFRmD9fUVm3JukyXboWOCBUSkWNBSg==

GET
H2 200 new-logo.svg
www.walla.co.il/public/assets/homepage2/ 1 KB
992 B 8ms
8ms Image
image/svg+xml 52.222.236.78
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/homepage2/new-logo.svg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-78.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: a0321d7f4006d1ef24eb6f33f7252ab8bcbb9237a56c49aad5abe30b085ae3fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 07:27:42 GMT
content-encoding: gzip
last-modified: Tue, 20 Sep 2022 06:56:07 GMT
server: openresty/1.15.8.1
age: 18915
etag: W/"492-18359aebb58"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: 9QyB83xvxDYVFoogQUzuQwj_9oXikx0jgK-ZBl_mf7mzjGAHIu2Qjg==
x-cached: MISS

GET
H2 200 allay-icon.svg
www.walla.co.il/public/assets/icons/ 3 KB
2 KB 8ms
8ms Image
image/svg+xml 52.222.236.78
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/icons/allay-icon.svg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-78.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 06629d4561f4f5300f64a9bd017f09f07617d10fe67e3c82feabd39d52aad534

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 07:27:42 GMT
content-encoding: gzip
last-modified: Tue, 20 Sep 2022 06:56:08 GMT
server: openresty/1.15.8.1
age: 18915
etag: W/"c00-18359aebf40"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: 5CtuJx1gS5ZlU0rY2fB7EtCkuzlWAQc70Gn5szGVHboT6jA9fp3kVQ==
x-cached: MISS

GET
H2 200 yad2.png
www.walla.co.il/public/assets/icons/ 1 KB
1 KB 9ms
9ms Image
image/png 52.222.236.78
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/icons/yad2.png
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-78.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: a374b60100f2559a33f142d53bf332d5efad58e505683bff5cf0523abacc0274

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 07:27:42 GMT
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
last-modified: Tue, 20 Sep 2022 06:56:08 GMT
server: openresty/1.15.8.1
age: 18915
etag: W/"488-18359aebf40"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
content-length: 1160
x-cached: MISS
x-amz-cf-id: yBxoiq3PdxZnNfjBFpblSkj5aPW4VFchhqDvwPwV11sc4Jbj9mR7WQ==

GET
H2 200 3437389-46.jpeg
images.wcdn.co.il/f_auto,q_auto,w_700,t_54/3/4/3/7/ 32 KB
33 KB 46ms
10ms Image
image/avif 18.66.122.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wcdn.co.il/f_auto,q_auto,w_700,t_54/3/4/3/7/3437389-46.jpeg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-88.fra60.r.cloudfront.net
Software: cloudinary /
Resource Hash: 472405e56a883bd892e0e2cf73f787d5ac7b8f5bea82679f6d9db83b67a5a873

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:04:02 GMT
via: 1.1 varnish, 1.1 7b314c2b827b3a655861e27775634208.cloudfront.net (CloudFront)
age: 2335
edge-cache-tag: 354983491309042744043011601168451177645,118291521066828225852529435541574966377,d2bce9e04f88d43dd8350e859c701704
cache-tag: 354983491309042744043011601168451177645,118291521066828225852529435541574966377,d2bce9e04f88d43dd8350e859c701704
status: 200 OK
x-cache: Hit from cloudfront
content-length: 33108
x-request-id: d8a9dc9ac09b5104ec60c3f00e79b98d
x-served-by: cache-iad-kjyo7100165-IAD
last-modified: Tue, 20 Sep 2022 12:04:03 GMT
server: cloudinary
x-timer: S1663675441.376729,VS0,VE1272
etag: "293e97da9fb3727ca3a051ff32ffddb4"
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: h5iVcgASUGcYAHvRZ8XJDhY8iJwiqwFiBPi3rA4Wdswp87vB3WCb1g==
x-cache-hits: 0

GET
H2 200 invalid-name2.svg
www.walla.co.il/public/assets/shivuki/ 2 KB
1 KB 8ms
8ms Image
image/svg+xml 52.222.236.78
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/shivuki/invalid-name2.svg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-78.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: ce3152168290b1b92efe3a9ec4ee91acf3b91397b117aecaa158ae938bb826f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 07:27:42 GMT
content-encoding: gzip
last-modified: Tue, 20 Sep 2022 06:56:07 GMT
server: openresty/1.15.8.1
age: 18915
etag: W/"834-18359aebb58"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: OHy1rgy1DqJIwMrUJK5RVduUsPIn4_gAqjfSCawfQ8GM3smCyVQZdg==
x-cached: MISS

GET
H2 200 103fm.png
www.walla.co.il/public/assets/homepage2/radio-stations/ 895 B
1 KB 13ms
13ms Image
image/png 52.222.236.78
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/homepage2/radio-stations/103fm.png
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-78.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: e28df0d1ecf0a67bfe7db32c3aafada6f839721734581e6a36cd5a5fcdf55fdb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 07:27:42 GMT
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
last-modified: Tue, 20 Sep 2022 06:56:07 GMT
server: openresty/1.15.8.1
age: 18915
etag: W/"37f-18359aebb58"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
content-length: 895
x-cached: MISS
x-amz-cf-id: PMf87rV9GDmC457ATAnILq8Ibz6hUDKYRZefMq9S6LAcB_3OuGKngw==

GET
H2 200 99fm.png
www.walla.co.il/public/assets/homepage2/radio-stations/ 933 B
1 KB 13ms
13ms Image
image/png 52.222.236.78
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/homepage2/radio-stations/99fm.png
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-78.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 3008b4354e1b60f29f320cfa65b9725167ad632656392673a4785d836bf3f14d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 07:27:42 GMT
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
last-modified: Tue, 20 Sep 2022 06:56:07 GMT
server: openresty/1.15.8.1
age: 18915
etag: W/"3a5-18359aebb58"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
content-length: 933
x-cached: MISS
x-amz-cf-id: y2b2muQyb9T_pmGwIyuERZVgjHo7td5uqN5cK5_ASsO74v6ICcIa2Q==

GET
H2 200 3434244-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_100/3/4/3/4/ 30 KB
31 KB 19ms
14ms Image
image/avif 18.66.122.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wcdn.co.il/f_auto,q_auto,w_300,t_100/3/4/3/4/3434244-46.jpg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-88.fra60.r.cloudfront.net
Software: cloudinary /
Resource Hash: 22e87bfe88b71349a9d80f50778376e01fa8a2062464c7c48f21c503c166926d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 06:20:31 GMT
via: 1.1 varnish, 1.1 7b314c2b827b3a655861e27775634208.cloudfront.net (CloudFront)
age: 454946
edge-cache-tag: 144317404047534465122736487520654077806,425792032652047450413919300283245243783,d2bce9e04f88d43dd8350e859c701704
cache-tag: 144317404047534465122736487520654077806,425792032652047450413919300283245243783,d2bce9e04f88d43dd8350e859c701704
status: 200 OK
x-cache: Hit from cloudfront
content-length: 31076
x-request-id: 22dc9f8810969ecc1a2c844fd4dc0ea6
x-served-by: cache-iad-kjyo7100032-IAD
last-modified: Thu, 15 Sep 2022 06:20:32 GMT
server: cloudinary
x-timer: S1663222830.778076,VS0,VE1250
etag: "3611da0d3f1ac09dee4bd37a0c12194b"
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: ghp1cLjgKnUQwJSCkv4NE6j776RZnVVqvrtTVOemXbhUhjGF5KTsew==
x-cache-hits: 0

GET
H2 200 3278031-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_100,t_53/3/2/7/8/ 3 KB
4 KB 20ms
14ms Image
image/avif 18.66.122.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wcdn.co.il/f_auto,q_auto,w_100,t_53/3/2/7/8/3278031-46.jpg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-88.fra60.r.cloudfront.net
Software: cloudinary /
Resource Hash: 102ffb4dd24255e7ecb5770c868012b9897d59a9e91b6db5193dfbc6c913ab10

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 06:47:16 GMT
via: 1.1 varnish, 1.1 7b314c2b827b3a655861e27775634208.cloudfront.net (CloudFront)
age: 21341
edge-cache-tag: 211292865708666468070192749255502048778,126791851644153346182560705225699570347,d2bce9e04f88d43dd8350e859c701704
cache-tag: 211292865708666468070192749255502048778,126791851644153346182560705225699570347,d2bce9e04f88d43dd8350e859c701704
status: 200 OK
x-cache: Hit from cloudfront
content-length: 3079
x-request-id: 9dcdc3c8dd777359bfa70196b01899ab
x-served-by: cache-iad-kjyo7100156-IAD
last-modified: Tue, 20 Sep 2022 06:47:17 GMT
server: cloudinary
x-timer: S1663656434.163188,VS0,VE2611
etag: "796d354ea5ba2fdf9093c68cea540032"
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: gX1GxbkIC-0GDS53gvPaU8I7FStFa_RYaieRi-LDildBtklvaAQY4A==
x-cache-hits: 0

GET
H2 200 3341171-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_100,t_53/3/3/4/1/ 4 KB
5 KB 20ms
15ms Image
image/avif 18.66.122.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wcdn.co.il/f_auto,q_auto,w_100,t_53/3/3/4/1/3341171-46.jpg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-88.fra60.r.cloudfront.net
Software: cloudinary /
Resource Hash: d77d27666cbecfe4cd9149a720ac6abe85c7cae793ae3c90fbfbb608df84d54d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 06:48:20 GMT
via: 1.1 varnish, 1.1 7b314c2b827b3a655861e27775634208.cloudfront.net (CloudFront)
age: 21277
edge-cache-tag: 427256996032750856864594949422871261604,126791851644153346182560705225699570347,d2bce9e04f88d43dd8350e859c701704
cache-tag: 427256996032750856864594949422871261604,126791851644153346182560705225699570347,d2bce9e04f88d43dd8350e859c701704
status: 200 OK
x-cache: Hit from cloudfront
content-length: 4386
x-request-id: 783865d3ebad0f02bff634e75595f089
x-served-by: cache-iad-kiad7000114-IAD
last-modified: Tue, 20 Sep 2022 06:48:21 GMT
server: cloudinary
x-timer: S1663656500.088393,VS0,VE734
etag: "e058d4498910311c89f1e7317465267b"
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: Bi6Ws1sCX0BixY1JH68zVo6oYxI52t-Q6vtOq88MBbWtpXepHIw_rA==
x-cache-hits: 0

GET
H2 200 3125231-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/1/2/5/ 3 KB
4 KB 21ms
15ms Image
image/avif 18.66.122.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/1/2/5/3125231-46.jpg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-88.fra60.r.cloudfront.net
Software: cloudinary /
Resource Hash: 29b19848d6b6ea79a53b959f7a6bf562416f24918b77ebc92340c5760d4c551f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 17:31:48 GMT
via: 1.1 varnish, 1.1 7b314c2b827b3a655861e27775634208.cloudfront.net (CloudFront)
age: 1019469
edge-cache-tag: 398532651476386092883619867471590545263,212496020108147977840311483917559093332,d2bce9e04f88d43dd8350e859c701704
cache-tag: 398532651476386092883619867471590545263,212496020108147977840311483917559093332,d2bce9e04f88d43dd8350e859c701704
x-cache: Hit from cloudfront
content-length: 3544
x-served-by: cache-iad-kjyo7100161-IAD
last-modified: Mon, 21 Feb 2022 07:07:58 GMT
server: cloudinary
x-timer: S1662658309.792310,VS0,VE79
etag: "5be07cdbb5ccc19d28d434a279884999"
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: d_nifJAbykgueqhTwyRokIEYMkOUmGyTTzbwarBsvGqXRfr1thjiSA==
x-cache-hits: 0

GET
H2 200 3425986-46.jpg
images.wcdn.co.il//3/4/2/5/ 35 KB
36 KB 24ms
19ms Image
image/jpeg 18.66.122.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wcdn.co.il//3/4/2/5/3425986-46.jpg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-88.fra60.r.cloudfront.net
Software: cloudinary /
Resource Hash: e90afefe008174901648b6984e3849d61ab51fcd2f9c260cb182f1b9eded2b4f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 13:08:35 GMT
via: 1.1 varnish, 1.1 7b314c2b827b3a655861e27775634208.cloudfront.net (CloudFront)
age: 1985662
edge-cache-tag: 354062088052095449999837282067072178970,d2bce9e04f88d43dd8350e859c701704
cache-tag: 354062088052095449999837282067072178970,d2bce9e04f88d43dd8350e859c701704
x-cache: Hit from cloudfront
content-length: 35924
x-served-by: cache-lga21964-LGA
last-modified: Thu, 25 Aug 2022 07:06:31 GMT
server: cloudinary
x-timer: S1661692115.029574,VS0,VE1
etag: "e8ad9a497fd64fdf8908a78fca482108"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: tXi0Z48m6FhvDYY7tdBxJKJjwt7FVK6IKFbJCNVCk2-rGnyRGCyPyQ==
x-cache-hits: 1

GET
H2 200 liga-banner-desktop.png
www.walla.co.il/public/assets/sport/ 294 KB
295 KB 17ms
12ms Image
image/png 52.222.236.78
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/sport/liga-banner-desktop.png
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-78.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 8674c690e379aa2d7f8f84624402dc41902336d4c7044a931e34e247839463a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 07:27:42 GMT
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
last-modified: Tue, 20 Sep 2022 06:56:08 GMT
server: openresty/1.15.8.1
age: 18914
etag: W/"499a6-18359aebf40"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
content-length: 301478
x-cached: MISS
x-amz-cf-id: eizcmV5T5oWsKoNoejixWy0-6xXkvvDNKuTCr7NyW3vHWCRLIKHv1Q==

GET
H2 200 mishpati.png
www.walla.co.il/public/assets/icons/homepage/ 4 KB
4 KB 87ms
82ms Image
image/png 52.222.236.78
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/icons/homepage/mishpati.png
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-78.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 03baca21d7a98bc118436bcb698ecaafefff81373d472afdf259fdfe3f5c1a03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 07:27:42 GMT
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
last-modified: Tue, 20 Sep 2022 06:56:08 GMT
server: openresty/1.15.8.1
age: 18915
etag: W/"f8c-18359aebf40"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
content-length: 3980
x-cached: MISS
x-amz-cf-id: YBYJ44WBuJz7boetldqB3oTsG8MH6VOnoZlqt7FnifyxmD8hebynLQ==

GET
H2 200 3329203-46.png
img.wcdn.co.il/f_auto,w_66/3/3/2/9/ 732 B
1 KB 487ms
21ms Image
image/png 13.224.103.96
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.wcdn.co.il/f_auto,w_66/3/3/2/9/3329203-46.png
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.103.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-96.zrh50.r.cloudfront.net
Software: cloudinary /
Resource Hash: de6bf035e9195f0b9f69ddc8a8a0431deaa22504c56412d03dd103beb35ab2d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 01:00:39 GMT
via: 1.1 varnish, 1.1 449f2b51e83bf8ba5fa5e65ce60bc276.cloudfront.net (CloudFront)
age: 1338139
edge-cache-tag: 315444705734958248972687902270172938779,275138840448101508428674266858349850681,d2bce9e04f88d43dd8350e859c701704
cache-tag: 315444705734958248972687902270172938779,275138840448101508428674266858349850681,d2bce9e04f88d43dd8350e859c701704
x-cache: Hit from cloudfront
content-length: 732
x-served-by: cache-iad-kiad7000160-IAD
last-modified: Mon, 03 Jan 2022 09:47:54 GMT
server: cloudinary
x-timer: S1662339640.598740,VS0,VE1
etag: "79624ac971cffa490d9827a952393183"
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: m2IbQgw30gZHLODqsQ7yLnvpoBOTGzBcK9O52OmMVOaK9QrPwWyUyw==
x-cache-hits: 1

GET
H2 200 career.jpg
www.walla.co.il/public/assets/icons/homepage/ 3 KB
3 KB 50ms
46ms Image
image/jpeg 52.222.236.78
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/icons/homepage/career.jpg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-78.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: edd4d9c515c398baf420a025641816721bdc7f67945144fe15a1058f6c75e667

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 07:27:43 GMT
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
last-modified: Tue, 20 Sep 2022 06:56:08 GMT
server: openresty/1.15.8.1
age: 18914
etag: W/"be7-18359aebf40"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
content-length: 3047
x-cached: MISS
x-amz-cf-id: 4KOle1WLjc7ur1SkxflXPewxgm2trs2cKsj4lY5UwdPldT4fJ7IFIw==

GET
H2 200 mazaltov-logo-new.png
www.walla.co.il/public/assets/icons/homepage/ 2 KB
3 KB 87ms
83ms Image
image/png 52.222.236.78
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/icons/homepage/mazaltov-logo-new.png
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-78.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 9c2fff24329f1fe904135f52256900469efd1e77ae3da4b0f528094cd2123e1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 07:27:42 GMT
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
last-modified: Tue, 20 Sep 2022 06:56:08 GMT
server: openresty/1.15.8.1
age: 18915
etag: W/"9ce-18359aebf40"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
content-length: 2510
x-cached: MISS
x-amz-cf-id: RMMWnmZGR7DLOLVB-Y6AFf0MPRaA3DxmwyZWngiLwC5uPAhKOq5qeA==

GET
H2 200 new-logo-walla-negativ.png
www.walla.co.il/public/assets/icons/ 636 B
991 B 86ms
83ms Image
image/png 52.222.236.78
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/icons/new-logo-walla-negativ.png
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-78.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: f6a69ae74374cd68efa0256c89a99d1cccbb7095e33ffb88d1ae54ee900d4741

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 07:27:43 GMT
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
last-modified: Tue, 20 Sep 2022 06:56:08 GMT
server: openresty/1.15.8.1
age: 18914
etag: W/"27c-18359aebf40"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
content-length: 636
x-cached: MISS
x-amz-cf-id: HCFNN0OUf5kuLpWa_uzIp630Bf6WtIz7DalRYzEXejeG32mwY1d0dg==

GET
H2 200 148_248b4149632420b886ad_248b4149632420b886ad_walla.js Show response
www.walla.co.il/public/ 11 KB
4 KB 50ms
46ms Script
application/javascript 52.222.236.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.walla.co.il/public/148_248b4149632420b886ad_248b4149632420b886ad_walla.js
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-78.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: bdf39a7fddcfb048c35c871282ce0f1de7866e18be3cf1353da9262b509fa0e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 07:27:43 GMT
content-encoding: gzip
last-modified: Tue, 20 Sep 2022 06:58:27 GMT
server: openresty/1.15.8.1
age: 18914
etag: W/"2b34-18359b0de38"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: p7HyonyK8lZWQ25Gk6rcS4p2ZfZSLWs4AiBgS-Uuv0QyFWry4UFzIg==
x-cached: MISS

GET
H2 200 666_344b9d6cd4dc223b3fd7_344b9d6cd4dc223b3fd7_walla.js Show response
www.walla.co.il/public/ 307 KB
100 KB 51ms
48ms Script
application/javascript 52.222.236.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.walla.co.il/public/666_344b9d6cd4dc223b3fd7_344b9d6cd4dc223b3fd7_walla.js
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-78.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: df9948d64acb00c120474d93397e7ef48d77429e60cfbb602a5440fccfd2cc6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 07:27:41 GMT
content-encoding: gzip
last-modified: Tue, 20 Sep 2022 06:58:27 GMT
server: openresty/1.15.8.1
age: 18916
etag: W/"4cdba-18359b0de38"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: pLvAzM2VdFjFtC1A652VF6ycRI78uUbbqWhZMT0Oqz_Wyjtcor0xAw==
x-cached: MISS

GET
H2 200 main_e959bb8b9b5abfde44a9_e959bb8b9b5abfde44a9_walla.js Show response
www.walla.co.il/public/ 1 MB
257 KB 60ms
57ms Script
application/javascript 52.222.236.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.walla.co.il/public/main_e959bb8b9b5abfde44a9_e959bb8b9b5abfde44a9_walla.js
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-78.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 670e28e9bbd70620a1efb786fc54bd788f1d9e1a995002c535c87d78c1bb4bd5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 07:27:41 GMT
content-encoding: gzip
last-modified: Tue, 20 Sep 2022 06:58:27 GMT
server: openresty/1.15.8.1
age: 18916
etag: W/"11ba67-18359b0de38"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: fgLHiUfmu_WhjeuifGivuM_wOy1Qrh49CHN1VaX8B5SWNARH2tKLcw==
x-cached: MISS

GET
H2 200 homepage_f77159f238301080b416_f77159f238301080b416_walla.js Show response
www.walla.co.il/public/ 253 KB
49 KB 82ms
79ms Script
application/javascript 52.222.236.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.walla.co.il/public/homepage_f77159f238301080b416_f77159f238301080b416_walla.js
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-78.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 0683bcc8a763a2b2df502ed324958373a6aca0c9a9cf9b7c97e3bd389584bc4f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 07:27:42 GMT
content-encoding: gzip
last-modified: Tue, 20 Sep 2022 06:58:27 GMT
server: openresty/1.15.8.1
age: 18915
etag: W/"3f222-18359b0de38"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: EXAbw0PbGugvyI5IoPD5lakk3vWbY0hYKFU3sXOshj-R3PyRXv4TEw==
x-cached: MISS

GET
H2 200 pubads_impl_2022091501.js Show response
securepubads.g.doubleclick.net/gpt/ 376 KB
128 KB 57ms
13ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091501.js?cb=31069671

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2838ada1a2e98ea67fbff5622ae6dbc293c5cae3f50be29febaa03b9a4bd8627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Tue, 20 Sep 2022 09:53:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10154
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 130101
x-xss-protection: 0
last-modified: Thu, 15 Sep 2022 08:34:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 20 Sep 2023 09:53:43 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 926 B
936 B 83ms
48ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.walla.co.il

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c71e3a6115b72afd9b3e67dfaf7a93fc16df44c968b5752c91871dee966cd92b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Sep 2022 12:42:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 300
x-xss-protection: 0
expires: Tue, 20 Sep 2022 12:42:57 GMT

GET
H2 200 walla-v2-prod.js Show response
cdn.valuad.cloud/hb/ 893 KB
242 KB 569ms
99ms Script
application/javascript 205.185.216.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1663632000000

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

ac1fdaf62e867419d7354517d0c520e7dbb1039c7e01af281193217e79ee6dbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:42:58 GMT
content-encoding: gzip
last-modified: Mon, 19 Sep 2022 12:15:08 GMT
x-amz-request-id: tx000000000000017eba6d8-006329af32-2b9df863-fra1a
etag: "d0d143d47db18c6d5dd1cdbb5c80bf9f"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1663677778.dop017.fr8.t,1663677778.cds212.fr8.hn,1663677778.cds261.fr8.c
content-type: application/javascript
cache-control: public, max-age=86400
x-rgw-object-type: Normal
strict-transport-security: max-age=15552000; includeSubDomains; preload
accept-ranges: bytes
content-length: 246975

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 97 KB
29 KB 479ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67D3) /
Resource Hash: 8f4fc0f336126492b535be2e0b29fbb538a3079547d19a81368aec9268a54f26

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 20 Sep 2022 12:42:58 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 1190
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length: 29220
x-tw-cdn: VZ
Last-Modified: Wed, 31 Aug 2022 20:41:50 GMT
Server: ECS (frb/67D3)
Etag: "f116c7e6b28e2aebeb60ade5bdc8e2b4+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 384 KB
76 KB 511ms
45ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T728TH

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

75e7c02a25230eda76c7dc28af50c068762489766acc291678d689d060d22381

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:42:58 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 77911
x-xss-protection: 0
last-modified: Tue, 20 Sep 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 20 Sep 2022 12:42:58 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 429 KB
62 KB 489ms
22ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WGMK7ZS

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1bd6ccbccc24d8f396e2372e1ab7752426f07b666b866e905971a488c755bed4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:42:58 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63205
x-xss-protection: 0
last-modified: Tue, 20 Sep 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 20 Sep 2022 12:42:58 GMT

GET
H2 200 wallawb.js Show response
cf.dxmcdn.com/dta/ 4 KB
2 KB 473ms
12ms Script
application/javascript 2600:9000:2240:0:11:da61:a100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cf.dxmcdn.com/dta/wallawb.js
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:0:11:da61:a100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 94c0a6a1ca27813a96c8286b7e1e6dee5b6af23babad416606784366748417b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 09:58:22 GMT
content-encoding: gzip
last-modified: Sun, 29 May 2022 13:46:35 GMT
server: AmazonS3
age: 9877
etag: W/"c6a8b1a7ee5ce83efe089c14c99eefad"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
x-amz-version-id: qZmD6iSiSNKopHEgv3XRn4Et4epkBb1Z
via: 1.1 8c08c39035033b8c904aa0e3f734d6c6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
content-type: application/javascript
x-amz-cf-id: pzUQtEFqK5y4TPX_sN_8Nx306mnQ1fw8kHPdgalTvJTHFs6R6y54jQ==

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 37 KB
15 KB 15ms
13ms Script
application/x-javascript 2600:9000:2240:ea00:18:1fcd:351:7bc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:ea00:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 300706e57de1a7af148bd670379c4b39bb36dda8160e42d92747a3139af37816

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:36:18 GMT
content-encoding: gzip
last-modified: Wed, 20 Jul 2022 00:50:34 GMT
server: nginx
age: 399
etag: W/"62d7515a-933f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 fd4a8fa7c304171992e7f22fc8894904.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: 7p1IiQeGzpF4qWCp15KI-x6-uVMAkNGqghfpDvbavM_AX4hHVxuqZA==
expires: Tue, 20 Sep 2022 14:36:18 GMT

GET
H2 200 google.gif
www.walla.co.il/public/assets/icons/ 1 KB
2 KB 81ms
80ms Image
image/gif 52.222.236.78
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/icons/google.gif
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-78.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: a9556451882c7b86d689ee82a86c2b360cf0acea6d92a4165c80054371e52336

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 07:27:43 GMT
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
last-modified: Tue, 20 Sep 2022 06:56:08 GMT
server: openresty/1.15.8.1
age: 18914
etag: W/"5b6-18359aebf40"
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
content-length: 1462
x-cached: MISS
x-amz-cf-id: K3r8ojiPuRECXRhwAJP7OZU1Gmsmo4U4uri_oLJr1fGTWsTiz6C7IA==

GET
H2 200 icon-serch.svg
www.walla.co.il/public/assets/homepage2/ 743 B
1 KB 82ms
81ms Image
image/svg+xml 52.222.236.78
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/homepage2/icon-serch.svg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-78.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: b7ee2e2c1f36198a263d4d442d6752e78d61fecd54473cb5c1c3dbb8b6053817

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 07:27:43 GMT
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
last-modified: Tue, 20 Sep 2022 06:56:07 GMT
server: openresty/1.15.8.1
age: 18914
etag: W/"2e7-18359aebb58"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
content-length: 743
x-cached: MISS
x-amz-cf-id: p7xXcCwVvQ1Rfen7niEtQIOLeJwla0WbD9ZnElvZynWIf5KaHBvZGw==

GET
H2 200 icon-liga.svg
www.walla.co.il/public/assets/icons/ 7 KB
4 KB 80ms
79ms Image
image/svg+xml 52.222.236.78
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/icons/icon-liga.svg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-78.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 748c85ee7f2c3a5842e80fd14986b4354b89dd8f121d2aa0f2f1efc0d5ed8807

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 07:27:43 GMT
content-encoding: gzip
last-modified: Tue, 20 Sep 2022 06:56:08 GMT
server: openresty/1.15.8.1
age: 18914
etag: W/"1a07-18359aebf40"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: tI6wqoyLoXNfb7T47rcPa1WSY68C7x5-5xL4_6BQpxNfbIi3-elufg==
x-cached: MISS

GET
H2 200 icon-wather.svg
www.walla.co.il/public/assets/icons/ 2 KB
1 KB 83ms
82ms Image
image/svg+xml 52.222.236.78
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/icons/icon-wather.svg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-78.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: c2095f6920579eb6938ef2ddecc5652d5a9557555a32b019969e329a93731897

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 07:27:43 GMT
content-encoding: gzip
last-modified: Tue, 20 Sep 2022 06:56:08 GMT
server: openresty/1.15.8.1
age: 18914
etag: W/"85c-18359aebf40"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: ipE7LvTy6ULit_Qp_fUMolGoLnvcFZY-HX16r176CNNSGUX0rGwl3A==
x-cached: MISS

GET
H2 200 icon-mail-empty.svg
www.walla.co.il/public/assets/homepage2/ 1 KB
1 KB 83ms
82ms Image
image/svg+xml 52.222.236.78
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/homepage2/icon-mail-empty.svg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-78.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 56dc3f20e9bfd5faaa6cb74b9e2b1c4f6ef120732aa1f111b56e988123800fbd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 07:27:43 GMT
content-encoding: gzip
last-modified: Tue, 20 Sep 2022 06:56:07 GMT
server: openresty/1.15.8.1
age: 18914
etag: W/"5f6-18359aebb58"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: Lt125Unz6ME6JcMcoDQTAGUhoFG-Q4RsavCKl2fD528vfK9j81IDpg==
x-cached: MISS

GET
H2 200 almoni-neue-aaa-600.woff
www.walla.co.il/public/font/almoni/ 58 KB
59 KB 83ms
83ms Font
font/woff 52.222.236.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.walla.co.il/public/font/almoni/almoni-neue-aaa-600.woff
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-78.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 963bd10345f70bf05d8735d5e33a7586d1c4b5e8a5b45861d36febe8be0d9af8

Request headers

Referer: https://www.walla.co.il/
Origin: https://www.walla.co.il
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 07:27:43 GMT
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
last-modified: Tue, 20 Sep 2022 06:56:07 GMT
server: openresty/1.15.8.1
age: 18914
etag: W/"e954-18359aebb58"
x-cache: Hit from cloudfront
content-type: font/woff
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
content-length: 59732
x-cached: MISS
x-amz-cf-id: 7gI2Blnyt3vuXDEDCVepQzsL9_5yGYHyH0O9dq1HVhvZRIt9AXJShA==

GET
H2 200 / Show response
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 7 KB
2 KB 447ms
13ms XHR
application/json 2a04:4e42:600::714
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=walla.co.il&domain=walla.co.il&path=%2F
Requested by: Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:600::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d32e21c44090ce2526b8887b2bbb60c66427751c323eff9bd440000f84d2c41b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:42:58 GMT
content-encoding: gzip
x-cache-hits: 1
age: 3
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1376
x-served-by: cache-fra19128-FRA
access-control-allow-origin: *
x-timer: S1663677778.026563,VS0,VE1
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: application/json
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
cache-control: no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges: bytes
expires: Sun, 18 Sep 2022 12:42:54 GMT

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ 211 KB
73 KB 431ms
11ms Script
application/x-javascript 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/outbrain.js
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c20da4fbef647f3c27449e62f4794cb5a42ffba848762225f896859074ef8f38

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:42:58 GMT
content-encoding: gzip
last-modified: Mon, 19 Sep 2022 09:36:09 GMT
etag: "15-81uUg9Ncx+58pBQAbf4hi+q7o7M"
vary: Accept-Encoding
edge-cache-tag: widget-cheetah
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
x-traceid: aaad060ad05e4915c020ac3f46bc5d42
timing-allow-origin: *, *
content-length: 74238

GET
H2 200 arrow-forward.svg
www.walla.co.il/public/assets/homepage2/ 475 B
834 B 36ms
34ms Image
image/svg+xml 52.222.236.78
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/homepage2/arrow-forward.svg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-78.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 00df84c0176ae68719671b3cf670d45da854c8e4b092eb72eb0b36f6737ae111

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 07:27:43 GMT
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
last-modified: Tue, 20 Sep 2022 06:56:07 GMT
server: openresty/1.15.8.1
age: 18914
etag: W/"1db-18359aebb58"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
content-length: 475
x-cached: MISS
x-amz-cf-id: WKabBcvkmeuKBs4AwyIn0lnunwmEdRpFv01IEGCUeBld_FIpT-kS6w==

GET
H2 200 walla-sprite.svg
www.walla.co.il/public/assets/icons/ 19 KB
6 KB 36ms
33ms Image
image/svg+xml 52.222.236.78
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/icons/walla-sprite.svg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-78.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 3241bf3866d5c2c02fd32bc792aa155f587efc0780ad197d0040d3377ff5af3f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 07:27:43 GMT
content-encoding: gzip
last-modified: Tue, 20 Sep 2022 06:56:08 GMT
server: openresty/1.15.8.1
age: 18914
etag: W/"4a05-18359aebf40"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: zqFjUCsffK3SP2Iec-oBUOAyL4IKgfhxpMBbGA3IeKQHgpdKwKnTPA==
x-cached: MISS

GET
H2 200 play103fm.svg
www.walla.co.il/public/assets/homepage2/radio-stations/ 409 B
769 B 35ms
33ms Image
image/svg+xml 52.222.236.78
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/homepage2/radio-stations/play103fm.svg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-78.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: f20eeef8fb712ad2bf5e21dfe5944ab2b62010e44ffa8f79a3bfa354973ab517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 07:27:43 GMT
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
last-modified: Tue, 20 Sep 2022 06:56:07 GMT
server: openresty/1.15.8.1
age: 18914
etag: W/"199-18359aebb58"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
content-length: 409
x-cached: MISS
x-amz-cf-id: U5IMEJYrpPFQrGbiz8_Fx8uwBLCqbqBg63xufeSf7UePH4GWVRY2vg==

GET
H2 200 play99fm.svg
www.walla.co.il/public/assets/homepage2/radio-stations/ 409 B
769 B 35ms
34ms Image
image/svg+xml 52.222.236.78
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/homepage2/radio-stations/play99fm.svg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-78.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: e5bf77a4605d9bb4c0ecfc1127ab95009dc2fa6ec763418424cf36f523db8e08

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 07:27:43 GMT
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
last-modified: Tue, 20 Sep 2022 06:56:07 GMT
server: openresty/1.15.8.1
age: 18914
etag: W/"199-18359aebb58"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
content-length: 409
x-cached: MISS
x-amz-cf-id: 8-PtcO3H_Y6WPpHnUnST4kiuPOI735VHFKGCn3No7FR63j9qIFSEaw==

GET
H2 200 icons-play-live.svg
www.walla.co.il/public/assets/icons/ 298 B
658 B 22ms
21ms Image
image/svg+xml 52.222.236.78
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/icons/icons-play-live.svg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-78.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: e8edb024e688dad4a4dbb15cc90e7cbcae1f1426f34ddb2c22523625f46aafde

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 07:27:43 GMT
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
last-modified: Tue, 20 Sep 2022 06:56:08 GMT
server: openresty/1.15.8.1
age: 18914
etag: W/"12a-18359aebf40"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
content-length: 298
x-cached: MISS
x-amz-cf-id: Pm9bNCUL9EUUkodIYcG9sgWuCrRX9OMMBBK_KfN9h0XKbyoREFV2pw==

GET
H2 200 wallaicons.woff
www.walla.co.il/public/font/fonticon/ 15 KB
15 KB 19ms
18ms Font
font/woff 52.222.236.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.walla.co.il/public/font/fonticon/wallaicons.woff
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-78.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 5927b526dea517c6d58a54685beb027c35c2f7dfef38f318d487ff4275d3913a

Request headers

Referer: https://www.walla.co.il/
Origin: https://www.walla.co.il
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 07:27:44 GMT
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
last-modified: Tue, 20 Sep 2022 06:56:07 GMT
server: openresty/1.15.8.1
age: 18913
etag: W/"3bdc-18359aebb58"
x-cache: Hit from cloudfront
content-type: font/woff
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
content-length: 15324
x-cached: MISS
x-amz-cf-id: tJa18IyFd5zZThqrCuHKquWDzm5L7P7M1f0nSSVSK_toh9sc0eGviw==

GET
H2 200 almoni-neue-aaa-500.woff
www.walla.co.il/public/font/almoni/ 58 KB
58 KB 18ms
18ms Font
font/woff 52.222.236.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.walla.co.il/public/font/almoni/almoni-neue-aaa-500.woff
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-78.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 3ce180dce4e114166047284e549a6dae0c28ec609c5539920da8fa3a0c6a9034

Request headers

Referer: https://www.walla.co.il/
Origin: https://www.walla.co.il
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 07:27:44 GMT
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
last-modified: Tue, 20 Sep 2022 06:56:07 GMT
server: openresty/1.15.8.1
age: 18913
etag: W/"e7c0-18359aebb58"
x-cache: Hit from cloudfront
content-type: font/woff
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
content-length: 59328
x-cached: HIT
x-amz-cf-id: x8MywfV1hDdB5e5joYADjJXKbz-R2Td8c3Djbj5gQ-7RTqLAjvYLrQ==

GET
H2 200 almoni-neue-aaa-700.woff
www.walla.co.il/public/font/almoni/ 59 KB
59 KB 23ms
23ms Font
font/woff 52.222.236.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.walla.co.il/public/font/almoni/almoni-neue-aaa-700.woff
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-78.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: bfde7d8c3faf39da42713b587dbed55d088a5afc1664a79565a8391735c63df1

Request headers

Referer: https://www.walla.co.il/
Origin: https://www.walla.co.il
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 07:27:44 GMT
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
last-modified: Tue, 20 Sep 2022 06:56:07 GMT
server: openresty/1.15.8.1
age: 18913
etag: W/"ea00-18359aebb58"
x-cache: Hit from cloudfront
content-type: font/woff
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
content-length: 59904
x-cached: MISS
x-amz-cf-id: 1m7CCXk_-i2f7lHrHOVhHsRh3BbjOubItN-Nnw5V8d-QSbz6TQWmDw==

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 310ms
98ms Image
image/gif 52.6.54.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=walla.co.il&p=%2F&u=BqOFmPCsf1FiBhhA66&d=walla.co.il&g=20047&g0=%D7%95%D7%95%D7%90%D7%9C%D7%94&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=10463&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=1924&t=Bl2DOhD4MSR2DeCD8bCjGNGJsQNw-&V=136&i=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20-%20%D7%94%D7%90%D7%AA%D7%A8%20%D7%94%D7%9E%D7%95%D7%91%D7%99%D7%9C%20%D7%91%D7%99%D7%A9%D7%A8%D7%90%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%9E%D7%A1%D7%91%D7%99%D7%91%20%D7%9C%D7%A9%D7%A2%D7%95%D7%9F&tz=0&sn=1&sv=BtLZwh5SEEHD4eTLpCid7LvCy2-Ob&sd=1&im=067b2fff&_
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.6.54.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-6-54-94.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:42:58 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 mab
mabping.chartbeat.net/ping/ 43 B
201 B 287ms
90ms Image
image/gif 34.192.92.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=BqOFmPCsf1FiBhhA66&c=0&V=136&x=AXtQ55rDYrGPo&v=B&ml=m&sl=CL1J3W&e=-1
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.92.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-92-212.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:42:58 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 mab
mabping.chartbeat.net/ping/ 43 B
200 B 287ms
91ms Image
image/gif 34.192.92.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=BqOFmPCsf1FiBhhA66&c=0&V=136&x=LLQeeMir5hAvx&v=A&ml=m&sl=1RGnl&e=-1
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.92.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-92-212.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:42:58 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 mab
mabping.chartbeat.net/ping/ 43 B
200 B 288ms
92ms Image
image/gif 34.192.92.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=BqOFmPCsf1FiBhhA66&c=0&V=136&x=mPLOX73kU4pdL&v=A&ml=m&sl=CY__aT&e=-1
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.92.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-92-212.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:42:58 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 mab
mabping.chartbeat.net/ping/ 43 B
200 B 375ms
179ms Image
image/gif 34.192.92.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=BqOFmPCsf1FiBhhA66&c=0&V=136&x=jPkWvXiYtOHHt&v=A&ml=m&sl=DjYYWx,DjYYWx&e=-1
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.92.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-92-212.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:42:58 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 mab
mabping.chartbeat.net/ping/ 43 B
200 B 287ms
92ms Image
image/gif 34.192.92.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=BqOFmPCsf1FiBhhA66&c=0&V=136&x=tgOeLXTjCG8t8&v=A&ml=m&sl=B4Upqb&e=-1
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.92.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-92-212.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:42:58 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 mab
mabping.chartbeat.net/ping/ 43 B
200 B 376ms
180ms Image
image/gif 34.192.92.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=BqOFmPCsf1FiBhhA66&c=0&V=136&x=qIdzThIgH1dgx&v=B&ml=m&sl=zYxJZ,D-dRbG&e=-1
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.92.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-92-212.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:42:58 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 391_74a7ea0bea4fcf8c460e_74a7ea0bea4fcf8c460e_walla.js Show response
www.walla.co.il/public/ 121 KB
36 KB 9ms
9ms Script
application/javascript 52.222.236.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.walla.co.il/public/391_74a7ea0bea4fcf8c460e_74a7ea0bea4fcf8c460e_walla.js
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/public/main_e959bb8b9b5abfde44a9_e959bb8b9b5abfde44a9_walla.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-78.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 86fed0f87402ce0fde9cdd3a0023fd4df2f277f5849744e61d4784e6470e02bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 07:27:43 GMT
content-encoding: gzip
last-modified: Tue, 20 Sep 2022 06:58:27 GMT
server: openresty/1.15.8.1
age: 18915
etag: W/"1e51a-18359b0de38"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: Ecr_prgsScoZWsHOoleiHyIGoHGoxQmfkVyXz09iKZ_g8jdkP1pimQ==
x-cached: MISS

GET
H2 200 PikudInner_793046046c897b90f78e_793046046c897b90f78e_walla.js Show response
www.walla.co.il/public/ 3 KB
2 KB 11ms
11ms Script
application/javascript 52.222.236.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.walla.co.il/public/PikudInner_793046046c897b90f78e_793046046c897b90f78e_walla.js
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/public/main_e959bb8b9b5abfde44a9_e959bb8b9b5abfde44a9_walla.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-78.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 32e55f966e5d42979013d87e8a4de77fd04e331af39070fd2f21404a04aae61b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 07:27:43 GMT
content-encoding: gzip
last-modified: Tue, 20 Sep 2022 06:58:27 GMT
server: openresty/1.15.8.1
age: 18915
etag: W/"cfc-18359b0de38"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: m5q-X3MQ-gDFg2jwq6JYgCryCBes_GdYcQH_qg4msfm138iakRy3jg==
x-cached: MISS

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
27 KB 232ms
204ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/public/666_344b9d6cd4dc223b3fd7_344b9d6cd4dc223b3fd7_walla.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

919955e889d271f73387b4455d37667a6a730e800dcdbd1461412810bbc5a6c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:42:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27726
x-xss-protection: 0
server: sffe
etag: "1339 / 496 of 1000 / last-modified: 1663672177"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 20 Sep 2022 12:42:58 GMT

GET
H2 200 close.png
www.walla.co.il/public/assets/ads/ 1 KB
1 KB 10ms
8ms Image
image/png 52.222.236.78
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/ads/close.png
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-78.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 526570790fb55c7376917efb0561bac7302c8946d3cfb0daf15e3669c6ee1ee5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 07:27:43 GMT
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
last-modified: Tue, 20 Sep 2022 06:56:08 GMT
server: openresty/1.15.8.1
age: 18915
etag: W/"46c-18359aebf40"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
content-length: 1132
x-cached: MISS
x-amz-cf-id: a0jz-zw_RabSCXcN1nRjWjCB6POFewYAD9WqY7a48Mtsnqy3Kw9jrw==

GET
H2 200 3421426-46.png
images.wcdn.co.il//3/4/2/1/ 6 KB
6 KB 13ms
11ms Image
image/png 18.66.122.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wcdn.co.il//3/4/2/1/3421426-46.png
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-88.fra60.r.cloudfront.net
Software: cloudinary /
Resource Hash: 738d90cda558286a59c2e9d00b43c7d2375b2e010863533804d0de180cfc5339

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 10:30:43 GMT
via: 1.1 varnish, 1.1 7b314c2b827b3a655861e27775634208.cloudfront.net (CloudFront)
age: 3204735
edge-cache-tag: 145767541500621925049705680995819893788,d2bce9e04f88d43dd8350e859c701704
cache-tag: 145767541500621925049705680995819893788,d2bce9e04f88d43dd8350e859c701704
x-cache: Hit from cloudfront
content-length: 5667
x-served-by: cache-iad-kiad7000166-IAD
last-modified: Sun, 14 Aug 2022 10:29:39 GMT
server: cloudinary
x-timer: S1660473043.259951,VS0,VE1
etag: "a299b27a337fe5f8cd65385dbd30d509"
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: GGq0pzLm0PUdJbnBI0dL0tUGw6qLGvMeJwULeKCroUuNo6QaNZ4O2g==
x-cache-hits: 1

GET
H2 200 2386336-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/2/3/8/6/ 13 KB
13 KB 14ms
12ms Image
image/avif 18.66.122.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/2/3/8/6/2386336-46.jpg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-88.fra60.r.cloudfront.net
Software: cloudinary /
Resource Hash: 3e8b7be6748b3f6657e82e3025683d8bb0ab86bcac660150643a294f73d0bc23

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 07:43:39 GMT
via: 1.1 varnish, 1.1 7b314c2b827b3a655861e27775634208.cloudfront.net (CloudFront)
age: 17959
edge-cache-tag: 211354170110482036562488546519277481292,212496020108147977840311483917559093332,d2bce9e04f88d43dd8350e859c701704
cache-tag: 211354170110482036562488546519277481292,212496020108147977840311483917559093332,d2bce9e04f88d43dd8350e859c701704
status: 200 OK
x-cache: Hit from cloudfront
content-length: 12898
x-request-id: 218fedc2521407006bc7d62f6a5809d3
x-served-by: cache-iad-kjyo7100118-IAD
last-modified: Tue, 20 Sep 2022 07:43:40 GMT
server: cloudinary
x-timer: S1663659817.557787,VS0,VE3074
etag: "228f2c6ce10a24ad2c1c3fd1895c011a"
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: vmf_vXP-NBLLfcauEet6ul6ud3nXE3QKFrcVu6YwHrP4l1GkgQt66g==
x-cache-hits: 0

GET
H2 200 3421425-46.jpeg
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/4/2/1/ 8 KB
8 KB 14ms
13ms Image
image/avif 18.66.122.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/4/2/1/3421425-46.jpeg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-88.fra60.r.cloudfront.net
Software: cloudinary /
Resource Hash: 61828e0616891940f8bd0401376eef9601c939cc6f920bdc37513a2cd6933bd6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 17:52:15 GMT
via: 1.1 varnish, 1.1 7b314c2b827b3a655861e27775634208.cloudfront.net (CloudFront)
age: 2832644
edge-cache-tag: 276071925003106772939387096411129650972,418564181582767519421549110210876597074,d2bce9e04f88d43dd8350e859c701704
cache-tag: 276071925003106772939387096411129650972,418564181582767519421549110210876597074,d2bce9e04f88d43dd8350e859c701704
status: 200 OK
x-cache: Hit from cloudfront
content-length: 7702
x-request-id: 9b1d135e642e3fcf58a7f48cce472c46
x-served-by: cache-iad-kiad7000136-IAD
last-modified: Thu, 18 Aug 2022 17:52:16 GMT
server: cloudinary
x-timer: S1660845135.971568,VS0,VE814
etag: "d8d085ea1f63594e8cb3e814e53fddf3"
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: bwZhDC0WMFMRT-P1_QdkyAGUNiNhFevi27ZpFfNvhNvudeLtNm2l9Q==
x-cache-hits: 0

GET
H2 200 3430614-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/4/3/0/ 7 KB
7 KB 15ms
13ms Image
image/avif 18.66.122.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/4/3/0/3430614-46.jpg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-88.fra60.r.cloudfront.net
Software: cloudinary /
Resource Hash: 49516ce0a6df0c6d94424868d40f729c1396a81afc19ede501bb4ba6781d6452

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 05:31:00 GMT
via: 1.1 varnish, 1.1 7b314c2b827b3a655861e27775634208.cloudfront.net (CloudFront)
age: 25918
edge-cache-tag: 366992835362636826284632085677324011134,212496020108147977840311483917559093332,d2bce9e04f88d43dd8350e859c701704
cache-tag: 366992835362636826284632085677324011134,212496020108147977840311483917559093332,d2bce9e04f88d43dd8350e859c701704
status: 200 OK
x-cache: Hit from cloudfront
content-length: 6835
x-request-id: 01b949979074b98e84088b389358fa12
x-served-by: cache-iad-kjyo7100092-IAD
last-modified: Tue, 20 Sep 2022 05:31:01 GMT
server: cloudinary
x-timer: S1663651858.965337,VS0,VE2782
etag: "c78c1351c71b51f75c17ac7efba98576"
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: Ep0GXXPgPHWpJ67uE3iemlQ05w1A0V0Ed2O-aNCDTMar1httsStrOg==
x-cache-hits: 0

GET
H2 200 3437274-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/4/3/7/ 9 KB
9 KB 15ms
14ms Image
image/avif 18.66.122.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/4/3/7/3437274-46.jpg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-88.fra60.r.cloudfront.net
Software: cloudinary /
Resource Hash: 196b7e399508118601fbd94f863e1987106c05b7862d6e327598e7ca368d1887

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 10:18:44 GMT
via: 1.1 varnish, 1.1 7b314c2b827b3a655861e27775634208.cloudfront.net (CloudFront)
age: 8654
edge-cache-tag: 268539599408986745863458767934328395062,212496020108147977840311483917559093332,d2bce9e04f88d43dd8350e859c701704
cache-tag: 268539599408986745863458767934328395062,212496020108147977840311483917559093332,d2bce9e04f88d43dd8350e859c701704
status: 200 OK
x-cache: Hit from cloudfront
content-length: 8864
x-request-id: 017311e000ef87cfe3de03babf7cf5f4
x-served-by: cache-lga21928-LGA
last-modified: Tue, 20 Sep 2022 10:18:45 GMT
server: cloudinary
x-timer: S1663669123.263008,VS0,VE1200
etag: "9a8f77b1baa7b590a81130d3f76f79db"
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: 5P42fO4tMRGIT764J84TiXj7BjATSOVlbUXgiQeRub8ZEjQpeM90CQ==
x-cache-hits: 0

GET
H2 200 3178764-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_100,t_53/3/1/7/8/ 2 KB
2 KB 15ms
15ms Image
image/avif 18.66.122.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wcdn.co.il/f_auto,q_auto,w_100,t_53/3/1/7/8/3178764-46.jpg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-88.fra60.r.cloudfront.net
Software: cloudinary /
Resource Hash: 4254d6ebdad02b88a8691e71b6b58b19944bce76b249707f8d45e610d7b55f0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 07:00:08 GMT
via: 1.1 varnish, 1.1 7b314c2b827b3a655861e27775634208.cloudfront.net (CloudFront)
age: 17127770
edge-cache-tag: 368907602085661858931500534282242613018,126791851644153346182560705225699570347,d2bce9e04f88d43dd8350e859c701704
cache-tag: 368907602085661858931500534282242613018,126791851644153346182560705225699570347,d2bce9e04f88d43dd8350e859c701704
x-cache: Hit from cloudfront
content-length: 1683
x-served-by: cache-bwi5037-BWI
last-modified: Tue, 28 Dec 2021 13:39:26 GMT
server: cloudinary
x-timer: S1646550009.631172,VS0,VE1
etag: "7cb7520d0554e205a55ef52971b6f150"
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: BAKQ4-__iMupR6QWtls-pCwF5jL3O6jW2vqWeauQRYYv353EPwVOZg==
x-cache-hits: 1

GET
H2 200 3257720-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_100,t_53/3/2/5/7/ 3 KB
3 KB 16ms
15ms Image
image/avif 18.66.122.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wcdn.co.il/f_auto,q_auto,w_100,t_53/3/2/5/7/3257720-46.jpg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-88.fra60.r.cloudfront.net
Software: cloudinary /
Resource Hash: 876338a1211c7ddf69cfc5e548d0a1ed20b6b457f2db3a0383da314e9b8ab5ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 09:31:55 GMT
via: 1.1 varnish, 1.1 7b314c2b827b3a655861e27775634208.cloudfront.net (CloudFront)
age: 18328262
edge-cache-tag: 392352988921626568262436971655980406484,126791851644153346182560705225699570347,d2bce9e04f88d43dd8350e859c701704
cache-tag: 392352988921626568262436971655980406484,126791851644153346182560705225699570347,d2bce9e04f88d43dd8350e859c701704
x-cache: Hit from cloudfront
content-length: 2600
x-served-by: cache-wdc5578-WDC
last-modified: Tue, 28 Dec 2021 13:39:27 GMT
server: cloudinary
x-timer: S1645349516.959199,VS0,VE1
etag: "f5f7b4337f4b74360d3260dee35fb331"
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: m_P8f_gnmxNITsiBWEy8fFIGpL0flIzDPAS7nIIynzuhS0LJoia3JQ==
x-cache-hits: 1

GET
H2 403 bdbae668-c577-4545-8fc2-4ad4eab52b2c-web.js
cdn.permutive.com/ 0
0 131ms
39ms Script
text/html 104.19.150.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.permutive.com/bdbae668-c577-4545-8fc2-4ad4eab52b2c-web.js?d=2022-09-20
Requested by: Host: cf.dxmcdn.com
URL: https://cf.dxmcdn.com/dta/wallawb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.150.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H2 200 kahoona-idx-live.js Show response
d2r08ja41ypc0t.cloudfront.net/WALLA/ 13 KB
5 KB 73ms
19ms Script
application/javascript 2600:9000:2304:8c00:4:1c73:c740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2r08ja41ypc0t.cloudfront.net/WALLA/kahoona-idx-live.js
Requested by: Host: cf.dxmcdn.com
URL: https://cf.dxmcdn.com/dta/wallawb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:8c00:4:1c73:c740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a7366672c7309113ce12beb12478774bc7ed93bc3f066f38bb3bf5c57485e47f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: fJ6OxwQ2i6ClHgUlktD21ZZFhrK13sEw
content-encoding: gzip
last-modified: Sun, 04 Sep 2022 17:48:46 GMT
server: AmazonS3
age: 24338
etag: W/"3891a35af9cd00643f2e83d64997acba"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 429f4d0dffb8bf0b68cf2d9d500542f8.cloudfront.net (CloudFront)
date: Tue, 20 Sep 2022 05:57:21 GMT
x-amz-cf-pop: VIE50-P1
x-amz-cf-id: Vmpo_d6jRcDsQ8GWzeuYKKHXdAN0cgAaY9i3kIQ-O7-4HcUv3GHuIA==

GET
H2 206 3437409-46.mp4
images.wcdn.co.il/q_auto,w_300,t_54/3/4/3/7/ 225 KB
226 KB 12ms
12ms Media
video/mp4 18.66.122.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.wcdn.co.il/q_auto,w_300,t_54/3/4/3/7/3437409-46.mp4
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-88.fra60.r.cloudfront.net
Software: cloudinary /
Resource Hash: 6c92be27fa2e43f9c89b59fc60258b0aa3eca1170f36d36a5b4455d3e03339d6

Request headers

Referer: https://www.walla.co.il/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Range: bytes=0-

Response headers

date: Tue, 20 Sep 2022 12:24:33 GMT
via: 1.1 varnish, 1.1 7b314c2b827b3a655861e27775634208.cloudfront.net (CloudFront)
age: 1105
edge-cache-tag: 131034316585449370630405512422222870322,297971540058848560575371772229170621855,d2bce9e04f88d43dd8350e859c701704
cache-tag: 131034316585449370630405512422222870322,297971540058848560575371772229170621855,d2bce9e04f88d43dd8350e859c701704
status: 206 Partial Content
x-cache: Hit from cloudfront
Content-Length: 230703
x-request-id: 91091a9dc2ce2752e388ffef70083081
x-ua-compatible: IE=Edge,chrome=1
Content-Range: bytes 0-230702/230703
last-modified: Tue, 20 Sep 2022 12:24:34 GMT
server: cloudinary
x-timer: S1663676672.959519,VS0,VE1917
etag: "72cf4aaf29159fccf51212f8f81dbc8c"
x-served-by: cache-iad-kjyo7100174-IAD
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: OwzAlqZQZEHF2RXwYwAfF8JZ4QssiSY5S3u1yPTZL4t-Gn3S26x1wQ==
x-cache-hits: 1

GET
H/1.1 200
OK widget_iframe.c4bdc17e77719578b594d5555bee90db.html Show response
platform.twitter.com/widgets/ Frame 8FA9 320 KB
104 KB 7ms
7ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.c4bdc17e77719578b594d5555bee90db.html?origin=https%3A%2F%2Fwww.walla.co.il
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67D3) /
Resource Hash: 8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1699180
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105445
Content-Type: text/html; charset=utf-8
Date: Tue, 20 Sep 2022 12:42:58 GMT
Etag: "50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
Last-Modified: Wed, 31 Aug 2022 20:40:57 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/67D3)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

GET
H/1.1 200
OK d3d3LndhbGxhLmNvLmls Show response
tcheck.outbrainimg.com/tcheck/check/ 15 B
462 B 157ms
7ms XHR
application/json 23.35.229.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tcheck.outbrainimg.com/tcheck/check/d3d3LndhbGxhLmNvLmls
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-181.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 20 Sep 2022 12:42:59 GMT
ETag: W/"f-ayLlCL3PuzXSThdu78iReSEjl6Y"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=34251
Access-Control-Allow-Credentials: false
Connection: keep-alive
X-TraceId: ee7181de62fa860610231a6de59d9131
Content-Length: 15
Expires: Tue, 20 Sep 2022 22:13:50 GMT

GET
H2 200 px.gif
widget-pixels.outbrain.com/widget/detect/ 43 B
355 B 63ms
7ms Image
image/gif 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

unused62: 8096267
date: Tue, 20 Sep 2022 12:42:58 GMT
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 43
expires: Thu, 20 Oct 2022 12:42:58 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 101 KB
27 KB 62ms
19ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

844bfb2ff3311ad9b5611b51d8c72e0c483a8ceafe7c625a5c321637f9277399

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26839
x-xss-protection: 0
pragma: public
x-fb-debug: OEhaDs5P7YRuTPBRNPi1/uEjKXgDvfumiyxnu61Ie0qsKKbzjpkGlUsuwJ0mcS+BgWzDd6yZlw9A7hpShvVAhA==
x-fb-trip-id: 720026100
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 20 Sep 2022 12:42:59 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

OPTIONS
H2 200 init
hb-dot-valuad.appspot.com/ Frame 0
0 163ms
109ms Preflight
text/html 2a00:1450:4001:806::2014
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://hb-dot-valuad.appspot.com/init?d=pubsub
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:806::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-request-id,x-vad-version
Access-Control-Request-Method: POST
Origin: https://www.walla.co.il
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-request-id,x-vad-version
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin: https://www.walla.co.il
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Tue, 20 Sep 2022 12:42:59 GMT
server: Google Frontend
x-cloud-trace-context: 900297875a0561ffca667216d8f898e7
x-request-id: undefined

POST
H3 200 init Show response
hb-dot-valuad.appspot.com/ 38 B
87 B 165ms
109ms Fetch
application/json 2a00:1450:4001:806::2014
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://hb-dot-valuad.appspot.com/init?d=pubsub
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1663632000000
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 4fd404a3dd41ba5796289aa477fbab1ca6d8417713f348dc46088f0f304a4c86

Request headers

Accept: application/json
Referer: https://www.walla.co.il/
x-request-id: fb3f6153-61f7-4c80-84aa-a75cab11ec1a
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
x-vad-version: 0.9.8
Content-Type: application/json

Response headers

date: Tue, 20 Sep 2022 12:42:59 GMT
content-encoding: gzip
server: Google Frontend
etag: W/"26-mVNvu0agnvYcPb+7WMdjUD1kmNU"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.walla.co.il
x-cloud-trace-context: 8253b054921210171286d15ad92809a5
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64
x-request-id: undefined

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 70ms
23ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T728TH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 6059
date: Tue, 20 Sep 2022 11:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 20 Sep 2022 13:02:00 GMT

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 45 KB
18 KB 111ms
53ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WGMK7ZS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

d7abb302c9c1e55633395bf3b82b4bed7d63804223437d9879fff049895ec72d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:42:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17403
x-xss-protection: 0
server: cafe
etag: 17680024240845530123
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 20 Sep 2022 12:42:59 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 8FA9 771 B
609 B 266ms
120ms Fetch
application/json 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=0d6aa1023725198345a435841ad31dc192945ca8

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.c4bdc17e77719578b594d5555bee90db.html?origin=https%3A%2F%2Fwww.walla.co.il

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

0369a4dc49c5d2d0633a1b966e8b1071b05279fddda61e151661b3307656a9f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-response-time: 113
date: Tue, 20 Sep 2022 12:42:58 GMT
content-encoding: gzip
last-modified: Tue, 20 Sep 2022 12:42:59 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 5709ddc0ab392644df2ab72dda41362e6e577fc5c9e234bc95053ed98d4f4e3e
content-length: 327

GET
H2 200 logo.png
www.walla.co.il/public/assets/pikud/ 21 KB
22 KB 8ms
8ms Image
image/png 52.222.236.78
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/pikud/logo.png
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-78.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 76d0d144cab37ceb245da2686fc8b5188508a91aee42773c8caba340dd7e4309

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 07:27:43 GMT
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
last-modified: Tue, 20 Sep 2022 06:56:08 GMT
server: openresty/1.15.8.1
age: 18916
etag: W/"558e-18359aebf40"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
content-length: 21902
x-cached: MISS
x-amz-cf-id: 6uGuTMB00pGdKEW2UXB9vCXPZA3ZlrfYgeFY9l7PiYj041gBg-2BWA==

GET
H2

200

map-id
ledger.crowdad.io/
Redirect Chain

https://ib.adnxs.com/getuid?https://ledger.crowdad.io/map-id?publisherId=WALLA&publisherUserId=&kaUserId=d445bb4e-a368-4e8f-a0b4-eb4a2bd8e4ee&adnxsUserId=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fledger.crowdad.io%2Fmap-id%3FpublisherId%3DWALLA%26publisherUserId%3D%26kaUserId%3Dd445bb4e-a368-4e8f-a0b4-eb4a2bd8e4ee%26adnxsUserId%3D%24UID
https://ledger.crowdad.io/map-id?publisherId=WALLA&publisherUserId=&kaUserId=d445bb4e-a368-4e8f-a0b4-eb4a2bd8e4ee&adnxsUserId=207039819888687976

0
38 B

188ms
32ms

Image
text/plain

52.212.114.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ledger.crowdad.io/map-id?publisherId=WALLA&publisherUserId=&kaUserId=d445bb4e-a368-4e8f-a0b4-eb4a2bd8e4ee&adnxsUserId=207039819888687976
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Server: 52.212.114.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-114-253.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:42:59 GMT
content-length: 0

Redirect headers

Pragma: no-cache
Date: Tue, 20 Sep 2022 12:42:59 GMT
X-Proxy-Origin: 37.58.58.250; 37.58.58.250; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 65833dba-cd58-4e4e-9654-b209bca6db5a
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ledger.crowdad.io/map-id?publisherId=WALLA&publisherUserId=&kaUserId=d445bb4e-a368-4e8f-a0b4-eb4a2bd8e4ee&adnxsUserId=207039819888687976
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 placement_invocation Show response
rock.defybrick.com/ 48 KB
18 KB 62ms
8ms Script
text/javascript 2600:9000:223e:b200:1a:ba5c:3900:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rock.defybrick.com/placement_invocation?id=65349&idx=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:b200:1a:ba5c:3900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Caddy /
Resource Hash: 620bae4f435d4ccd1c611f602c0790871f65d6bf668f6ff2ac716b89285cdc4a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:31:04 GMT
content-encoding: gzip
server: Caddy
age: 3909
etag: "bf8f-sbLSqLgrhMmD0M6HbtAQ/QtX6WE"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 a2cac9c5f0e90f8b7fede4ac9aca75ca.cloudfront.net (CloudFront)
cache-control: max-age=43200
x-amz-cf-pop: FRA56-P4
content-length: 18460
x-amz-cf-id: BHi0y-UX-baHJf7Lt_sIjTwYzbbUCWmjiw7kzynJx1VZJSspm9P7gw==
expires: Tue, 20 Sep 2022 23:37:50 GMT

POST
H2 200 handshakes Show response
khn.crowdad.io/ 0
105 B 101ms
37ms XHR
text/plain 54.72.99.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://khn.crowdad.io/handshakes
Requested by: Host: d2r08ja41ypc0t.cloudfront.net
URL: https://d2r08ja41ypc0t.cloudfront.net/WALLA/kahoona-idx-live.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.99.24 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-99-24.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.walla.co.il
date: Tue, 20 Sep 2022 12:42:59 GMT
access-control-allow-credentials: true
content-length: 0

OPTIONS
H2 200 handshakes
khn.crowdad.io/ Frame 0
0 111ms
30ms Preflight 54.72.99.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://khn.crowdad.io/handshakes
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.99.24 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-99-24.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.walla.co.il
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://www.walla.co.il
content-length: 0
date: Tue, 20 Sep 2022 12:42:59 GMT

GET
H3 200 170717926997655 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 39ms
18ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/170717926997655?v=2.9.83&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e188bac2633600ce8bafab06429651ecc0cab83851fc6f844f016580c7c6f4c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 86039
x-xss-protection: 0
pragma: public
x-fb-debug: U/9+N+MARR3gXYrwCkFCZLke20KxQaseP0nZgAK5jgkzhY+Bp7UHLBKQwKq1u8F27tCpv6a67E2yYm+F8DKcrA==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 20 Sep 2022 12:42:59 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 48ms
20ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=991473083&t=pageview&_s=1&dl=https%3A%2F%2Fwww.walla.co.il%2F&ul=en-us&de=UTF-8&dt=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20-%20%D7%94%D7%90%D7%AA%D7%A8%20%D7%94%D7%9E%D7%95%D7%91%D7%99%D7%9C%20%D7%91%D7%99%D7%A9%D7%A8%D7%90%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%9E%D7%A1%D7%91%D7%99%D7%91%20%D7%9C%D7%A9%D7%A2%D7%95%D7%9F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=273666867&gjid=1326753736&cid=1449003620.1663677779&tid=UA-4780630-1&_gid=816517939.1663677779&_r=1&gtm=2wg9j0T728TH&cd1=&cd2=173&cd3=&cd4=&cd6=&cd7=&cd8=&cd10=0&cd20=no&cd22=0&cd23=0&cd24=0&cd26=&cd27=&cd28=&cd29=&cd30=&cd31=&cd32=%D7%95%D7%95%D7%90%D7%9C%D7%94&cd33=not&cd34=&cd51=&cd53=&cd54=&cd55=&cd56=&cd59=&cd62=&cd63=&cd65=no&cd69=1&cd76=&cd98=&cd107=&cd108=no&cd109=no&cd110=&cd113=1&cd115=&cd116=0&z=284941955

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:42:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.walla.co.il
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/964224610/ 3 KB
2 KB 243ms
56ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/964224610/?random=1663677779343&cv=9&fst=1663677779343&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.walla.co.il%2F&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20-%20%D7%94%D7%90%D7%AA%D7%A8%20%D7%94%D7%9E%D7%95%D7%91%D7%99%D7%9C%20%D7%91%D7%99%D7%A9%D7%A8%D7%90%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%9E%D7%A1%D7%91%D7%99%D7%91%20%D7%9C%D7%A9%D7%A2%D7%95%D7%9F&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a603a5cf541f7f6e72cd5f0e7bf21885588312d1afb0bb7d694ea5121a7033c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:42:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1066
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_pla Show response
flint.defybrick.com/ 2 KB
2 KB 349ms
113ms Script
text/javascript 2600:1f18:e8a:cd08:3437:aff5:50c:d298
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://flint.defybrick.com/show_pla?id=65349&url=https%3A%2F%2Fwww.walla.co.il%2F&sf=0&k=&idx=0&ch=&ext=&np=win32&nv=google%20inc.&rand=93695919010779268570212616110821839855317507562350678625010804629681&nc=0&tsf=0&tsfmi=&pv=0&cb=1663677779466&ref=&pit=1&hl=2&op=0&fs=1600x1200&ss=1600x1200&pre=0&jsonp=OBR.extern.onCheqResponse&mr=&ag=2539197322&at=&bid=e30%3D&di=W1siZWYiLDMyOTFdLFsxMiwie1wiY3R4XCI6XCJ3ZWJnbDJcIixcInZcIjpcImludGVsIGluYy5c%0D%0AIixcInJcIjpcImludGVsIGlyaXMgb3BlbmdsIGVuZ2luZVwiLFwic2x2XCI6XCJ3ZWJnbCBnbHNs%0D%0AIGVzIDMuMDAgKG9wZW5nbCBlcyBnbHNsIGVzIDMuMCBjaHJvbWl1bSlcIixcImd2ZXJcIjpcIndl%0D%0AYmdsIDIuMCAob3BlbmdsIGVzIDMuMCBjaHJvbWl1bSlcIixcImd2ZW5cIjpcIndlYmtpdFwiLFwi%0D%0AYmVuXCI6OCxcIndnbFwiOjEsXCJncmVuXCI6XCJ3ZWJraXQgd2ViZ2xcIixcInNlZlwiOjEwNTE2%0D%0AOTQwODksXCJzZWNcIjpcIlwifSJdLFszNywiWzMzMTYyMjQwNDksZnVuY3Rpb24obmV3VmFsdWUp%0D%0AIHtcbiAgICAgICAgICAgICAgYWRkQ29udGVudFdpbmRvd1Byb3h5KHRoaXMpXG4gICAgICAgICAg%0D%0AICAgIC8vIFJlc2V0IHByb3BlcnR5LCB0aGUgaG9vayBpcyBvbmx5IG5lZWRlZCBvbmNlXG4gICAg%0D%0AICAgICAgICAgIE9iamVjdC5kZWZpbmVQcm9wZXJ0eShpZnJhbWUsICdzcmNkb2MnLCB7XG4gICAg%0D%0AICAgICAgICAgICAgY29uZmlndXJhYmxlOiBmYWxzZSxcbiAgICAgICAgICAgICAgICB3cml0YWJs%0D%0AZTogZmFsc2UsXG4gICAgICAgICAgICAgICAgdmFsdWU6IF9zcmNkb2NcbiAgICAgICAgICAgICAg%0D%0AfSlcbiAgICAgICAgICAgICAgX2lmcmFtZS5zcmNkb2MgPSBuZXdWYWx1ZVxuICAgICAgICAgICAg%0D%0AfV0iXSxbLTEsIi0iXSxbLTIsIjcsZVlHOVgxL1gxdFpsUzIyZDUxeDhZTlk5TXhKUUVNQ2RVQkhK%0D%0ATDg2TDIzQUNHVWhCSXdJU1NFRUFjSUpmUmVBZ1FJRUZvSW5kQ3h3UVhqaG8yNzE5Nm1Nak92L3I4%0D%0ANzB1eHFGeCJdLFstMywiW1wiaW50ZXJuYWwtcGRmLXZpZXdlclwiLFwibWhqZmJtZGdjZmpiYnBh%0D%0AZW9qb2ZvaG9lZmdpZWhqYWlcIixcImludGVybmFsLW5hY2wtcGx1Z2luXCJdIl0sWy00LCItIl0s%0D%0AWy01LCItIl0sWy02LCItIl0sWy03LCItIl0sWy04LCItIl0sWy05LCIrIl0sWy0xMCwiLSJdLFst%0D%0AMTEsIntcInRcIjpcIlwiLFwibVwiOltcIm9nOnRpdGxlXCIsXCJkZXNjcmlwdGlvblwiLFwib2c6%0D%0AZGVzY3JpcHRpb25cIixcInR3aXR0ZXI6dGl0bGVcIixcInR3aXR0ZXI6ZGVzY3JpcHRpb25cIixc%0D%0AIm9nOnRpdGxlXCIsXCJkZXNjcmlwdGlvblwiLFwib2c6ZGVzY3JpcHRpb25cIixcInR3aXR0ZXI6%0D%0AdGl0bGVcIixcInR3aXR0ZXI6ZGVzY3JpcHRpb25cIl19Il0sWy0xMiwibnVsbCJdLFstMTMsIi0i%0D%0AXSxbLTE0LCJ7XCJvXCI6MC4wMDg2NDU1MzMxNDEyMTAzNzV9Il0sWy0xNSwiLSJdLFstMTYsIjAi%0D%0AXSxbLTE3LCI0Il0sWy0xOCwiWzAsMCwwLDFdIl0sWy0xOSwiWzAsMCwwLDAsMCwwLDEsMjQsMjQs%0D%0AXCItXCIsMTYwMCwxMjAwLDE2MDAsMTIwMCwxNjAwLDEyMDAsMTYwMCwxMjAwLDAsMCwwLDAsXCIt%0D%0AXCIsXCItXCJdIl0sWy0yMCwiMTQ0OTAwMzYyMC4xNjYzNjc3Nzc5Il0sWy0yMSwiT21HUFM4Ylci%0D%0AXSxbLTIyLCJbXCJuXCIsXCJuXCJdIl0sWy0yMywiKyJdLFstMjQsIltdIl0sWy0yNSwiLSJdLFst%0D%0AMjYsIntcInRqaHNcIjo1MzUwMDAwMCxcInVqaHNcIjo0MjEwMDAwMCxcImpoc2xcIjozNzYwMDAw%0D%0AMDAwfSJdLFstMjcsIlswLDEwLDAsXCI0Z1wiLG51bGxdIl0sWy0yOCwiZW4tVVMsZW4iXSxbLTI5%0D%0ALCJ7XCJ2XCI6WzIsMiwyLDIsMCwwLDAsMiwwLDIsMCwyLDAsMCwyLDIsMiwyLDBdfSJdLFstMzAs%0D%0AIltcInZcIiwwXSJdLFstMzEsImZhbHNlIl0sWy0zMiwiLSJdLFstMzMsIi0iXSxbLTM0LCItIl0s%0D%0AWy0zNSwiWzE2NjM2Nzc3Nzk0NDAsMF0iXSxbLTM2LCJbXCI0LzNcIixcIjQvM1wiXSJdLFstMzcs%0D%0AIi0xNDQtNjYtMTgwLSJdLFstMzgsImksLTEsLTEsMTE3NSwwLDAsMCw5LDIwLDUyLDMzOSwwLDE0%0D%0ANjEuNSwxNDYxLjUsMzMxOSwzMzIwIl0sWy0zOSwiW1wiMjAwMzAxMDdcIiw0LFwiR2Vja29cIixc%0D%0AIk5ldHNjYXBlXCIsXCJNb3ppbGxhXCIsbnVsbCxudWxsLHRydWUsOCxmYWxzZSxudWxsLDNdIl0s%0D%0AWy00MCwiMzMiXSxbLTQxLCItIl0sWy00MiwiMTcyNDI5NzY1MyJdLFstNDMsIjAwMDAwMDAxMDEw%0D%0AMDAwMDEwMDExMTAxMTAwIl0sWy00NCwiMCwwLDAsNSJdLFstNDUsIi0iXSxbLTQ2LCIwIl0sWy00%0D%0ANywiRXRjL1Vua25vd24sZW4tVVMsbGF0bixncmVnb3J5Il0sWy00OCwiMCwwIl0sWy00OSwiLSJd%0D%0ALFsiYm5jaCIsNzBdXQ%3D%3D&tsfu=&fst=1600x1200&dep=0&cpos=%5B%7B%22x%22%3A0%2C%22y%22%3A0%2C%22w%22%3A1600%2C%22h%22%3A0%7D%2C%7B%22w%22%3A1600%2C%22h%22%3A1200%7D%5D&ver=41&cri=dwhMqjtF75&sdd=%7B%7D&pto=3346
Requested by: Host: rock.defybrick.com
URL: https://rock.defybrick.com/placement_invocation?id=65349&idx=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd08:3437:aff5:50c:d298 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 5836482b14e9df3c3e685da0a3042355adfbef7648438c0ef5e41da89e51d06c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:42:59 GMT
content-encoding: gzip
cache-control: no-cache, no-store, must-revalidate
content-type: text/javascript
content-length: 1435
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 1616785908557850 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 19ms
18ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1616785908557850?v=2.9.83&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

adbce2551c27cb2f7511883673a16d0b28b8f4cee48878caab5c0365feb95756

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 86253
x-xss-protection: 0
pragma: public
x-fb-debug: /ZJjTSAcPHylP0UVDnPsDv26CUdZnFYCnebcb5DKKU8+Gn/W16T5jUtzWZJbllJHRM8DZJkg3LoOQ7Zpeiw5hQ==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 20 Sep 2022 12:42:59 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 55ms
15ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=170717926997655&ev=PageView&dl=https%3A%2F%2Fwww.walla.co.il%2F&rl=&if=false&ts=1663677779493&sw=1600&sh=1200&v=2.9.83&r=stable&ec=0&o=30&fbp=fb.2.1663677779492.1561993977&it=1663677779247&coo=false&rqm=GET

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:42:59 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Tue, 20 Sep 2022 12:42:59 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
442 B 62ms
18ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-4780630-1&cid=1449003620.1663677779&jid=273666867&gjid=1326753736&_gid=816517939.1663677779&_u=YEBAAEAAAAAAAC~&z=755845860

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 20 Sep 2022 12:42:59 GMT
content-type: text/plain
access-control-allow-origin: https://www.walla.co.il
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 19ms
7ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1616785908557850&ev=PageView&dl=https%3A%2F%2Fwww.walla.co.il%2F&rl=&if=false&ts=1663677779560&sw=1600&sh=1200&v=2.9.83&r=stable&ec=0&o=30&fbp=fb.2.1663677779492.1561993977&it=1663677779247&coo=false&rqm=GET

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:42:59 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Tue, 20 Sep 2022 12:42:59 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 173ms
118ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-4780630-1&cid=1449003620.1663677779&jid=273666867&_u=YEBAAEAAAAAAAC~&z=236135128

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:42:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 92ms
38ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-4780630-1&cid=1449003620.1663677779&jid=273666867&_u=YEBAAEAAAAAAAC~&z=236135128

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:42:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/964224610/ 42 B
548 B 81ms
28ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/964224610/?random=1663677779343&cv=9&fst=1663675200000&num=1&guid=ON&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.walla.co.il%2F&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20-%20%D7%94%D7%90%D7%AA%D7%A8%20%D7%94%D7%9E%D7%95%D7%91%D7%99%D7%9C%20%D7%91%D7%99%D7%A9%D7%A8%D7%90%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%9E%D7%A1%D7%91%D7%99%D7%91%20%D7%9C%D7%A9%D7%A2%D7%95%D7%9F&fmt=3&is_vtc=1&random=1442037230&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:42:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/964224610/ 42 B
548 B 82ms
29ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/964224610/?random=1663677779343&cv=9&fst=1663675200000&num=1&guid=ON&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.walla.co.il%2F&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20-%20%D7%94%D7%90%D7%AA%D7%A8%20%D7%94%D7%9E%D7%95%D7%91%D7%99%D7%9C%20%D7%91%D7%99%D7%A9%D7%A8%D7%90%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%9E%D7%A1%D7%91%D7%99%D7%91%20%D7%9C%D7%A9%D7%A2%D7%95%D7%9F&fmt=3&is_vtc=1&random=1442037230&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:42:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 415ms
106ms XHR
application/json 64.202.112.255
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1663677779661&sessionId=b681c72b-605f-02d8-5268-7fe3290398d9&url=www.walla.co.il&cheqSource=1&cheqEvent=0&exitReason=3
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.255 Lovettsville, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Sep 2022 12:43:00 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: de053631a3e605177a9f680902dbeb38
Content-Length: 4
Expires: 0

GET
H2 200 get Show response
odb.outbrain.com/utils/ 2 KB
1 KB 185ms
120ms Script
text/javascript 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.walla.co.il%2F&idx=0&rand=35412&key=NANOWDGT01&widgetJSId=AR_57&va=true&et=true&format=html&adblck=false&abwl=false&clid=b681c72b-605f-02d8-5268-7fe3290398d9&fdu=www.walla.co.il&px=0&py=0&vpd=0&cw=1600&activeTab=true&darkMode=false&ab=0&wl=0&settings=true&recs=true&version=2000897&sig=OmGPS8bW&apv=false&false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fwww.walla.co.il%2F
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b7ca8f20e5a453260156ce7d53ec072603d222ca6332864464e7c0b6ef764b74

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:42:59 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, HHN, Europe1
x-timer: S1663677780.730906,VS0,VE111
accept-ranges: bytes
x-served-by: cache-lga13620-LGA, cache-hhn4044-HHN
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-cache-hits: 0, 0
x-traceid: 8eb50705bd03309b2e91c294dfcdc372
content-encoding: gzip
content-length: 1212
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 357ms
117ms XHR
application/json 64.202.112.255
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1663677779841&sessionId=b681c72b-605f-02d8-5268-7fe3290398d9&url=www.walla.co.il&cheqSource=1&cheqEvent=2&responseTime=680
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.255 Lovettsville, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Sep 2022 12:43:00 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: e8ad740ca99c904dffaacdd81dcf531f
Content-Length: 4
Expires: 0

GET
H2 200 imp.gif
flint.defybrick.com/tracker/ 43 B
79 B 122ms
95ms Image
image/gif 2600:1f18:e8a:cd08:3437:aff5:50c:d298
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flint.defybrick.com/tracker/imp.gif?e=37dfbd8ee84e00136cedc132ed408d949225c24f567d51c5c30f41b0254384cfa532ff1a285aa40e98d022e0b44dc87ea4a36fde4c1b8c682309094d0ba0bfea9475489e91da563e351aff717718956a8b70cd0130003f8101424d3f065cc3bf775d36fa26e877cb55e2cc7ce2586fb01f6f3903d053f054abd1c5d52fe87547ed62d2f1157f84163312714493d6516dfd78ade6d5e3471ebd498bbd39e821db61c45085052aae2d05f91e46042dcb5b32b49affa125be2ab8589801f95c0c2cf38e6b256a655c9b6599857ea95a61a7d4f232331e32d786302080903b477442750c1bef8828796d76e4ba152cebfea755c9a444771e2bb5a5a384800cc6b9a326f746c0016537dd9fcfe6ad6b89cc9133d56c5384e6c82c1d08f77f6aa999117aefdafe64ec57a917f0dd07c74cccd17cc22a2984db7299779ac0e8f4dae8b2102dff29b3b9f92e0230ea816090e742bb434553d65b5c8686d69e81b2c527df21d6deedc85ec54d5814aa5f0ddbc3961c7486b827fc02b6c51dcd76fc79451b0fcb64eb59d897fa24bb843e9349a7c19ccc7780191c2de84b011f6b4a70c9af2fb54898c78969e5d025fb976c82d1a7be6d88b3f6526a3ed0b81004cbb949023ba5a2ad67a63d86e95ee9fc2db175bc32905bc809d1a83ddb0721e4aa8e7b3c39641f37085a17b6fc8a6cd06fab571d5123eac03acd840a5eecb2dea6ae2993ffeef89aeaeca4090969b934d9f3072ada1d3209dd271f3439ea69ec360bc8eb8c&cb=1663677779840&cri=dwhMqjtF75
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd08:3437:aff5:50c:d298 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:42:59 GMT
cache-control: no-cache, no-store, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT
content-length: 43
content-type: image/gif

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 382ms
92ms Fetch
text/plain 64.202.112.255
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=34d889ebb28e17a5b9fc434903834128_1769_1663677779792&tm=935&eT=6&wRV=2000897&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&cheq=2&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.255 Lovettsville, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Tue, 20 Sep 2022 12:43:00 GMT
content-encoding: gzip
X-TraceId: 9cf17b9fe93ec49e5fcadfcdb7b81ca9
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H2 200 get Show response
odb.outbrain.com/utils/ 12 KB
4 KB 121ms
119ms Script
text/javascript 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.walla.co.il%2F&idx=1&rand=99981&key=NANOWDGT01&widgetJSId=HPP&va=true&et=true&format=html&t=MzRkODg5ZWJiMjhlMTdhNWI5ZmM0MzQ5MDM4MzQxMjg=&adblck=false&abwl=false&clss=RZHZjuxJkIg2ruSRO5EdgYH3nG0x%2BjbkfEAExPX8XcL5BgYT7lZ5qaNnaMefN6OZqpBtedOPf4WlIZHb&px=209&py=889&vpd=0&cw=282&activeTab=true&darkMode=false&ab=0&wl=0&settings=true&recs=true&version=2000897&sig=OmGPS8bW&apv=false&false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fwww.walla.co.il%2F
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b4220de149187ddf5f358bcd9bb12833af18f5346b10cdde32fbe7f8e291aa53

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:42:59 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, HHN, Europe1
x-timer: S1663677780.875376,VS0,VE110
accept-ranges: bytes
x-served-by: cache-lga13627-LGA, cache-hhn4044-HHN
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-cache-hits: 0, 0
x-traceid: 3d038f135f0440e99535189a387a338a
content-encoding: gzip
content-length: 3862
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ 3 KB
3 KB 56ms
0ms Image
image/svg+xml 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:00 GMT
last-modified: Mon, 12 Sep 2022 07:37:47 GMT
server: AkamaiNetStorage
etag: "9d26fa4e7238ed94f1d0d92afb453b3e:1662969032.874716"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2735
expires: Thu, 20 Oct 2022 12:43:00 GMT

GET
H2 200 ob_logo_16x16.svg
widgets.outbrain.com/images/widgetIcons/ 13 KB
14 KB 90ms
3ms Image
image/svg+xml 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/ob_logo_16x16.svg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: c3c89d5295be3c6415416b83a9e4c0fc67a790e55713ddc3f2d0c07185779acf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:00 GMT
last-modified: Mon, 12 Sep 2022 07:37:47 GMT
server: AkamaiNetStorage
etag: "af7be0711fb1cf2f41bb793256c8f148:1662969048.571231"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 13687
expires: Thu, 20 Oct 2022 12:43:00 GMT

GET
H/1.1 200
OK widgetGlobalEvent Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 212ms
97ms Fetch
application/json 64.202.112.255
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=82e842e6b19ded3055aa4a2ddca5c8bf&pvId=34d889ebb28e17a5b9fc434903834128&sid=7990615&pid=1769&idx=1&wId=132&pad=0&org=0&tm=1073&eT=0&cnsnt=no_consent&widgetWidth=282&widgetHeight=36&widgetX=209&widgetY=898&wRV=2000897&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&rtt=129&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.255 Lovettsville, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Sep 2022 12:43:00 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 60026aa9decf7c369a1a345f6a701f30
Content-Length: 4
Expires: 0

GET
H2 200 streamFeed.js Show response
widgets.outbrain.com/nanoWidget/2000897/module/ 39 KB
14 KB 74ms
5ms Script
application/x-javascript 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/2000897/module/streamFeed.js?e=1
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 272a83e862b01b93f18d36955fc51f754df6e632c23a514b3a8b4dac4ed6713e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:00 GMT
content-encoding: gzip
last-modified: Mon, 19 Sep 2022 09:35:33 GMT
server: AkamaiNetStorage
etag: "1752ce9074904b2827ecec942cb29532:1663583065.52127"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 14150
expires: Tue, 20 Sep 2022 16:43:00 GMT

GET
H2 200 get Show response
odb.outbrain.com/utils/ 5 KB
2 KB 199ms
131ms Script
text/javascript 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.walla.co.il%2F&idx=2&rand=5794&key=NANOWDGT01&widgetJSId=HPC_2&va=true&et=true&format=html&t=MzRkODg5ZWJiMjhlMTdhNWI5ZmM0MzQ5MDM4MzQxMjg=&adblck=false&abwl=false&clss=RZHZjuxJkIg2ruSRO5EdgYH3nG0x%2BjbkfEAExPX8XcL5BgYT7lZ5qaNnaMefN6OZqpBtedOPf4WlIZHb&px=535&py=4073&vpd=2873&cw=865&activeTab=true&darkMode=false&ab=0&wl=0&settings=true&recs=true&version=2000897&sig=OmGPS8bW&apv=false&false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fwww.walla.co.il%2F
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3e13cf7d22b94a34be7a856e83e31a9d0e2c93e4e794e86a4e636a9c434474f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:00 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, HHN, Europe1
x-timer: S1663677780.080904,VS0,VE114
accept-ranges: bytes
x-served-by: cache-lga21952-LGA, cache-hhn4044-HHN
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-cache-hits: 0, 0
x-traceid: 9964bf56d14fd59242a6350d053215f1
content-encoding: gzip
content-length: 2099
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/160447/3622/ 262 KB
81 KB 130ms
31ms Script
text/javascript 184.51.9.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/160447/3622/pwt.js
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1663632000000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.34 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-34.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 5112533882ea77891976997afbeaf5416df1ac1a423c8177fdfce6d5e4e3bce9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:00 GMT
content-encoding: gzip
last-modified: Wed, 14 Jul 2021 08:22:46 GMT
server: Apache
etag: "1481c32-41771-5c7110f340cdf"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=171255
accept-ranges: bytes
content-type: text/javascript
content-length: 82748
expires: Thu, 22 Sep 2022 12:17:15 GMT

GET
H2 200 / Show response
csync.smilewanted.com/ 6 KB
2 KB 103ms
47ms Script
application/javascript 104.18.25.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1663632000000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.25.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eef3229975dcea05e62c3c6a907c2b9c50a68b07a632ce4fa232a41a0bcb1ad9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:00 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-credentials: true
cf-ray: 74daa4eddbb79225-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 98ms
28ms XHR
application/json 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220920

Requested by

Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1663632000000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

43c662869b90b291f0a722aefbcc83aebaab24595d93a845fe60a41b8a6d74e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 34918
x-jsd-version: 1.0.1468
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 799
etag: W/"66f-3DWdCVBoIAdEbBm/UcRcrYPeVUo"
x-served-by: cache-fra19178-FRA
x-jsd-version-type: version
date: Tue, 20 Sep 2022 12:43:00 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 localstore.js Show response
script.4dex.io/ 483 B
871 B 408ms
40ms Script
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1663632000000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:00 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 938493
x-amz-request-id: txaf6e2c1c2f9f41df87375-00631b6357
x-amz-id-2: txaf6e2c1c2f9f41df87375-00631b6357
last-modified: Fri, 09 Sep 2022 16:00:45 GMT
server: cloudflare
etag: W/"922cffdd75f7192f75231d92684885aa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FWKr6WeB4uxdvHaC1gxypWollJwpGnbrAtO8PHuvIv%2BEWtiRgLwr%2B2FEfVMYX1TPQYe13%2BxkD9FIei3Ir0qXpWfpCB1osSH7kPhwOihgO9EqP%2FsMvljdyjamEHHmHok83ExwzrqlVu8GXDFZ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=1800
x-amz-version-id: 1662739245697142
cf-ray: 74daa4f01c5e9a17-FRA

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 468 B
1 KB 144ms
143ms XHR
application/json 185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1663632000000

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

893131765494210dc8f7c5ccebdb66531249b791ca24bfcbff5e9d83db1310de

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 20 Sep 2022 12:43:00 GMT
X-Proxy-Origin: 37.58.58.250; 37.58.58.250; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: d605d1c0-02b7-419d-a22a-cb673adc10da
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.walla.co.il
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 468
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 36 B
564 B 162ms
81ms XHR
application/json 104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=715831&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2262a217cd96817b%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.walla.co.il%2F%22%2C%22ref%22%3A%22https%3A%2F%2Fwww.walla.co.il%2F%22%2C%22domain%22%3A%22walla.co.il%22%2C%22publisher%22%3A%7B%22domain%22%3A%22walla.co.il%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A5%2C%22msi%22%3A5%2C%22mfu%22%3A0%2C%22bu%22%3A4%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A4%2C%22ren%22%3Afalse%2C%22version%22%3A%226.29.3%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fwww.walla.co.il%2F%22%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22760a376f0be32a%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A120%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22715831%22%2C%22sid%22%3A%22120x600%22%7D%7D%2C%7B%22w%22%3A160%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22715831%22%2C%22sid%22%3A%22160x600%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%2243010785%2Fwallanews%2Fmain%2Fskyscraper_desktop%22%2C%22gpid%22%3A%2243010785%2Fwallanews%2Fmain%2Fskyscraper_desktop%22%7D%7D%2C%7B%22id%22%3A%2295c4f47f7255b8%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22715831%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%2243010785%2Fwallanews%2Fmain%2Fyad2_rectangle_desktop%22%2C%22gpid%22%3A%2243010785%2Fwallanews%2Fmain%2Fyad2_rectangle_desktop%22%7D%7D%2C%7B%22id%22%3A%2210e44678feef7b3%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22715831%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%2243010785%2Fwallanews%2Fmain%2Fshopping_rectangle%22%2C%22gpid%22%3A%2243010785%2Fwallanews%2Fmain%2Fshopping_rectangle%22%7D%7D%2C%7B%22id%22%3A%22110fd3716fb424b%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22715831%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%2243010785%2Fwallanews%2Fmain%2Fsport_small_rectangle_desktop%22%2C%22gpid%22%3A%2243010785%2Fwallanews%2Fmain%2Fsport_small_rectangle_desktop%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22valuad.io%22%2C%22sid%22%3A%2215113%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1663632000000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b6323cb7ededde058a3d9b58673fe8bb7de7af787996d66d6a993ed8f1f7b13

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:43:00 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZwLRVif4PF6rUfAlsWbf0VKu%2BubdSZIDDlUgCDuH2ItgMX33E3J0rkzQZvb5R4Z7exx2NI32PvBwp7YXNiCtlUD55UXo1Mzk7P4FMx1m1lzBPA8E3fyJDBrXmGq523YeW8K9S%2Fxd"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.walla.co.il
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 74daa4ee8ba768f5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36
expires: 0

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
363 B 379ms
22ms XHR
application/json 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1663632000000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://www.walla.co.il
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 416 B
1 KB 162ms
46ms XHR
application/json 2602:803:c003:200::61
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=9&alt_size_ids=8&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.ref=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.page=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.domain=walla.co.il&tg_i.pbadslot=43010785%2Fwallanews%2Fmain%2Fskyscraper_desktop&tk_flint=pbjs_lite_v6.29.3&x_source.tid=d43ef7f2-3b0c-4e22-9aca-109467c9896d&l_pb_bid_id=18325f9d2664b6b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Fmain%2Fskyscraper_desktop&slots=1&rand=0.42270290316386916
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1663632000000
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 30977bc1bd3c7bafeab8cc815380a4843babfd520f0ccf0be52528ed7d829df0

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 20 Sep 2022 12:43:00 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.walla.co.il
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 416
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 402 B
1 KB 172ms
56ms XHR
application/json 2602:803:c003:200::61
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=15&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.ref=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.page=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.domain=walla.co.il&tg_i.pbadslot=43010785%2Fwallanews%2Fmain%2Fyad2_rectangle_desktop&tk_flint=pbjs_lite_v6.29.3&x_source.tid=9ced6543-7ea7-4c4b-958e-c9bb536c87b1&l_pb_bid_id=192b75aa6c0c071&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Fmain%2Fyad2_rectangle_desktop&slots=1&rand=0.0916434027188675
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1663632000000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 2ba5999470a8827deb55109d487637c9211c90db62db9b59c266904dc716fe6d

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 20 Sep 2022 12:43:00 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.walla.co.il
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 402
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 398 B
1 KB 190ms
69ms XHR
application/json 2602:803:c003:200::61
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=15&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.ref=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.page=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.domain=walla.co.il&tg_i.pbadslot=43010785%2Fwallanews%2Fmain%2Fshopping_rectangle&tk_flint=pbjs_lite_v6.29.3&x_source.tid=5b7c93de-df0e-4b31-8d69-5ce438022c8a&l_pb_bid_id=208b7ca324ad31e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Fmain%2Fshopping_rectangle&slots=1&rand=0.8565012961628762
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1663632000000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: b899cc3231df665e617506810a80c113b207023dec2fd122894db196df443c68

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 20 Sep 2022 12:43:00 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.walla.co.il
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 398
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 409 B
1 KB 201ms
39ms XHR
application/json 2602:803:c003:200::61
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=15&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.ref=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.page=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.domain=walla.co.il&tg_i.pbadslot=43010785%2Fwallanews%2Fmain%2Fsport_small_rectangle_desktop&tk_flint=pbjs_lite_v6.29.3&x_source.tid=23e74542-f931-4054-8273-51c06616b117&l_pb_bid_id=2140428dc097a95&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Fmain%2Fsport_small_rectangle_desktop&slots=1&rand=0.3857624153450778
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1663632000000
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 58f3a1550aa8f19e8e478bb40f5c4382ca956dd3ee7aa194f02c54a7311a938f

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 20 Sep 2022 12:43:00 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.walla.co.il
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 409
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 204
No Content / Show response
b1h-euc1.zemanta.com/api/bidder/prebid/bid/ 0
145 B 323ms
19ms XHR
text/plain 213.227.153.223
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://b1h-euc1.zemanta.com/api/bidder/prebid/bid/
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1663632000000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.227.153.223 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

Connection: keep-alive
Access-Control-Allow-Origin: https://www.walla.co.il
Access-Control-Allow-Credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
337 B 210ms
20ms XHR
application/json 5.135.209.97
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1663632000000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.135.209.97 , France, ASN16276 (OVH, FR),
Reverse DNS: ip97.ip-5-135-209.eu
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:43:00 GMT
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.walla.co.il
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
337 B 212ms
23ms XHR
application/json 5.135.209.97
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1663632000000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.135.209.97 , France, ASN16276 (OVH, FR),
Reverse DNS: ip97.ip-5-135-209.eu
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:42:59 GMT
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.walla.co.il
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
337 B 212ms
24ms XHR
application/json 5.135.209.97
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1663632000000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.135.209.97 , France, ASN16276 (OVH, FR),
Reverse DNS: ip97.ip-5-135-209.eu
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:43:00 GMT
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.walla.co.il
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H2 200 v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ 892 B
1 KB 183ms
94ms XHR
application/json 185.255.84.150
IGUANE-

General

Check archive.org

Show headers Download Go to

Full URL

https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.walla.co.il%2F&CanonicalUrl=https%3A%2F%2Fwww.walla.co.il%2F&PublisherDomain=walla.co.il

Requested by

Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1663632000000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.150 Ivry-sur-Seine, France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

8d2ce2da8a54f828a84f1d4d49ae49864e28248687d9ceda3f7fdfbcd003204b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:43:00 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.walla.co.il
access-control-max-age: 3600
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 74
access-control-allow-headers: Accept-Encoding, Content-Type
content-length: 892
expires: 0

POST
H2 200 cdb Show response
bidder.criteo.com/ 18 B
313 B 350ms
32ms XHR
application/json 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.29.3&cb=94267216734

Requested by

Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1663632000000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 20 Sep 2022 12:42:59 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.walla.co.il
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 44

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
337 B 208ms
25ms XHR
application/json 5.135.209.97
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1663632000000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.135.209.97 , France, ASN16276 (OVH, FR),
Reverse DNS: ip97.ip-5-135-209.eu
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:42:59 GMT
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.walla.co.il
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
337 B 209ms
25ms XHR
application/json 5.135.209.97
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1663632000000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.135.209.97 , France, ASN16276 (OVH, FR),
Reverse DNS: ip97.ip-5-135-209.eu
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:42:59 GMT
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.walla.co.il
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
337 B 209ms
26ms XHR
application/json 5.135.209.97
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1663632000000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.135.209.97 , France, ASN16276 (OVH, FR),
Reverse DNS: ip97.ip-5-135-209.eu
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:42:59 GMT
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.walla.co.il
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
337 B 237ms
27ms XHR
application/json 5.135.209.97
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1663632000000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.135.209.97 , France, ASN16276 (OVH, FR),
Reverse DNS: ip97.ip-5-135-209.eu
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:42:59 GMT
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.walla.co.il
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
36 B 66ms
45ms XHR
text/plain 104.18.25.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1663632000000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.25.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 20 Sep 2022 12:43:00 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://www.walla.co.il
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 74daa4ee3c4f9225-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
67 B 64ms
44ms XHR
text/plain 104.18.25.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1663632000000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.25.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 20 Sep 2022 12:43:00 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://www.walla.co.il
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 74daa4ee3c519225-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
36 B 77ms
58ms XHR
text/plain 104.18.25.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1663632000000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.25.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 20 Sep 2022 12:43:00 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://www.walla.co.il
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 74daa4ee3c549225-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
36 B 76ms
58ms XHR
text/plain 104.18.25.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1663632000000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.25.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 20 Sep 2022 12:43:00 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://www.walla.co.il
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 74daa4ee3c579225-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
277 B 118ms
38ms XHR
text/plain 147.75.85.234
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1663632000000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.walla.co.il
date: Tue, 20 Sep 2022 12:43:00 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 11
vary: origin, Accept-Encoding

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 94 B
748 B 151ms
74ms XHR
application/json 72.251.249.13
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.29.3
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1663632000000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.13 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: 856c95fed84b26fb585dac62ad237b369a0693ed78dfa156360f88459b0d9cd6

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 20 Sep 2022 12:43:00 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://www.walla.co.il
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 100

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 481 B
1 KB 262ms
160ms XHR
application/json 185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1663632000000

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

ec2-18-159-242-39.eu-central-1.compute.amazonaws.com

Software

nginx/1.21.3 /

Resource Hash

ce740b6347d572e8e745acd0b83be7b0e0f2b427f3a15bed8c14c6a5547c9eff

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 20 Sep 2022 12:43:00 GMT
X-Proxy-Origin: 37.58.58.250; 37.58.58.250; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: bad81b52-c221-402c-987d-64b72c5a022d
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.walla.co.il
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 481
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
116 B 388ms
42ms XHR
text/plain 185.64.190.77
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1663632000000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.77 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.walla.co.il
date: Tue, 20 Sep 2022 12:43:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 prebid Show response
mp.4dex.io/ 114 B
498 B 102ms
43ms XHR
application/json 2606:4700::6812:272
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1663632000000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e31dab0354f0bba6ca2cc145f4c1fcde8c8908cdce595aef696e35177817bdd8

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

cf-ray: 74daa4eeae669b40-FRA
pragma: no-cache
date: Tue, 20 Sep 2022 12:43:00 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.walla.co.il
expires: 0
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
x-err: Shapings: no adunits with size and seat and mapping

GET
H2 200 arj Show response
u.openx.net/w/1.0/ 73 B
378 B 139ms
76ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.walla.co.il%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=d43ef7f2-3b0c-4e22-9aca-109467c9896d%2C9ced6543-7ea7-4c4b-958e-c9bb536c87b1%2C5b7c93de-df0e-4b31-8d69-5ce438022c8a%2C23e74542-f931-4054-8273-51c06616b117&nocache=1663677780199&ph=699eab9c-3b10-4094-afdb-80584fcca830&schain=1.0%2C1!valuad.io%2C15113%2C1%2C%2C%2C&aus=120x600%2C160x600%7C300x250%7C300x250%7C300x250&divids=adSlot-2%2CadSlot-4%2CadSlot-5%2CadSlot-7&aucs=43010785%252Fwallanews%252Fmain%252Fskyscraper_desktop%2C43010785%252Fwallanews%252Fmain%252Fyad2_rectangle_desktop%2C43010785%252Fwallanews%252Fmain%252Fshopping_rectangle%2C43010785%252Fwallanews%252Fmain%252Fsport_small_rectangle_desktop&auid=544104782%2C544104782%2C544104782%2C544104782
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1663632000000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 747b5153689b55d6609bd66c98910a21d50c49a8f80f7fb03b62b89d795bc307

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:43:00 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.walla.co.il
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
507 B 371ms
65ms XHR
application/json 18.159.242.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=6.29.3&referrer=https%3A%2F%2Fwww.walla.co.il%2F&tmax=3000

Requested by

Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1663632000000

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.159.242.39 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:43:00 GMT
accept-ch: sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.walla.co.il
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 351ms
23ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.walla.co.il

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091501.js?cb=31069671

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Sep 2022 12:43:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 163ms
60ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.walla.co.il

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091501.js?cb=31069671

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Sep 2022 12:43:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 70 KB
18 KB 415ms
412ms XHR
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1827664075416353&correlator=496323502661765&eid=31068457%2C31068929%2C31069671%2C31062930&output=ldjh&gdfp_req=1&vrg=2022091501&ptt=17&impl=fifs&iu_parts=43010785%2Cwallanews%2Cmain%2Cnickbar_desktop%2Ctop_desktop%2Cpremium_rectangle1_desktop%2Cdontmiss_strip_desktop%2Crm1_desktop%2Crm2_desktop%2Crm3_desktop%2Crm4_desktop%2Crm5_desktop%2Crm6_desktop%2Crm7_desktop%2Crm8_desktop%2Crm9_desktop%2Crm10_desktop%2Crm11_desktop%2Crm12_desktop&enc_prev_ius=0%2F1%2F2%2F3%2C0%2F1%2F2%2F4%2C0%2F1%2F2%2F5%2C0%2F1%2F2%2F6%2C0%2F1%2F2%2F7%2C0%2F1%2F2%2F8%2C0%2F1%2F2%2F9%2C0%2F1%2F2%2F10%2C0%2F1%2F2%2F11%2C0%2F1%2F2%2F12%2C0%2F1%2F2%2F13%2C0%2F1%2F2%2F14%2C0%2F1%2F2%2F15%2C0%2F1%2F2%2F16%2C0%2F1%2F2%2F17%2C0%2F1%2F2%2F18&prev_iu_szs=1200x40%2C1x1%7C480x1%7C480x270%7C640x753%7C640x1%7C770x430%7C728x90%7C720x300%7C970x2%7C970x1%7C970x90%7C970x130%7C970x180%7C970x250%7C970x330%7C970x350%7C970x550%7C990x160%7C1200x1%7C1200x90%7C1200x250%7C1200x330%7C1200x350%7C1200x550%2C300x200%2C320x50%7C865x190%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1&fluid=0%2C0%2C0%2Cheight%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ifi=1&adks=1750305995%2C885339185%2C2822717126%2C3185403617%2C581680297%2C3350566118%2C627877340%2C4035892786%2C2413266993%2C3423946703%2C941261747%2C3384287594%2C2655517678%2C199863102%2C41169729%2C2603141497&sfv=1-0-38&ists=4095&fsapi=false&prev_scp=slot_name%3Dnickbar_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Dtop_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Dpremium_rectangle1_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Ddontmiss_strip_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm1_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm2_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm3_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm4_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm5_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm6_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm7_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm8_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm9_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm10_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm11_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm12_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1&eri=1&cust_params=permutive%3D&sc=1&cookie_enabled=1&abxe=1&dt=1663677780239&lmt=1663677780&dlt=1663677777340&idt=194&adxs=200%2C920%2C200%2C535%2C800%2C800%2C800%2C800%2C800%2C800%2C800%2C800%2C800%2C800%2C800%2C800&adys=1200%2C20%2C874%2C2471%2C10568%2C10568%2C10568%2C10568%2C10568%2C10568%2C10568%2C10568%2C10568%2C10568%2C10568%2C10568&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1%7C0%7C0%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7C10%7C11%7C12%7C13%7C14&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf%7Cg&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.walla.co.il%2F&frm=20&vis=1&psz=0x-1%7C1200x0%7C300x0%7C865x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0&msz=1200x-1%7C480x0%7C300x0%7C865x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0&fws=644%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132&ohw=0%2C1200%2C300%2C865%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600&ga_vid=1449003620.1663677779&ga_sid=1663677780&ga_hid=991473083&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091501.js?cb=31069671

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7d75c243e6582ff02c72f180e6f1ef308a6359cc5d2dfe77613670890ca2f67c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:00 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18291
x-xss-protection: 0
google-lineitem-id: -2,-1,-1,-2,38340105,38284305,-2,-2,-2,-2,-2,-2,-2,-2,38240625,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-1,-1,-2,68907848985,68907848985,-2,-2,-2,-2,-2,-2,-2,-2,68907848985,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.walla.co.il
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D0B6 6 KB
4 KB 259ms
20ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091501.js?cb=31069671

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 20 Sep 2022 12:43:00 GMT
expires: Wed, 20 Sep 2023 12:43:00 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK widgetGlobalEvent Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 90ms
89ms Fetch
application/json 64.202.112.255
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=82e842e6b19ded3055aa4a2ddca5c8bf&pvId=34d889ebb28e17a5b9fc434903834128&sid=7990615&pid=1769&idx=1&wId=132&pad=0&org=0&tm=1442&eT=3&cnsnt=no_consent&wRV=2000897&pVis=0&lsd=-1&eIdx=0&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.255 Lovettsville, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Sep 2022 12:43:00 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 3e6e12c16786bc6066cfe1f9367e652e
Content-Length: 4
Expires: 0

POST
H3 200 / Show response
www.facebook.com/tr/ Frame B9AB 0
15 B 15ms
13ms Document
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.walla.co.il
Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.walla.co.il
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Tue, 20 Sep 2022 12:43:00 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 8339 0
15 B 35ms
33ms Document
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.walla.co.il
Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.walla.co.il
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Tue, 20 Sep 2022 12:43:00 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H/1.1 200
OK widgetGlobalEvent Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 95ms
89ms Fetch
application/json 64.202.112.255
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=081c47489ca83eb2ae99c80e2e17d621&pvId=34d889ebb28e17a5b9fc434903834128&sid=7990615&pid=1769&idx=2&wId=199&pad=0&org=0&tm=1522&eT=0&cnsnt=no_consent&widgetWidth=865&widgetHeight=0&widgetX=535&widgetY=4074&wRV=2000897&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&rtt=444&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.255 Lovettsville, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Sep 2022 12:43:00 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 759e4cd8fc0a9b6233a34f500657b452
Content-Length: 4
Expires: 0

GET
H2 200 get Show response
odb.outbrain.com/utils/ 17 KB
5 KB 160ms
154ms Script
text/javascript 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.walla.co.il%2F&idx=3&rand=35011&key=NANOWDGT01&widgetJSId=HPC&va=true&et=true&format=html&t=MzRkODg5ZWJiMjhlMTdhNWI5ZmM0MzQ5MDM4MzQxMjg=&adblck=false&abwl=false&clss=RZHZjuxJkIg2ruSRO5EdgYH3nG0x%2BjbkfEAExPX8XcL5BgYT7lZ5qaNnaMefN6OZqpBtedOPf4WlIZHb&px=535&py=10488&vpd=9288&cw=865&activeTab=true&darkMode=false&ab=0&wl=0&settings=true&recs=true&version=2000897&sig=OmGPS8bW&apv=false&false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fwww.walla.co.il%2F
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: db395bb59b5b8d094337eb139abd38617639c1561cf218fe76476067fdb3e80b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:00 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, HHN, Europe1
x-timer: S1663677780.457095,VS0,VE141
accept-ranges: bytes
x-served-by: cache-lga21959-LGA, cache-hhn4044-HHN
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-cache-hits: 0, 0
x-traceid: 9740b8a01ba3615c9a8b33c9c4ca230f
content-encoding: gzip
content-length: 4559
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 get Show response
mv.outbrain.com/Multivac/api/ 5 KB
3 KB 230ms
177ms Script
text/javascript 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fwww.walla.co.il%2F&settings=true&recs=true&widgetJSId=HPP&key=NANOWDGT01&version=2000897&apv=false&sig=OmGPS8bW&format=html&rand=70373&osLang=en-US&va=true&et=true&cmpStat=0&ccpaStat=0&scrW=1600&scrH=1200&t=MzRkODg5ZWJiMjhlMTdhNWI5ZmM0MzQ5MDM4MzQxMjg=&winW=1600&winH=1200&adblck=false&abwl=false&secured=true&feedIdx=1&lastIdx=3&lastCardIdx=0&fAB=11731-42692&layeredTestInfo=11731-42692-&clss=RZHZjuxJkIg2ruSRO5EdgYH3nG0x%2BjbkfEAExPX8XcL5BgYT7lZ5qaNnaMefN6OZqpBtedOPf4WlIZHb&dpr=1&cw=282&darkMode=false&activeTab=true&ogn=https%3A%2F%2Fwww.walla.co.il%2F
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/2000897/module/streamFeed.js?e=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 78e298b764d4cbb4a9153e9d5b34759d04657d38fa303738a454c20674694b59

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:00 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, HHN, Europe1
x-timer: S1663677781.513538,VS0,VE168
accept-ranges: bytes
x-served-by: cache-lga13625-LGA, cache-hhn4044-HHN
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-cache-hits: 0, 0
x-traceid: 7a9f8280a4e626e1cf1e876ef2c5e613
content-encoding: gzip
content-length: 2530
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 decode_consent.js Show response
static.smilewanted.com/js/decode_consent/ 48 KB
12 KB 46ms
32ms Script
application/javascript 104.18.25.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.smilewanted.com/js/decode_consent/decode_consent.js

Requested by

Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.25.121 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 504103
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Thu, 15 Apr 2021 17:11:55 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"607873db-c1ce"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
cache-control: public, max-age=315360000
cf-ray: 74daa4f0c8639225-FRA
expires: Fri, 17 Sep 2032 12:43:00 GMT

OPTIONS
H3 200 analytics
hb-dot-valuad.appspot.com/ Frame 0
0 138ms
107ms Preflight
text/html 2a00:1450:4001:806::2014
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://hb-dot-valuad.appspot.com/analytics?d=pubsub
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-request-id,x-vad-version
Access-Control-Request-Method: POST
Origin: https://www.walla.co.il
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-request-id,x-vad-version
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin: https://www.walla.co.il
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Tue, 20 Sep 2022 12:43:00 GMT
server: Google Frontend
x-cloud-trace-context: f3be211571671c47de269ff9998b7e78
x-request-id: undefined

POST
H3 200 analytics Show response
hb-dot-valuad.appspot.com/ 16 B
35 B 144ms
141ms Fetch
application/json 2a00:1450:4001:806::2014
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://hb-dot-valuad.appspot.com/analytics?d=pubsub
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1663632000000
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Accept: application/json
Referer: https://www.walla.co.il/
x-request-id: 036096b2-0c40-4249-b36f-64c4bbc3ef21
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
x-vad-version: 0.9.8
Content-Type: application/json

Response headers

date: Tue, 20 Sep 2022 12:43:00 GMT
server: Google Frontend
etag: W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.walla.co.il
x-cloud-trace-context: b48a191d3ef187e04e0bc740795b4d42
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16
x-request-id: undefined

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 78 KB
27 KB 357ms
356ms XHR
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1827664075416353&correlator=2845589472883509&eid=31068457%2C31068929%2C31069671%2C31062930&output=ldjh&gdfp_req=1&vrg=2022091501&ptt=17&impl=fifs&iu_parts=43010785%2Cwallanews%2Cmain%2Cskyscraper_desktop%2Cyad2_rectangle_desktop%2Cshopping_rectangle%2Csport_small_rectangle_desktop&enc_prev_ius=0%2F1%2F2%2F3%2C0%2F1%2F2%2F4%2C0%2F1%2F2%2F5%2C0%2F1%2F2%2F6&prev_iu_szs=120x600%7C160x600%2C320x50%7C300x400%2C320x50%7C300x250%7C300x260%2C320x50%7C300x250&fluid=0%2Cheight%2Cheight%2Cheight&ifi=17&adks=2273020712%2C1194681899%2C1073900268%2C2033830821&sfv=1-0-38&fsapi=false&prev_scp=slot_name%3Dskyscraper_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Dyad2_rectangle_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Dshopping_rectangle%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Dsport_small_rectangle_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1&eri=1&cust_params=permutive%3D&sc=1&cookie_enabled=1&abxe=1&dt=1663677780655&lmt=1663677780&dlt=1663677777340&idt=194&adxs=1480%2C200%2C200%2C200&adys=290%2C1027%2C1042%2C2100&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C15&ucis=h%7Ci%7Cj%7Ck&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.walla.co.il%2F&frm=20&vis=1&psz=0x0%7C300x0%7C300x0%7C300x0&msz=120x0%7C300x0%7C300x0%7C300x0&fws=132%2C132%2C132%2C132&ohw=0%2C300%2C300%2C300&ga_vid=1449003620.1663677779&ga_sid=1663677780&ga_hid=991473083&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091501.js?cb=31069671

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f55d7540916b6b057b8849e7dc9ac32b714ce6a8536cdab9af18ae29a92e0f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28019
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.walla.co.il
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adagio.js Show response
script.4dex.io/ 72 KB
23 KB 39ms
23ms Fetch
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 65910d9ad85211ab3195d9d6947901ca337e779f404344bc7209b5809d70e18c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:00 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 938491
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-request-id: tx624edffc7a704ef4b7af3-00631b6358
x-amz-id-2: tx624edffc7a704ef4b7af3-00631b6358
last-modified: Fri, 09 Sep 2022 16:00:45 GMT
server: cloudflare
etag: W/"831813ee9b2fc0d248741417a0e3b488"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aIAF2hFC8Jgmd6Wbvw3bqH3LyI0adgRqaPbxFUv%2BK6V%2BG17kwOvZcLg2EPiBt0yUzbIabhjaD8ApACFsyQRq2%2F7mZNTLwAf5aeqA7quzdsH46gw7Bl%2FDWVcHqqJCo96Q4BnJps1Wb8wJFKQ1"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
access-control-allow-credentials: true
x-amz-version-id: 1662739245061580
cf-ray: 74daa4f16f17bc03-FRA
access-control-allow-headers: Authorization

GET
H2 200 ob_logo_67x12.png
widgets.outbrain.com/images/widgetIcons/ 2 KB
3 KB 9ms
8ms Image
image/png 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/ob_logo_67x12.png
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:00 GMT
last-modified: Mon, 12 Sep 2022 07:37:47 GMT
server: AkamaiNetStorage
etag: "c52b07e749f7a09fa7b97b7e195e06ce:1662969049.940408"
access-control-allow-methods: GET,POST
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2326
expires: Thu, 20 Oct 2022 12:43:00 GMT

GET
H/1.1 200
OK widgetGlobalEvent Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 88ms
88ms Fetch
application/json 64.202.112.255
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=4cdb532dc7c05167200a0f34b1f3a6e5&pvId=34d889ebb28e17a5b9fc434903834128&sid=7990615&pid=1769&idx=3&wId=127&pad=0&org=0&tm=1774&eT=0&cnsnt=no_consent&widgetWidth=865&widgetHeight=44&widgetX=535&widgetY=10547&wRV=2000897&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&rtt=238&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.255 Lovettsville, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Sep 2022 12:43:00 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: ffc1961d42f6c32e054553972b628ac5
Content-Length: 4
Expires: 0

GET
H2 200 singleAnimationOnFeed.js Show response
widgets.outbrain.com/nanoWidget/2000897/module/ 503 B
667 B 15ms
15ms Script
application/x-javascript 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/2000897/module/singleAnimationOnFeed.js?e=1
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cccfbd3200304986084060cff977059fbd45ff060bfc8a6f1e11e23639fd7453

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:00 GMT
content-encoding: gzip
last-modified: Mon, 19 Sep 2022 09:35:33 GMT
server: AkamaiNetStorage
etag: "c5a65481963146ee65d941ed5d1f371c:1663583061.129903"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 339
expires: Tue, 20 Sep 2022 16:43:00 GMT

GET
H/1.1 200
OK widgetGlobalEvent Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 86ms
86ms Fetch
application/json 64.202.112.255
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=62f489c8a591aec78f029bbd92b8dea5&pvId=34d889ebb28e17a5b9fc434903834128&sid=7990615&pid=1769&idx=4&wId=1515&pad=0&org=0&tm=1795&eT=0&cnsnt=no_consent&widgetWidth=282&widgetHeight=0&widgetX=209&widgetY=939&wRV=2000897&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&rtt=259&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.255 Lovettsville, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Sep 2022 12:43:00 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: ff4847f74751165bfc1ce35b291a2213
Content-Length: 4
Expires: 0

GET
H2 200 get Show response
mv.outbrain.com/Multivac/api/ 22 KB
3 KB 207ms
207ms Script
text/javascript 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fwww.walla.co.il%2F&settings=true&recs=true&widgetJSId=HPC&key=NANOWDGT01&version=2000897&apv=false&sig=OmGPS8bW&format=html&rand=35606&osLang=en-US&va=true&et=true&cmpStat=0&ccpaStat=0&scrW=1600&scrH=1200&t=MzRkODg5ZWJiMjhlMTdhNWI5ZmM0MzQ5MDM4MzQxMjg=&winW=1600&winH=1200&adblck=false&abwl=false&secured=true&feedIdx=3&lastIdx=4&lastCardIdx=0&fAB=11741-0&layeredTestInfo=11741-0-&clss=RZHZjuxJkIg2ruSRO5EdgYH3nG0x%2BjbkfEAExPX8XcL5BgYT7lZ5qaNnaMefN6OZqpBtedOPf4WlIZHb&dpr=1&cw=865&darkMode=false&activeTab=true&ogn=https%3A%2F%2Fwww.walla.co.il%2F
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/2000897/module/streamFeed.js?e=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 2a39133c327084cfa0af848cc96c5b4f8ee2755150b74b65b743d1492ab5e43e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:00 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, HHN, Europe1
x-timer: S1663677781.722865,VS0,VE199
accept-ranges: bytes
x-served-by: cache-lga21957-LGA, cache-hhn4044-HHN
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-cache-hits: 0, 0
x-traceid: 40413f3fc934c9bd9409488e92cdb557
content-encoding: gzip
content-length: 3184
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 drop_cookie_sw.php Show response
csync.smilewanted.com/ Frame 5D95 0
335 B 40ms
39ms Document
text/html 104.18.25.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/drop_cookie_sw.php
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.25.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 74daa4f1899b9225-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 20 Sep 2022 12:43:00 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2

200

c78d34d8bca6f4128348c719eaa4f4 Show response
csync.smilewanted.com/set_partner_userid_get/freewheel/ Frame 8A4D
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
https://csync.smilewanted.com/set_partner_userid_get/freewheel/c78d34d8bca6f4128348c719eaa4f4

0
376 B

39ms
39ms

Document
text/html

104.18.25.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/freewheel/c78d34d8bca6f4128348c719eaa4f4
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.25.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 74daa4f29b409225-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 20 Sep 2022 12:43:00 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
Date: Tue, 20 Sep 2022 12:43:00 GMT
Expires: Tue, 20 Sep 2022 12:43:00 GMT
Location: https://csync.smilewanted.com/set_partner_userid_get/freewheel/c78d34d8bca6f4128348c719eaa4f4
Pragma: no-cache
Server: nginx
x-sticky-vk: 1663677780826027-591

GET
H3 200 container.html Show response
0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7801 6 KB
3 KB 45ms
15ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091501.js?cb=31069671

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 20 Sep 2022 12:43:00 GMT
expires: Wed, 20 Sep 2023 12:43:00 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 993F 6 KB
3 KB 82ms
63ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091501.js?cb=31069671

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 20 Sep 2022 12:43:00 GMT
expires: Wed, 20 Sep 2023 12:43:00 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A2F4 6 KB
3 KB 77ms
62ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091501.js?cb=31069671

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 20 Sep 2022 12:43:00 GMT
expires: Wed, 20 Sep 2023 12:43:00 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B5A4 6 KB
3 KB 33ms
22ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091501.js?cb=31069671

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 20 Sep 2022 12:43:00 GMT
expires: Wed, 20 Sep 2023 12:43:00 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2260 6 KB
3 KB 72ms
64ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091501.js?cb=31069671

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 20 Sep 2022 12:43:00 GMT
expires: Wed, 20 Sep 2023 12:43:00 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 v1
match.sharethrough.com/universal/ Frame E17D 0
0 93ms
9ms Document
text/plain 52.29.139.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.139.35 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-139-35.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

date: Tue, 20 Sep 2022 12:43:00 GMT

GET
H2

200

Yt01Ciiz1XOm3yWnFuKm Show response
csync.smilewanted.com/set_partner_userid_get/rtbhouse/ Frame AEED
Redirect Chain

https://creativecdn.com/cm-notify?pi=smilewanted
https://creativecdn.com/cm-notify?pi=smilewanted&tc=1
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/Yt01Ciiz1XOm3yWnFuKm?pi=smilewanted&tc=1

0
389 B

32ms
32ms

Document
text/html

104.18.25.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/Yt01Ciiz1XOm3yWnFuKm?pi=smilewanted&tc=1
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.25.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 74daa4f2cb939225-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 20 Sep 2022 12:43:00 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
date: Tue, 20 Sep 2022 12:43:00 GMT Tue, 20 Sep 2022 12:43:00 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/Yt01Ciiz1XOm3yWnFuKm?pi=smilewanted&tc=1
pragma: no-cache

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 7801 0
0 63ms
62ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CPVZhVLUpY-uRGrfD7_UP0J2ioAXJntKxXNWdkfdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzKgAdW20uoDyAEJqQIZDJvnBtOwPuACAKgDAaoE6QFP0PnQHR-EpJDCWwQcTeQsB0wcCHEUs0ARHkTnKFc1otbGsKO5KU_un8EGC-bLgt7P8LlKgxZDBbRRWx0tZ2A_QjSq_L4jmsHGJPswFOR8HJGq4VPYr3ObpWuh6stvwMkukUbEmGMari6CwMjdUjGYwETbhieb3qG5DF2oDd3iQw6vMZ93El9HCecdUkBDVCQ8yE5oHU88EHecn8J-nZ_b9Y_IUAbqSUpBljGhOSr5LfF5-JSDZipGO98skHXt_y-fSK1jJoCVslJzwEUuOwEke66N7roc2QEKY9uRjUVJ1DvHAYct2ZPmkuAEAYAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNDQ5MTY1OTQ5NjM3MjE3Mhjx5hM&sigh=QIej4CzJGOk&uach_m=[UACH]&cid=CAQSPACsnQUxB3mU_RaXgDwoF6rbOkqIGJknL9YANfCZA9cHydy6PKbK-yWIU_ohXE_0qzhpiQVP4_7eraOgnhgB
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame 7801 0
0 72ms
34ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=k5CTFOv_CsoH-gGdg2ICAgAAADemvdp8_LmJUwfGnKm6Zz0QU7UpY4HSR4425lnqYxtWABIAAA&wp=Yym1VAAGiOsIu-G3AAiO0IS-J6x7zJHNSTCB_w

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:00 GMT
server: Kestrel
server-processing-duration-in-ticks: 120607
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame F8D8 179 KB
55 KB 211ms
148ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Yym1VAAGiOsIu-G3AAiO0IS-J6x7zJHNSTCB_w&u=%7CTWikUgAWzVjCJw6y44bEzy7TGaiZ0MOUsdZBqgkQTlo%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtHRo7W7jK_gau617uSy9WvduFV_Sv0yVFoC-gBJblvvbiBJAJA9x09lGrEANNZlP7SqOqVCevq2j5SpejYl1PP6UWz_-x93X-kKub9XOC87Vp7g517GeuOyxi5wJs3heEg3W3qL5T5J_1tkrSZRpUjaEp6Y0oRTHOnXQkQzOCLQgSEvWg1uk-kS7Mv4X82FkVJYAN-TXQwh1MCbqgbqYEzhZdUAJ5aJ8MXuEwE6RB1laaeWTW_AUY0WQH9_T6VTFgqiLp-Lskuwz8aHRAcM0xyfpY3GV0zo0m1nw6jRc7KgXRc4XN6JOLy_fcEfYzV1eqfUcPxXAW3pJ4IKEvcAZfnnSGnCtViy-XF5Kyp694gBvmUXDcLN5CmyRI21aKFp96DuiNdX2h1vDQmka59H9VcOtV6clv8drH8YV5YFB3q-IcG-ZdUXrQoqvgcsceb2S4S7vERQxzzht3jIf5eH3l9Od9M0dhayqpak1aSvX1OmZkADrhZ5Q_pGFMb3ZUlqlo_vBQ7ZCq-hJOJ5-v0H3nl4Oe_x5d1iXfKIe-IYe-paE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzhFDVLUpY-uRGrfD7_UP0J2ioAXJntKxXNWdkfdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzKgAdW20uoDyAEJqQIZDJvnBtOwPuACAKgDAaoE7AFP0PnQHR-EpJDCWwQcTeQsB0wcCHEUs0ARHkTnKFc1otbGsKO5KU_un8EGC-bLgt7P8LlKgxZDBbRRWx0tZ2A_QjSq_L4jmsHGJPswFOR8HJGq4VPYr3ObpWuh6stvwMkukUbEmGMari6CwMjdUjGYwETbhieb3qG5DF2oDd3iQw6vMZ93El9HCecdUkBDVCQ8yE5oHU88EHecn8J-nZ_b9Y_IUAbqSUpBljGhOSr5LfF5-JSDZipGO98skHXt_y-fSK0hJKEHNd3v0_qyL6L0Rgh1564Wbwske1klRXjvJoTZLZ-ocxf1LcI7OuAEAYAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3MZxIohARBKCvyDfeHLk6PKubTRg%26client%3Dca-pub-4491659496372172%26adurl%3D

Requested by

Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

ad2e4c229b13973263d0f93760d96d0abc83e94c5ee7f8101002d60e5a98d87b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Tue, 20 Sep 2022 12:43:00 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=3tfl57BJsU4rBnsx-g7GHTn6CXsF8jFbZXkhaV9dcNy44GfRoerIANOa2MgYSr93Qj_laYqLa4k6Dg9pUGK9RggaBrza8J5zDeqVxC0Mde-08E_VPRUMP-9_bQezX_aF73npX-0JV4DqC7GNnTUgf3PmjFS1CRRdn3p3YBS8kmhH2cSpWKPX41VYQ0DFdGvNzniXxnZV-HNE65Xxk_Z8oaTfBiRikpMujEqddWfVIYZd2tz2OhKSh_MJga5XfQPWgr3tkg"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 135067725
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/ Frame 7801 3 KB
1 KB 98ms
31ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/window_focus_fy2021.js

Requested by

Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:31:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 670
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 Oct 2022 12:31:50 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame F067 1 KB
1 KB 87ms
23ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 76276
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Sep 2022 15:31:44 GMT
etag: 48472445140208031
expires: Tue, 20 Sep 2022 15:31:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/ Frame 7801 17 KB
8 KB 75ms
11ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:40:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 169
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7552
x-xss-protection: 0
server: cafe
etag: 1588701280721430806
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 Oct 2022 12:40:11 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 7801 0
0 57ms
24ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRvYnhDwkasNOf9tmtOtAe09I87hEAdn9H5xDthvPpxOILY-qBArOl29G_9T_pfhWegUXpUnukEaHuMUZHh5tzBh6iJ1w
Requested by: Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 7801 22 KB
7 KB 75ms
13ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 09:55:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10050
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 20 Sep 2023 09:55:30 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7801 140 KB
44 KB 61ms
31ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d71b1f9bb2c1439edff9c640fedc7e649eeaa3a1d5b5b08199a6877b3328a71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44544
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663587528796173"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 20 Sep 2022 12:43:00 GMT

GET
H/1.1

200
OK

setuid Show response
ib.adnxs.com/prebid/ Frame FFFF
Redirect Chain

https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%...
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=6f422dd2eeeb0011dd32bcb9da9bfb2c

43 B
1 KB

38ms
35ms

Document
image/gif

185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=6f422dd2eeeb0011dd32bcb9da9bfb2c

Requested by

Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

AN-X-Request-Uuid: c42898d6-8b0b-47ca-961e-c795899c4c5c
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Tue, 20 Sep 2022 12:43:00 GMT
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma: no-cache
Server: nginx/1.21.3
X-Proxy-Origin: 37.58.58.250; 37.58.58.250; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 74daa4f2bb6d9225-FRA
content-type: text/html; charset=UTF-8
date: Tue, 20 Sep 2022 12:43:00 GMT
location: https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=6f422dd2eeeb0011dd32bcb9da9bfb2c
server: cloudflare

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame B5A4 22 KB
7 KB 51ms
15ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 09:55:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10050
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 20 Sep 2023 09:55:30 GMT

GET
H3

200

3664297453309006094
tpc.googlesyndication.com/simgad/ Frame B5A4
Redirect Chain

https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjssUy-6HeRRBe7QNFRp0QReOEK3M_aqHw0L3kNd78pMZxAH8ZEFJjCuhebVxXPZHFafgnob7zKdoeULpnJVY1a1aB25UxA0b23Mj1i5BXCSQRpt-lBlDgA2rGK_4bmzODVVlSQdEW...
https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDLh7jr_AEQARgBMghMyp1u-ZMMNg
https://tpc.googlesyndication.com/simgad/3664297453309006094

924 B
951 B

16ms
14ms

Image
image/png

2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3664297453309006094

Requested by

Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7af3f3112479efd6da96c8e2ba21953abb8a8d9274be90096533f754750fd121

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 19:57:28 GMT
x-content-type-options: nosniff
age: 405933
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 924
x-xss-protection: 0
last-modified: Sat, 15 Apr 2017 10:38:22 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 15 Sep 2023 19:57:28 GMT

Redirect headers

date: Mon, 19 Sep 2022 19:04:06 GMT
x-content-type-options: nosniff
server: cafe
age: 63535
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://tpc.googlesyndication.com/simgad/3664297453309006094
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 19 Oct 2022 19:04:06 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame A2F4 22 KB
7 KB 54ms
24ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 09:55:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10050
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 20 Sep 2023 09:55:30 GMT

GET
H3

200

3664297453309006094
tpc.googlesyndication.com/simgad/ Frame A2F4
Redirect Chain

https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjsu3n2toM-xDSUrboWJcNVGDWYjxn_OiEGe1xFqZdRsnOtVDWk3v8VPw28mVDaoMVgK1SgytTJfEajUgSdM6mvJXuPYFfKafGL4uBX4TMYTdyOCH0fdNtOjMuQXiGaRoESbwkPJmX...
https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDLh7jr_AEQARgBMghMyp1u-ZMMNg
https://tpc.googlesyndication.com/simgad/3664297453309006094

924 B
951 B

17ms
14ms

Image
image/png

2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3664297453309006094

Requested by

Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7af3f3112479efd6da96c8e2ba21953abb8a8d9274be90096533f754750fd121

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 19:57:28 GMT
x-content-type-options: nosniff
age: 405933
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 924
x-xss-protection: 0
last-modified: Sat, 15 Apr 2017 10:38:22 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 15 Sep 2023 19:57:28 GMT

Redirect headers

date: Mon, 19 Sep 2022 19:04:06 GMT
x-content-type-options: nosniff
server: cafe
age: 63535
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://tpc.googlesyndication.com/simgad/3664297453309006094
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 19 Oct 2022 19:04:06 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 993F 0
0 61ms
60ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cu6N7VLUpY-yRGrfD7_UP0J2ioAXJntKxXM3x4t2IAcCNtwEQASAAYJWCgICUB4IBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyoAHVttLqA8gBCakCGQyb5wbTsD7gAgCoAwGqBPABT9CHLWEIDxWyR8fkwXi1D2NtYKadmUM26amwIYYnUhaP2PSNB4gFW2-YuSXIQpbv9Ab2kdtQhH247I5PJeQcuIGlY_9Ac3nLxjO6JJ1daWRD0aEn0CwbYelgM6omjmyIZzB2dU5fKvGsNMjoLtiqAaaKFDwP0wOcpRx30xbWIYIWQDsNMoJovMJ9DUDIFpNwhG267clJs9hoFkAbVZn-8CasYDc5dglxRBq5-e5HGbZUjip0kdoYzpGeALWXUuxAag7Ex0giojeffbotJ3YeP48B154xNI7DZnnfKU_EXneNDbjej8Vugz54C9HoM5ft4AQBgAbW2ZmMt-2TjJYBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi00NDkxNjU5NDk2MzcyMTcyGPHmEw&sigh=IZyM7IYK2bQ&uach_m=[UACH]&cid=CAQSPACsnQUxB3mU_RaXgDwoF6rbOkqIGJknL9YANfCZA9cHydy6PKbK-yWIU_ohXE_0qzhpiQVP4_7eraOgnhgB
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame 993F 0
0 241ms
16ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=k_mbC5PxG6wCyAGdg2ICAgAAALjck6Iuirl4UwfGnKm6Zz0QVLUpY6TFNWkJ9msRZZPbABIAAA&wp=Yym1VAAGiOwIu-G3AAiO0MnMWwAb_ayToQZ-iQ

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:00 GMT
server: Kestrel
server-processing-duration-in-ticks: 324560
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame D40D 218 KB
60 KB 221ms
195ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Yym1VAAGiOwIu-G3AAiO0MnMWwAb_ayToQZ-iQ&u=%7CTWikUgAWzVjFcrtgHufdRHdJRZ3AeOVKyQhO0IFcAmY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANTdjJFUnbHmDD4JrKCRuByX4xBS6ln5kM-X0LPZn_TEoRJnK1ikCXt7ZgHH_FsKuTBNpt7UKi8fjyuZz4WqTWO-7wBY-ytvH4ZkelGhe1phVNrKEolYodGgi6V7Coc4zdaUjhYbO58XZEIGHWePNBtNTvcgouhwWOlQK0OdYE8vGuQg0Rgt_CtQhNFoIxhd_DWtc6i_scW79o_HgaE-TvA6O9PB0kvzQAbKBTS9ABvbgZSkGuqhXYdDWySJVf9urfcJ0wC2ba43vrRwxPJKRhRDaNa_2SGpZ3OxsV48F6tnVjbkApwZSXD2th6ryGZq395DJjb5W40TB1DoSuL-NSy9RgB_txke00zzf-wWcfAe8POi3os3z-sTE-_n5Ir8xMgcnM-RuYTZ8Ub60c4ZCdBIW_HdESQOWZECWAwuunN-JN2qohsQFGgepGyo2FsGmsTp-zXW1mE_5BBSRQXr2-U1xlIAcUE70BcrPTwT2dt1WiNkYF34eSOPhe2NORZGPCIxmT_wGtfQAl30KkVJIt-kpACBtEgBYjEkdcNlFvGrTlgqpALh0yTc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgGv8VLUpY-yRGrfD7_UP0J2ioAXJntKxXM3x4t2IAcCNtwEQASAAYJWCgICUB4IBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyoAHVttLqA8gBCakCGQyb5wbTsD7gAgCoAwGqBPMBT9CHLWEIDxWyR8fkwXi1D2NtYKadmUM26amwIYYnUhaP2PSNB4gFW2-YuSXIQpbv9Ab2kdtQhH247I5PJeQcuIGlY_9Ac3nLxjO6JJ1daWRD0aEn0CwbYelgM6omjmyIZzB2dU5fKvGsNMjoLtiqAaaKFDwP0wOcpRx30xbWIYIWQDsNMoJovMJ9DUDIFpNwhG267clJs9hoFkAbVZn-8CasYDc5dglxRBq5-e5HGbZUjip0kdoYzpGeALWXUuxAag7Ex0giojefffgvBuSZsBMSaAIll17-wIHWPUVyVFmVjwwWsmOcPCBUE1RCt4RS3dG44AQBgAbW2ZmMt-2TjJYBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3Mk3SpW7Ay3IrxEUaIZ_57kz0gsg%26client%3Dca-pub-4491659496372172%26adurl%3D

Requested by

Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

df4b7c064d227babc2598ad22eca581b10206a07a63f4e050c6a82f1742a8154

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Tue, 20 Sep 2022 12:43:00 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=GwwbXbBJsU4rBnsxCBCtbf4Sw0g2kZ66hxMbOkQkb_8DRaNoXXOykYGxr8_IQ9lRB5HPcOWb8aBAKcec4tzg-vUbZ_pICmegWMhfEoK0UfHHLUehyW7wUFQPt_Gc-37-6UtYhT7huMONt3sUtQSCdJk5XZ17WwMSA2SRb9isv_qOZ3R_wfzUAMzf8q3sc2CWn5OKjXZUmi6O-nZUz--cszrSGSC2PdALXB_xtRGn3bsSTF7_XQTWewagh_-vQkpDLEnwgg"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 173693376
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/ Frame 993F 3 KB
1 KB 58ms
32ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/window_focus_fy2021.js

Requested by

Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:31:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 670
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 Oct 2022 12:31:50 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 0C66 1 KB
783 B 50ms
24ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 76276
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Sep 2022 15:31:44 GMT
etag: 48472445140208031
expires: Tue, 20 Sep 2022 15:31:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/ Frame 993F 17 KB
7 KB 50ms
26ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:40:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 169
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7552
x-xss-protection: 0
server: cafe
etag: 1588701280721430806
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 Oct 2022 12:40:11 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 993F 0
0 24ms
22ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSw5NvqwZfMEsLmOzQjiP7ydQgym19xPsy3MEyKVgwOiGpnSFZU6Ky6XUPtg576oRlF-ULluGsfskQXfk52zBP4PR2Fvw
Requested by: Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 993F 22 KB
7 KB 53ms
29ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 09:55:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10050
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 20 Sep 2023 09:55:30 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 993F 140 KB
44 KB 44ms
42ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d71b1f9bb2c1439edff9c640fedc7e649eeaa3a1d5b5b08199a6877b3328a71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44544
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663587528796173"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 20 Sep 2022 12:43:00 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 2260 22 KB
7 KB 51ms
28ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 09:55:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10050
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 20 Sep 2023 09:55:30 GMT

GET
H3

200

3664297453309006094
tpc.googlesyndication.com/simgad/ Frame 2260
Redirect Chain

https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjsuJMg5gYNH5qztd89CR2uT4Ky6kHZzSvhLVTcfx59ueda3GQvNVS1MB-46G3oeypq-CGcjRYKdIv9GLOQonAwzBEfuqitWmnxgs43zaaaHdKqfDPqcImnDWBPipwnsnuUjrMLfJP...
https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDLh7jr_AEQARgBMghMyp1u-ZMMNg
https://tpc.googlesyndication.com/simgad/3664297453309006094

924 B
951 B

15ms
14ms

Image
image/png

2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3664297453309006094

Requested by

Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7af3f3112479efd6da96c8e2ba21953abb8a8d9274be90096533f754750fd121

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 19:57:28 GMT
x-content-type-options: nosniff
age: 405933
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 924
x-xss-protection: 0
last-modified: Sat, 15 Apr 2017 10:38:22 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 15 Sep 2023 19:57:28 GMT

Redirect headers

date: Mon, 19 Sep 2022 19:04:06 GMT
x-content-type-options: nosniff
server: cafe
age: 63535
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://tpc.googlesyndication.com/simgad/3664297453309006094
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 19 Oct 2022 19:04:06 GMT

GET
H2 200 connectmyusers.php Show response
cdn.connectad.io/ Frame 53F0 1 KB
824 B 74ms
29ms Document
text/html 2606:4700:10::6816:36ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 74daa4f32df29b40-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 20 Sep 2022 12:43:01 GMT
server: cloudflare

GET
H/1.1 200
OK widgetGlobalEvent Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 88ms
87ms Fetch
application/json 64.202.112.255
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=e197416c00e3c3ab7d9b4b80c58a60f1&pvId=34d889ebb28e17a5b9fc434903834128&sid=7990615&pid=1769&idx=5&wId=1515&pad=0&org=0&tm=2014&eT=0&cnsnt=no_consent&widgetWidth=865&widgetHeight=0&widgetX=535&widgetY=10760&wRV=2000897&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&rtt=215&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.255 Lovettsville, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Sep 2022 12:43:01 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 568fbd968db1569c6f5d05a8d17aaf3b
Content-Length: 4
Expires: 0

GET
H/1.1 200
OK widgetGlobalEvent Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 94ms
86ms Fetch
application/json 64.202.112.255
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=cfae0398e7167908af4c6903865c50f7&pvId=34d889ebb28e17a5b9fc434903834128&sid=7990615&pid=1769&idx=6&wId=1515&pad=0&org=0&tm=2045&eT=0&cnsnt=no_consent&widgetWidth=865&widgetHeight=0&widgetX=535&widgetY=10760&wRV=2000897&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&rtt=215&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.255 Lovettsville, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Sep 2022 12:43:01 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: b835a8b1e603dc048da375e80a3df181
Content-Length: 4
Expires: 0

GET
H/1.1 200
OK widgetGlobalEvent Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 97ms
87ms Fetch
application/json 64.202.112.255
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=5e8e9ab937e0b4dcdf0e74b85f94cac2&pvId=34d889ebb28e17a5b9fc434903834128&sid=7990615&pid=1769&idx=7&wId=1515&pad=0&org=0&tm=2046&eT=0&cnsnt=no_consent&widgetWidth=865&widgetHeight=0&widgetX=535&widgetY=10760&wRV=2000897&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&rtt=215&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.255 Lovettsville, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Sep 2022 12:43:01 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 9fe907674a9628de77a3c7fa30cb21c1
Content-Length: 4
Expires: 0

GET
H/1.1 200
OK widgetGlobalEvent Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 175ms
91ms Fetch
application/json 64.202.112.255
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=ff28f498f5b6cd6e8c7ded1d61d29fa2&pvId=34d889ebb28e17a5b9fc434903834128&sid=7990615&pid=1769&idx=8&wId=1526&pad=0&org=0&tm=2048&eT=0&cnsnt=no_consent&widgetWidth=865&widgetHeight=0&widgetX=535&widgetY=10760&wRV=2000897&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&rtt=215&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.255 Lovettsville, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Sep 2022 12:43:01 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 9498e60c9defca511bce9991878c65af
Content-Length: 4
Expires: 0

GET
H/1.1

200
OK

getuid Show response
sync.smartadserver.com/ Frame 1A0E
Redirect Chain

https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]
https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1

0
75 B

33ms
17ms

Document
text/plain

185.86.139.115
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.115 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
date: Tue, 20 Sep 2022 12:43:00 GMT

Redirect headers

cache-control: no-cache,no-store
content-length: 0
date: Tue, 20 Sep 2022 12:43:01 GMT
location: https://sync.smartadserver.com:443/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
pragma: no-cache

GET
DATA 200
OK truncated
/ Frame 7801 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2bf42a9f14896ece856eb034c5ba11ea64510af184bdbd2e8d694888280db814

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

ca0c24c8-4c64-4f7c-8b60-2c476a99ee70&partner_id=1010 Show response
csync.smilewanted.com/set_partner_userid_get/improve/ Frame 0670
Redirect Chain

https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010
https://ice.360yield.com/ul_cb/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/%7BPUB_USER_ID%7D&partner_id=1010
https://csync.smilewanted.com/set_partner_userid_get/improve/ca0c24c8-4c64-4f7c-8b60-2c476a99ee70&partner_id=1010

0
468 B

64ms
39ms

Document
text/html

104.18.25.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/improve/ca0c24c8-4c64-4f7c-8b60-2c476a99ee70&partner_id=1010
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.25.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 74daa4f53fa19225-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 20 Sep 2022 12:43:01 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

access-control-allow-origin: *
content-length: 0
content-type: text/plain
date: Tue, 20 Sep 2022 12:43:01 GMT
location: https://csync.smilewanted.com/set_partner_userid_get/improve/ca0c24c8-4c64-4f7c-8b60-2c476a99ee70&partner_id=1010
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
DATA 200
OK truncated
/ Frame 993F 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 18c65bad0be42d71b17ffeacb17bbbd0b718effdbe51213162080d2782f033f8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 container.html Show response
0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 28CC 6 KB
3 KB 13ms
13ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091501.js?cb=31069671

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 20 Sep 2022 12:43:00 GMT
expires: Wed, 20 Sep 2023 12:43:00 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 379C 6 KB
3 KB 16ms
16ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091501.js?cb=31069671

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 20 Sep 2022 12:43:00 GMT
expires: Wed, 20 Sep 2023 12:43:00 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D609 6 KB
3 KB 13ms
13ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091501.js?cb=31069671

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 20 Sep 2022 12:43:00 GMT
expires: Wed, 20 Sep 2023 12:43:00 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9450 6 KB
3 KB 16ms
13ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091501.js?cb=31069671

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 20 Sep 2022 12:43:00 GMT
expires: Wed, 20 Sep 2023 12:43:00 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame C294 0
0 61ms
9ms Document
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache,no-store,must-revalidate
Content-Type: image/gif
Expires: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
X-RPHost: 704c1e4d3fcc922a3031d436b584678b

GET
DATA 200
OK truncated
/ Frame B5A4 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3a821cefa9957d30f453a9293f124f3b655b2cdcfde2962457caf7ac88fa5389

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame A2F4 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d9d54a768cb06dcb463536f827acc09d9de85aeee012ff6029dea4077c624636

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame F067 70 B
265 B 183ms
41ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESENkiWkOd6o_Hz5OoHOoFfL4&google_cver=1&google_push=AZmPxg_mpRIZG6ec61eUPyPlf4o1Yya931vuiRETkBafgrcV3Xkpy3vnt0YVqDNk36M_zdAz1gNi04LPwBElNZBJCxR3QZkQZnQ
Requested by: Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:43:01 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F067
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESECVedt_Qg0Yzw5EAzWUey7s&google_cver=1&google_push=AZmPxg-aoxtWy7pUu32PG7iF9laKQq_8xpkxrzfRp4bubmiLWFdJKSHx2nLFoiKXShTrhcaM19gro9wrS0lj96...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE0NTQ0MTY2MDQ4MzY2NDAyNQ%3D%3D&google_push=AZmPxg-aoxtWy7pUu32PG7iF9laKQq_8xpkxrzfRp4bubmiLWFdJKSHx2nLFoiKXShTrhcaM19gro9wrS0lj96OWBV...

170 B
188 B

93ms
31ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE0NTQ0MTY2MDQ4MzY2NDAyNQ%3D%3D&google_push=AZmPxg-aoxtWy7pUu32PG7iF9laKQq_8xpkxrzfRp4bubmiLWFdJKSHx2nLFoiKXShTrhcaM19gro9wrS0lj96OWBVW6ZjuRIKw

Requested by

Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:43:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE0NTQ0MTY2MDQ4MzY2NDAyNQ%3D%3D&google_push=AZmPxg-aoxtWy7pUu32PG7iF9laKQq_8xpkxrzfRp4bubmiLWFdJKSHx2nLFoiKXShTrhcaM19gro9wrS0lj96OWBVW6ZjuRIKw
Date: Tue, 20 Sep 2022 12:43:01 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F067
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEEBmrmwXmEumVK9MxLOHYV8&google_cver=1&google_push=AZmPxg-Ezz4opyvusaOopc4w-BN6GWyntGIkknFyrb0681pnIA9IpMjyZAGKsq8JdC4fl8n7VB1kgwpET4HNIetD_K00Rds...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg-Ezz4opyvusaOopc4w-BN6GWyntGIkknFyrb0681pnIA9IpMjyZAGKsq8JdC4fl8n7VB1kgwpET4HNIetD_K00RdsI1u0&google_hm=MjE1MTE2MTM2ODc0Mzk5NzE1

170 B
188 B

43ms
36ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg-Ezz4opyvusaOopc4w-BN6GWyntGIkknFyrb0681pnIA9IpMjyZAGKsq8JdC4fl8n7VB1kgwpET4HNIetD_K00RdsI1u0&google_hm=MjE1MTE2MTM2ODc0Mzk5NzE1

Requested by

Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:43:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 20 Sep 2022 12:43:01 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg-Ezz4opyvusaOopc4w-BN6GWyntGIkknFyrb0681pnIA9IpMjyZAGKsq8JdC4fl8n7VB1kgwpET4HNIetD_K00RdsI1u0&google_hm=MjE1MTE2MTM2ODc0Mzk5NzE1
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
content-length: 0
x-content-type-options: nosniff

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame F067 0
166 B 159ms
18ms Image
text/html 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEPmyHLdNszFMXJBdjyN0PE4&google_cver=1&google_push=AZmPxg-iKgwDuf_8Fg8x7v5oRMdaLoXx-AaGj6bi_NyX_T2buOjzyQwDV_A0WMln-AW1u1kqlc3GljFWrdRKFhpe48H7YT8Kx-U
Requested by: Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F067
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFqQcLHtIiKOgfrAES2zId0&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEFqQcLHtIiKOgfrAES2zId0&google_push=AZ...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFqQcLHtIiKOgfrAES2zId0&google_hm=Yym1VcH8vwiFSBs_qsoP7wAABLsAAAIB&google_nid=index&google_push=AZmPxg_4-HQPltxy-ZKi3LQ9iOBl7K01PU-av...

170 B
188 B

31ms
31ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFqQcLHtIiKOgfrAES2zId0&google_hm=Yym1VcH8vwiFSBs_qsoP7wAABLsAAAIB&google_nid=index&google_push=AZmPxg_4-HQPltxy-ZKi3LQ9iOBl7K01PU-avwGNbyuMbMHf5Rqa2lCkaG7s6jmzIQ41_bf9dVpEvfZpl28xyx8wpeSc3Bb_DCg

Requested by

Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:43:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:43:01 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lLwpymLVAGV2kB9lOC12iHmLQ35%2Ff8PRsV1GoXrxjA%2BpYP3gz3sgfH0pKGP3lbFFHQlbWOTDT4zrp9bqsOY4NhesXfB5ZYOGXmVVQ02uxeM4pJlrUagUfyL6crHAIyVHa7p20u1F3aOnGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFqQcLHtIiKOgfrAES2zId0&google_hm=Yym1VcH8vwiFSBs_qsoP7wAABLsAAAIB&google_nid=index&google_push=AZmPxg_4-HQPltxy-ZKi3LQ9iOBl7K01PU-avwGNbyuMbMHf5Rqa2lCkaG7s6jmzIQ41_bf9dVpEvfZpl28xyx8wpeSc3Bb_DCg
cache-control: no-cache
cf-ray: 74daa4f52a539bd6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F067
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEA-37ww6vqhDaswVeqTXyIo&google_cver=1&google_push=AZmPxg87oTzWNph8Q-Z_uamUHLIh0FyLqnSEmfOlO_M153Rj0uH38z8ID4ervaJl0E7SKwiaibix4zp3hK9_JY7fFKjG6HwRgq0
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AZmPxg87oTzWNph8Q-Z_uamUHLIh0FyLqnSEmfOlO_M153Rj0uH38z8ID4ervaJl0E7SKwiaibix4zp3hK9_JY7fFKjG6HwRgq0...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mzk4MjM5MTA5NzE4NDczMDQ4ODI5Ng%3D%3D&google_push=AZmPxg87oTzWNph8Q-Z_uamUHLIh0FyLqnSEmfOlO_M153Rj0uH38z8I...

170 B
188 B

43ms
35ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mzk4MjM5MTA5NzE4NDczMDQ4ODI5Ng%3D%3D&google_push=AZmPxg87oTzWNph8Q-Z_uamUHLIh0FyLqnSEmfOlO_M153Rj0uH38z8ID4ervaJl0E7SKwiaibix4zp3hK9_JY7fFKjG6HwRgq0

Requested by

Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:43:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mzk4MjM5MTA5NzE4NDczMDQ4ODI5Ng%3D%3D&google_push=AZmPxg87oTzWNph8Q-Z_uamUHLIh0FyLqnSEmfOlO_M153Rj0uH38z8ID4ervaJl0E7SKwiaibix4zp3hK9_JY7fFKjG6HwRgq0
date: Tue, 20 Sep 2022 12:43:01 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame F067 0
75 B 417ms
18ms Image
text/plain 185.86.139.103
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEDcDXKvCmQFkoN3KocLD4RQ&google_cver=1&google_push=AZmPxg-7-vRbrDDYeeB4fqXaRvpw2CNogA4RqPRxrFYry_wyau_SKGwyLkZ7YIqY4uTy2BrlZeItXbs0UtzmFwNOmrYwHdqlzL4
Requested by: Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.103 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:00 GMT
content-length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame F067 0
49 B 112ms
41ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J2cYoqYvXU8taNisoTJAa4ajFjWrmv3b9WLpbNHOHchevQpTtukoen8lZWKuKlp09yHWso

Requested by

Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:01 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 2260 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b753f4cd2bcbd89996963103ebad605d067634972737d6cec1de406c7cdde7d0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 0C66
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEG5-V4_v9Pw5RLqHTGHFjJc&google_cver=1&google_push=AZmPxg-DXwOLs7RTsfdd4Pxsy0YW2oB8duswP6A_2mSmh_ydegWKAjPlrZVOqwIErsBOZefzUt3_82Q9B2elV_SvHeaRSxhRucw&r...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEG5-V4_v9Pw5RLqHTGHFjJc&google_cver=1&google_push=AZmPxg-DXwOLs7RTsfdd4Pxsy0YW2oB8duswP6A_2mSmh_ydegWKAjPlrZVOqwIErsBOZefzUt3_82Q9B2elV_SvHeaRSxhRucw...

43 B
412 B

199ms
190ms

Image
image/gif

2606:4700:4400::ac40:98f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEG5-V4_v9Pw5RLqHTGHFjJc&google_cver=1&google_push=AZmPxg-DXwOLs7RTsfdd4Pxsy0YW2oB8duswP6A_2mSmh_ydegWKAjPlrZVOqwIErsBOZefzUt3_82Q9B2elV_SvHeaRSxhRucw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg-DXwOLs7RTsfdd4Pxsy0YW2oB8duswP6A_2mSmh_ydegWKAjPlrZVOqwIErsBOZefzUt3_82Q9B2elV_SvHeaRSxhRucw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Server: 2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:43:01 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
cf-ray: 74daa4f61dc4bb8c-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:43:01 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 213
cf-ray: 74daa4f49a38bb8c-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEG5-V4_v9Pw5RLqHTGHFjJc&google_cver=1&google_push=AZmPxg-DXwOLs7RTsfdd4Pxsy0YW2oB8duswP6A_2mSmh_ydegWKAjPlrZVOqwIErsBOZefzUt3_82Q9B2elV_SvHeaRSxhRucw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg-DXwOLs7RTsfdd4Pxsy0YW2oB8duswP6A_2mSmh_ydegWKAjPlrZVOqwIErsBOZefzUt3_82Q9B2elV_SvHeaRSxhRucw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control: no-cache, private
content-type: text/html
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 0C66 0
191 B 168ms
38ms Image
text/plain 66.155.71.149
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEJxd_UPCNQxxhuDxIPtTObc&google_cver=1&google_push=AZmPxg95hfBzLtQPd3_F7rBzcruuNQ8SkSQJFjrI31hxFIPcfErs8LxgwFeYpwqo5SPk7ZWOismW8ywQb2o7pVyP5OCuCkS2yYE
Requested by: Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:43:00 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0C66
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEGzsSFXs-109ei6XoXVSuGo&google_cver=1&google_push=AZmPxg-d5kXMkBznQmkkiPWwggY67nqh9mZWLO3x5qVK8x6eW5Ko6cdmqOK1xddqO6IZyWtoDLXiKhjdFrUaDxvx...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=K1vZoPv8T1GywBIWJo7hnw2&google_push=AZmPxg-d5kXMkBznQmkkiPWwggY67nqh9mZWLO3x5qVK8x6eW5Ko6cdmqOK1xddqO6IZyWtoDLXiKhjdFrUaDxvx8UMLbGTCBfw

170 B
188 B

27ms
27ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=K1vZoPv8T1GywBIWJo7hnw2&google_push=AZmPxg-d5kXMkBznQmkkiPWwggY67nqh9mZWLO3x5qVK8x6eW5Ko6cdmqOK1xddqO6IZyWtoDLXiKhjdFrUaDxvx8UMLbGTCBfw

Requested by

Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:43:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 20 Sep 2022 12:43:01 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=K1vZoPv8T1GywBIWJo7hnw2&google_push=AZmPxg-d5kXMkBznQmkkiPWwggY67nqh9mZWLO3x5qVK8x6eW5Ko6cdmqOK1xddqO6IZyWtoDLXiKhjdFrUaDxvx8UMLbGTCBfw
x-host: tde-deliveryengine-production-646f888bdc-bz2f5
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0C66
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEEBmrmwXmEumVK9MxLOHYV8&google_cver=1&google_push=AZmPxg_uW6Pa3LMD7V2Z3a99NTY27U58EFyAlBqrJzltCCppGNwwoUwCPiQmmJ8AH1Os3z9mmHg70Ghi-Jonsj5iPsOdtaJ...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg_uW6Pa3LMD7V2Z3a99NTY27U58EFyAlBqrJzltCCppGNwwoUwCPiQmmJ8AH1Os3z9mmHg70Ghi-Jonsj5iPsOdtaJobhM&google_hm=NDEyNjU3MjI0OTc2Nzc4NDE...

170 B
188 B

43ms
35ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg_uW6Pa3LMD7V2Z3a99NTY27U58EFyAlBqrJzltCCppGNwwoUwCPiQmmJ8AH1Os3z9mmHg70Ghi-Jonsj5iPsOdtaJobhM&google_hm=NDEyNjU3MjI0OTc2Nzc4NDE2Mw%3D%3D

Requested by

Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:43:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 20 Sep 2022 12:43:01 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg_uW6Pa3LMD7V2Z3a99NTY27U58EFyAlBqrJzltCCppGNwwoUwCPiQmmJ8AH1Os3z9mmHg70Ghi-Jonsj5iPsOdtaJobhM&google_hm=NDEyNjU3MjI0OTc2Nzc4NDE2Mw%3D%3D
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
content-length: 0
x-content-type-options: nosniff

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0C66
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEAG9AOfZdCI9qQ7lmUFV90s&google_cver=1&google_push=AZmPxg8fI32SVUrMLuUHj_HsTPTe5KjOkFHcPOIdn4zo3YGNmPZ_bFjNUEo_KfOZnX3whxN1Le7zAUrpamfF...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg8fI32SVUrMLuUHj_HsTPTe5KjOkFHcPOIdn4zo3YGNmPZ_bFjNUEo_KfOZnX3whxN1Le7zAUrpamfF5Ld01TIgCkXMZiU

170 B
188 B

94ms
28ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg8fI32SVUrMLuUHj_HsTPTe5KjOkFHcPOIdn4zo3YGNmPZ_bFjNUEo_KfOZnX3whxN1Le7zAUrpamfF5Ld01TIgCkXMZiU

Requested by

Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:43:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg8fI32SVUrMLuUHj_HsTPTe5KjOkFHcPOIdn4zo3YGNmPZ_bFjNUEo_KfOZnX3whxN1Le7zAUrpamfF5Ld01TIgCkXMZiU
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0C66
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEE...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AZmPxg8YX-slmQyeGPhk0qUPFhynFbcbIF4Nat9f5B7KSTtuV8ZtV0Gt1MF2-PBb5fTy-eyT8HP465zrVwROR88qOckH730SQtk&redir=https%3A%2F%2Fcm.g.double...
https://sync.targeting.unrulymedia.com/csync/RX-4626b40a-488b-485d-9cd5-c06ab77d095c-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAZmPxg8YX-slmQyeGPhk0qUPF...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg8YX-slmQyeGPhk0qUPFhynFbcbIF4Nat9f5B7KSTtuV8ZtV0Gt1MF2-PBb5fTy-eyT8HP465zrVwROR88qOckH730SQtk&google_hm=A0YmtApIi0hdnNXAard9CVw

170 B
188 B

27ms
27ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg8YX-slmQyeGPhk0qUPFhynFbcbIF4Nat9f5B7KSTtuV8ZtV0Gt1MF2-PBb5fTy-eyT8HP465zrVwROR88qOckH730SQtk&google_hm=A0YmtApIi0hdnNXAard9CVw

Requested by

Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:43:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg8YX-slmQyeGPhk0qUPFhynFbcbIF4Nat9f5B7KSTtuV8ZtV0Gt1MF2-PBb5fTy-eyT8HP465zrVwROR88qOckH730SQtk&google_hm=A0YmtApIi0hdnNXAard9CVw
date: Tue, 20 Sep 2022 12:43:01 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX4626b40a488b485d9cd5c06ab77d095c003
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0C66
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEDFzc-HeEAqfj-uHaWqqn2g&google_cver=1&google_push=AZmPxg-jArxCB68oxqP_1ELl7tccDMTLju5Qm2AeMfJyLR3ZBneWZaw9TD9FWBvgJOkWjs9_O7...
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEDFzc-HeEAqfj-uHaWqqn2g&google_cver=1&google_push=AZmPxg-jArxCB68oxqP_1ELl7tccDMTLju5Qm2AeMfJyLR3ZBneWZaw9TD9FWBvgJOkWjs9_O7...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS03anZ4NXdwRTJ1SDJaSGFfbjA2VVM2Nkk3NUhocEsxNX5B&google_push=AZmPxg-jArxCB68oxqP_1ELl7tccDMTLju5Qm2AeMfJyLR3ZBneWZaw9T...

170 B
188 B

43ms
36ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS03anZ4NXdwRTJ1SDJaSGFfbjA2VVM2Nkk3NUhocEsxNX5B&google_push=AZmPxg-jArxCB68oxqP_1ELl7tccDMTLju5Qm2AeMfJyLR3ZBneWZaw9TD9FWBvgJOkWjs9_O7zCGDnc8EYjBuqmDPH0uyA7dOqm

Requested by

Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:43:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS03anZ4NXdwRTJ1SDJaSGFfbjA2VVM2Nkk3NUhocEsxNX5B&google_push=AZmPxg-jArxCB68oxqP_1ELl7tccDMTLju5Qm2AeMfJyLR3ZBneWZaw9TD9FWBvgJOkWjs9_O7zCGDnc8EYjBuqmDPH0uyA7dOqm
date: Tue, 20 Sep 2022 12:43:01 GMT
server: ATS/9.1.10.25
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 0C66 0
232 B 97ms
38ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JTrWYmFaw7P_Tsm-FOh7VAZpF2oJy0Q5PBli4CHN69Vnh-axi9Lz8l_Om0nge92aNEedGTBQ

Requested by

Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:01 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 7FFA 15 KB
6 KB 21ms
20ms Document
text/html 184.51.9.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.34 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-34.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=33247
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Tue, 20 Sep 2022 12:43:01 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Tue, 20 Sep 2022 21:57:08 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

POST
H2 200 events Show response
khn.crowdad.io/ 0
104 B 52ms
40ms XHR
text/plain 54.72.99.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://khn.crowdad.io/events
Requested by: Host: d2r08ja41ypc0t.cloudfront.net
URL: https://d2r08ja41ypc0t.cloudfront.net/WALLA/kahoona-idx-live.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.99.24 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-99-24.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.walla.co.il
date: Tue, 20 Sep 2022 12:43:01 GMT
access-control-allow-credentials: true
content-length: 0

OPTIONS
H2 200 events
khn.crowdad.io/ Frame 0
0 40ms
39ms Preflight 54.72.99.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://khn.crowdad.io/events
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.99.24 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-99-24.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.walla.co.il
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://www.walla.co.il
content-length: 0
date: Tue, 20 Sep 2022 12:43:01 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame F8D8 2 KB
1 KB 96ms
25ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yym1VAAGiOsIu-G3AAiO0IS-J6x7zJHNSTCB_w&u=%7CTWikUgAWzVjCJw6y44bEzy7TGaiZ0MOUsdZBqgkQTlo%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtHRo7W7jK_gau617uSy9WvduFV_Sv0yVFoC-gBJblvvbiBJAJA9x09lGrEANNZlP7SqOqVCevq2j5SpejYl1PP6UWz_-x93X-kKub9XOC87Vp7g517GeuOyxi5wJs3heEg3W3qL5T5J_1tkrSZRpUjaEp6Y0oRTHOnXQkQzOCLQgSEvWg1uk-kS7Mv4X82FkVJYAN-TXQwh1MCbqgbqYEzhZdUAJ5aJ8MXuEwE6RB1laaeWTW_AUY0WQH9_T6VTFgqiLp-Lskuwz8aHRAcM0xyfpY3GV0zo0m1nw6jRc7KgXRc4XN6JOLy_fcEfYzV1eqfUcPxXAW3pJ4IKEvcAZfnnSGnCtViy-XF5Kyp694gBvmUXDcLN5CmyRI21aKFp96DuiNdX2h1vDQmka59H9VcOtV6clv8drH8YV5YFB3q-IcG-ZdUXrQoqvgcsceb2S4S7vERQxzzht3jIf5eH3l9Od9M0dhayqpak1aSvX1OmZkADrhZ5Q_pGFMb3ZUlqlo_vBQ7ZCq-hJOJ5-v0H3nl4Oe_x5d1iXfKIe-IYe-paE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzhFDVLUpY-uRGrfD7_UP0J2ioAXJntKxXNWdkfdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzKgAdW20uoDyAEJqQIZDJvnBtOwPuACAKgDAaoE7AFP0PnQHR-EpJDCWwQcTeQsB0wcCHEUs0ARHkTnKFc1otbGsKO5KU_un8EGC-bLgt7P8LlKgxZDBbRRWx0tZ2A_QjSq_L4jmsHGJPswFOR8HJGq4VPYr3ObpWuh6stvwMkukUbEmGMari6CwMjdUjGYwETbhieb3qG5DF2oDd3iQw6vMZ93El9HCecdUkBDVCQ8yE5oHU88EHecn8J-nZ_b9Y_IUAbqSUpBljGhOSr5LfF5-JSDZipGO98skHXt_y-fSK0hJKEHNd3v0_qyL6L0Rgh1564Wbwske1klRXjvJoTZLZ-ocxf1LcI7OuAEAYAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3MZxIohARBKCvyDfeHLk6PKubTRg%26client%3Dca-pub-4491659496372172%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:01 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 15 Sep 2023 12:43:01 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame F8D8 2 KB
1 KB 103ms
32ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:01 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 15 Sep 2023 12:43:01 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame F8D8 308 B
636 B 49ms
26ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:01 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Fri, 15 Sep 2023 12:43:01 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame F8D8 293 B
622 B 45ms
24ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:01 GMT
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Fri, 15 Sep 2023 12:43:01 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame F8D8 43 B
348 B 303ms
15ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=J6P5KqakDsbZ4BraU9MWJoTlYqBCnQ2ycayU62-5av53FXvdmAWp8zxfwDjPn6VWfK3rGuWdSjJUYlDAw8e5wTumyKYe0vwuRQQhuTEZqOvqYELtO-HL82Kd12gwIP0NeAOGQDdNPIX0ZExR0UXprYBYMyPQYXjEpRlUzX27tOPrvXvnVSru5yaGz7yByGEMOEkuR1sE8sQAgcnUsfdloMORi_NIc7_ttu5cmxT4-MfACjC3cNO578HFbnti67vC50zRom3uC_8_cRWTdhNvtCnw7KluULEdgRVJAY4ApaJApwyK-R212v7OcNPUDKGyy_xyA9cnn3wUL3NlgwNJ7WPvz8mR-3y3PBYXQ0UOKZs7lnR9hTYk6Ox8m6eJC1elKF27_wCeNtqfadViLfK9I_R1ZpNqI3AB2Zu08c0AtNg3wXuP

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:43:00 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1769592
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 m
secure-gl.imrworldwide.com/cgi-bin/ Frame F8D8 44 B
753 B 389ms
102ms Image
image/gif 2600:9000:2250:2e00:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1663677780
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yym1VAAGiOsIu-G3AAiO0IS-J6x7zJHNSTCB_w&u=%7CTWikUgAWzVjCJw6y44bEzy7TGaiZ0MOUsdZBqgkQTlo%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtHRo7W7jK_gau617uSy9WvduFV_Sv0yVFoC-gBJblvvbiBJAJA9x09lGrEANNZlP7SqOqVCevq2j5SpejYl1PP6UWz_-x93X-kKub9XOC87Vp7g517GeuOyxi5wJs3heEg3W3qL5T5J_1tkrSZRpUjaEp6Y0oRTHOnXQkQzOCLQgSEvWg1uk-kS7Mv4X82FkVJYAN-TXQwh1MCbqgbqYEzhZdUAJ5aJ8MXuEwE6RB1laaeWTW_AUY0WQH9_T6VTFgqiLp-Lskuwz8aHRAcM0xyfpY3GV0zo0m1nw6jRc7KgXRc4XN6JOLy_fcEfYzV1eqfUcPxXAW3pJ4IKEvcAZfnnSGnCtViy-XF5Kyp694gBvmUXDcLN5CmyRI21aKFp96DuiNdX2h1vDQmka59H9VcOtV6clv8drH8YV5YFB3q-IcG-ZdUXrQoqvgcsceb2S4S7vERQxzzht3jIf5eH3l9Od9M0dhayqpak1aSvX1OmZkADrhZ5Q_pGFMb3ZUlqlo_vBQ7ZCq-hJOJ5-v0H3nl4Oe_x5d1iXfKIe-IYe-paE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzhFDVLUpY-uRGrfD7_UP0J2ioAXJntKxXNWdkfdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzKgAdW20uoDyAEJqQIZDJvnBtOwPuACAKgDAaoE7AFP0PnQHR-EpJDCWwQcTeQsB0wcCHEUs0ARHkTnKFc1otbGsKO5KU_un8EGC-bLgt7P8LlKgxZDBbRRWx0tZ2A_QjSq_L4jmsHGJPswFOR8HJGq4VPYr3ObpWuh6stvwMkukUbEmGMari6CwMjdUjGYwETbhieb3qG5DF2oDd3iQw6vMZ93El9HCecdUkBDVCQ8yE5oHU88EHecn8J-nZ_b9Y_IUAbqSUpBljGhOSr5LfF5-JSDZipGO98skHXt_y-fSK0hJKEHNd3v0_qyL6L0Rgh1564Wbwske1klRXjvJoTZLZ-ocxf1LcI7OuAEAYAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3MZxIohARBKCvyDfeHLk6PKubTRg%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:2e00:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:01 GMT
via: 1.1 9905602b8526d2635024f3edbf1df702.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
x-cache: Miss from cloudfront
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
cross-origin-resource-policy: cross-origin
content-length: 44
pragma: no-cache
server: nginx
access-control-allow-methods: POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-id: qiU1Ab8BNtH0zVJlKpc3F-cIMxWxRMCqBZ_TVcTtO0AAdH5ZI3wHWg==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2

200

Yym1VcH8vwiFSBs-qsoP7wAA%261211 Show response
csync.smilewanted.com/set_partner_userid_get/indexexchange/ Frame B155
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=193216&cb=https://csync.smilewanted.com/set_partner_userid_get/indexexchange/
https://csync.smilewanted.com/set_partner_userid_get/indexexchange/Yym1VcH8vwiFSBs-qsoP7wAA%261211

0
702 B

49ms
48ms

Document
text/html

104.18.25.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/indexexchange/Yym1VcH8vwiFSBs-qsoP7wAA%261211
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.25.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 74daa4f6c9eb9225-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 20 Sep 2022 12:43:01 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 74daa4f52a4c9bd6-FRA
content-length: 0
date: Tue, 20 Sep 2022 12:43:01 GMT
expires: 0
location: https://csync.smilewanted.com/set_partner_userid_get/indexexchange/Yym1VcH8vwiFSBs-qsoP7wAA%261211
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZuV5uWjF9Dmr8H8rPjUYRbtxWkxiM%2BbeBRg1FuYoQyq8iVIr9UJkrbCKf1cIWipku93AXNusqW9IkrfdbJMtnximhynL4EKhX35nnBHc3%2BcVAthrpOK16SZoOj7Sdf68WOlkCoZENIkmMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 204 1
sync-eu.connectad.io/syncer/ Frame D65F 0
0 100ms
38ms Document
text/plain 2606:4700:10::6816:36ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by: Host: cdn.connectad.io
URL: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://cdn.connectad.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 74daa4f53a1e9b40-FRA
date: Tue, 20 Sep 2022 12:43:01 GMT
server: cloudflare
via: 1.1 google

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame D40D 2 KB
1 KB 95ms
35ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yym1VAAGiOwIu-G3AAiO0MnMWwAb_ayToQZ-iQ&u=%7CTWikUgAWzVjFcrtgHufdRHdJRZ3AeOVKyQhO0IFcAmY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANTdjJFUnbHmDD4JrKCRuByX4xBS6ln5kM-X0LPZn_TEoRJnK1ikCXt7ZgHH_FsKuTBNpt7UKi8fjyuZz4WqTWO-7wBY-ytvH4ZkelGhe1phVNrKEolYodGgi6V7Coc4zdaUjhYbO58XZEIGHWePNBtNTvcgouhwWOlQK0OdYE8vGuQg0Rgt_CtQhNFoIxhd_DWtc6i_scW79o_HgaE-TvA6O9PB0kvzQAbKBTS9ABvbgZSkGuqhXYdDWySJVf9urfcJ0wC2ba43vrRwxPJKRhRDaNa_2SGpZ3OxsV48F6tnVjbkApwZSXD2th6ryGZq395DJjb5W40TB1DoSuL-NSy9RgB_txke00zzf-wWcfAe8POi3os3z-sTE-_n5Ir8xMgcnM-RuYTZ8Ub60c4ZCdBIW_HdESQOWZECWAwuunN-JN2qohsQFGgepGyo2FsGmsTp-zXW1mE_5BBSRQXr2-U1xlIAcUE70BcrPTwT2dt1WiNkYF34eSOPhe2NORZGPCIxmT_wGtfQAl30KkVJIt-kpACBtEgBYjEkdcNlFvGrTlgqpALh0yTc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgGv8VLUpY-yRGrfD7_UP0J2ioAXJntKxXM3x4t2IAcCNtwEQASAAYJWCgICUB4IBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyoAHVttLqA8gBCakCGQyb5wbTsD7gAgCoAwGqBPMBT9CHLWEIDxWyR8fkwXi1D2NtYKadmUM26amwIYYnUhaP2PSNB4gFW2-YuSXIQpbv9Ab2kdtQhH247I5PJeQcuIGlY_9Ac3nLxjO6JJ1daWRD0aEn0CwbYelgM6omjmyIZzB2dU5fKvGsNMjoLtiqAaaKFDwP0wOcpRx30xbWIYIWQDsNMoJovMJ9DUDIFpNwhG267clJs9hoFkAbVZn-8CasYDc5dglxRBq5-e5HGbZUjip0kdoYzpGeALWXUuxAag7Ex0giojefffgvBuSZsBMSaAIll17-wIHWPUVyVFmVjwwWsmOcPCBUE1RCt4RS3dG44AQBgAbW2ZmMt-2TjJYBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3Mk3SpW7Ay3IrxEUaIZ_57kz0gsg%26client%3Dca-pub-4491659496372172%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:01 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 15 Sep 2023 12:43:01 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame D40D 2 KB
1 KB 96ms
36ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:01 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 15 Sep 2023 12:43:01 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame D40D 308 B
636 B 48ms
30ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:01 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Fri, 15 Sep 2023 12:43:01 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame D40D 293 B
621 B 50ms
34ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:01 GMT
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Fri, 15 Sep 2023 12:43:01 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame D40D 43 B
347 B 300ms
17ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=pSXiJsASRFKSLv7NF1Lp5sr9R_ozYF3Vvr2gkRrMrfoqE4fiXe1FIk1A4bh_to6LEr7tmZRIir6CPhNB__FHaMNSCQ887_CRTufQE5ui1y_hW4AwtgPg2hNdip4lJqCt7Pwi3cUCU2nRlYXkipSusccngnjaY_XfXIc6rFRPWo5hh9nMuFXIXraFNrqupkJHFfwcfVX8cnbPMicyiGQ9nR6S5CaHn6BbEt3gL5MuSqNK1IB_wGsh9m6yAugV8BpIybq5UELsh1wJIxEwp_Qil0qRYTTUGHe7CRA2Mfscqz48f_sPxUTJJlXTnSpZkYJbPtDXS6MRHnb46dvXOYjeOZYym6C7cnYW38zDirWJWCdLaLrQYu-UxWc6ELQkpRdZsjTaZO4hDyLCwCwjVT11b3wsYfuVicov76dlaf142Inhsnw4

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:43:01 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3647411
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame F942 624 B
297 B 71ms
51ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGNzxhNMBMAE&v=APEucNXU-3eoYyzricyJ-F3znqoyaU8fjZPC3QmibdM-tyMlYdoUhTQsScA98EGPJYOhwN9KmVU_JR_S4lXCnTBBnApvkpkKMGiGT0xts5y1b9xQSEZ34v7PQiex-1VfPB3ldK0fU9JZQRYgH4ZAB258gt5yZZEpL-mr7AoB1XOm85DASlszXu4

Requested by

Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 20 Sep 2022 12:43:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 28CC 94 KB
36 KB 103ms
64ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DvRbk96APGI3o6HwYzcbDdR8BJtb_F1Pf3PuxfszX8ih5Wt1guQ3YSJuZhBRmjWliXRdIo5lcYfQGmaBlsYjW4r0qO5Lqkn0wz8apKrO0TXiNJvh2mQaNUUgLy-_ckKDiBWgBMsWy0e0mBsbM60dfCbuAKwg&dbm_d=AKAmf-AT7I7syU7FHHPw8N7a7UvcXgeeOHorKrkLne7d1UBKp6rIbK2AU9avRv_oAMrVrIh-xtdTa2NFBuPn8BSmvVHPE6qf_NdtzC4kfChXeG-5zhp3SYbz7dz84SOt1GDrhPadR2dThUnpAhlx2URXAjZARudCj-Y4BEI1RI5eFTMqsd1rV2x0iQeQZ8FMxit1DM7bxvT9FwQwQSR8-eNc8fu-EIV0_s-H-bjvPtcscIs8ByH2Atj59twIrSNwUyC98jeqy0Ek7vcQoqqWd_H93EsKzpGoXK-Sc6JX7YaRDI4-pJTxr8ZnycX_BEszu_D2oYUzFGMNGAQqeyP2fp2BlRrDvORj12G67tLfW58xQhu_ccfcEFU9KaVEsRgP6CDpcoZA0p06z4Ioynzibc8GIYhkCPDnc5KqAbTiOan9w-9zh_6hsPEI0cr4QzOhItAMk4bgmgOjglcflg8MTwBD3In4nfT5YywFeD86c1T5K2HPn0TIrClPRCsdTwalRuglNzMcpMWcJMrsy_QMFEkpYSrzVC79CosIaeEH4i521YxHS5Qat4XzZSTQqgiiQYK87H35oq9hrIRl2sOaAM-Ly0kRiFITtAXZMDX9tDMwMZOf2K5M4i_2KrMDwL6EbeSnoL_15d44lbdEmomdWU7Ehz8ZvNv1aHMhUErP6Lx3e4Hyj1uxctV20dnKzABIwZI5aHWsLLgRGMsIliNDxoseJdg9n7r_1ffc69wtsbk67CH-ZgL-PCXMwXqXBFO5WI_5ohLP4cyRG2cBYs51loLzF0gVc3VAvvl5eb7DETbfaqrtRhs1qTPFU-N8Gf3z2CCKFwJUx5r_R4IJCIPw0VDuHISs651L_mxLWEnIaZ2yBKDdm9fFYEKD5E0dEWSn9FwQUas4s9_-HGFHp78WmaagIFKnDhE_zvTQtcV41JEzsyxcNpkv0ra9U4lE-gFpvO2bUmj8ohrOjq7nClqUm0NkBLQjedbsDuSrQ4cVJo0E8K2pS4Az0SJMO5NcgS2qbGK3SvNaW6bb0C9vmVTr1GSXOjb0pKwOcnNP87UCco_TMJzgiqfzW7vVxlCVFc0MfASojCUxffpl4plz6LhyEyaOVqf24VqUCOUhgLeLBFzO1mm3VGuHbg6gLCFtjuzrVyjL_tWf8HiVcKCEKPASHnCiNQehx7azHWMhGxHCTX_JTebWUU92To8Vi6AQjYwbaEHNEBy_kq8ZftqjdJnxMQeRFyBwc0rcsZf0pKiVKSTf4wiKh-2GZerZC5CrUkHugqWBzrSFsfpYO9gCl7a59nwznMUxzoG2AsSn9oKuARhNrcby3EkApXxZqflSXF5ZDSetoCbfatFWWue1xQ-PQMH948GwXy2U5kaC5z2SqZmjP1uvxHJBqEoxyPfJeTcxXTBqMSujURdmnwvUdeG-ZiI5N2OlCoGvSj60MPfpumunaEi2qLtIcTiTs62Rqsb-1Sw3ZXByLjWwcRYmz6dQ_cRK6cKeel6W7EfY_GqXHsdUzCogcql4B_xKxBQ1cy579a4oDAgDhUGBRLtOHj2uICNBn1QtdCeiSzsUJypursLCO1xqe1cytDAF_AWFC_Oerj875jNmcr9BhUyncOZaCaHIqDG1gAtPuE3a7Adjy9XD2xnTN4FEAOML342x49g_2WZCr1KxXLz4Bc-lwBYlLDESf1YwIa2aWc2_c8y47dp60RosDZrhAK1QTsBrRoqwsYTzIuHQWPXYHWYXOsBle4jVZ_QReDQbp-Lib-Wda_l19yf05gumiZJvHfgN8jQMks23cCnNz3zYQ8O0_eKMy7pcdNHlCZiFEq5zHQ21RPxEJfYWi0bJ1eIiFB7cAHb6RIFAmgc_oKrkgmhADx7c2Ozht94ayCzFdKh_y5KRk4C6Cx6br_mY6BhDy7aLxdmEj7qFGaA8My9ypq4dQHwWd2r6C61kLX69BmgrVkuJjMbEHTegmjuUgv5TlHT7FKjFaFq8rVksmTefES7pUZpKb2MLqdtzRmy1jbZhRnwg3sYppph8_LlYS10NHhSKyUh9gkbv-ljGpL1MkOPHWaqUYPTULl03C2LOIZzzWpVRgt-RGtf1X5ygVp5odRnEqdLNNgURjC7ZSNVAe814yue8GCdrbdZtDeG1iQNjESR0lEQafCacFImb5_H7UBAF8f916YmwsZcnFbaIPwPCAroHb13XlZwKCuI10anpPxQUnRCsDGPSSv0R-j1DyZhwswlSG46M14EXWvxh9LO-QyPn49ZVJFjrysthS4P-NxYcdGToycIjjQSBkms4-rzLBOPe-iD5xWqudCcGGv5Qg_xVGuuwGurEVx-uhQ3Efx8fVz_GWNyDRwDBmabx1AuTmNOiWaxnXWTCym3NmVanL4FQEYrtnyC1Y03gaaWoJXbv4ZpSOYDPZpV2ubqkVJdkJluiqAilfgQy38P8jNYeUM8vIizqdPkUBFuWaY0ToaNTX2mglbw4W0xESrkyT0rA9g2fQ6JDNE6qTlucCAxnytAR5ENe_oPEwYBoYiWz7KtAwub0VVMpwchPhmOI8_OxDUGX8LSi4KaTd78j4vHMbWUb55bv2RGb5fk6gnErKm1Mgz0bZMF3QE5MsA3TxFqt0Oh2WCPC9-vucKNOUuLnZuDU0knU0QCNsj0BALTY7-FJkI-O7weyO_WgIBqMO3GSOTtTryumMcY3w9HZQzZIITyNPfUYLZkf3D3mwtSExs39vNTFJkgViaY2nnoCph-cEVyk528Scc0GFKM9_WKcWi4BOk6jdTqbxBsNQ14o4jOP1GxavBvdkARLzwqHNlqQMMaPCfjKpLtBek6P3Fnk-WAHL_7QRcleq62vzeW-S5syEj_cJnxgvIYsuyk2HIiRJRvpAyamsNowIUqT8-8xOSz0348J0GXy9MR3n0gLjHrKtf8KV23uBDNIBcOwB_JCJ3ZbkFJnbSAqejZc4Wgnrv9zWB-6pGeF_AFF4qbdBBuJKOMxYK8yF932z9AOyZsAD4S-y79Dheq5TlOvdm8JCG4eRVI67gSuFR9K9pjx5726RkwkcIZMvB5DCTVg1hp9cyyPm4vUU5_R-F2B9ql68hsZkv2S09AoehLFF1mYA4QtGKNpSGkq0k5qtt0&cid=CAASJeRoR4p8HyAqel5sczG_cPm5EC807KtD3DT9geAYIZbiJppvmMk&rfl=1%2Chttps%253A%252F%252Fwww.walla.co.il%252F%240

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9afe715b6deea4fcde9d31d6aabbc36742b3b2d8c3f798a0cafb2022f55255b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:43:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37047
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 28CC 42 B
63 B 85ms
46ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AXY1tDimW5kcvhuT5TIBm1zvB-iIVlyAuykuDpdkZIoHPfv1MSSFDTRLlsQ2ssHTvU-ccMZN6p9A5_hWlW2ql4WOTn1_4kJsBbVkMjBdN7oK0Ahv4

Requested by

Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:43:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/ Frame 28CC 3 KB
1 KB 19ms
13ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/window_focus_fy2021.js

Requested by

Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:31:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 671
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 Oct 2022 12:31:50 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/ Frame 28CC 17 KB
7 KB 21ms
16ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:32:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 646
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7552
x-xss-protection: 0
server: cafe
etag: 1588701280721430806
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 Oct 2022 12:32:15 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 28CC 0
0 31ms
26ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT7T-2cClzWTL6TPAFdWymRFVjJAyJezu2DxBD4BQ_zh6T3JPqzIvbl270vOPqceSkcjdDebknYef_XtNeX_YXgbZ8sLg
Requested by: Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 28CC 140 KB
44 KB 41ms
35ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d71b1f9bb2c1439edff9c640fedc7e649eeaa3a1d5b5b08199a6877b3328a71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44544
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663587528796173"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 20 Sep 2022 12:43:01 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 49FE 181 KB
55 KB 155ms
155ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Yym1VAALSL8Iu-KpAAYIzp8ErF5fVBGjXZOxyw&u=%7CTWikUgAWzViqFhXS32Kw%2BBlkmgCcg5jnh1D%2BcXVOYO8%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T_7v7MIbxeCIjSgfvZLBL8aH-p9QRgQj1yDpp-4lJCYY3bX2YbWD_ebFCuR9E_-r0mUQ-YZIsPAnYJjJvj5hgesd7uSu91h7D6Hv-vow67WGWDvOezoYrRRJf_4ayXzIRAp8TfYNp2GbSv1ylIskZKFyb56wVGSFvrCAhnA9_BtPjuK71qPfS8YQLGlYlCgA8h2_92zbZ4HuCKkWpbUef1fiph_g963SSacyhuyjqQYs5mV1WJ5wgZZkK0dfTTpbEB4YslJmQur6rFO1M4gbaFQn5DtbQhFHerudOK-dlHoTfWSBTmrX5HxMGwZkq6aj7ug_F9j0XdP2oO0ZkQBONyH1wpkOQSPNxQuhC72RsWhgXZ2iMMxdYZTN-Yxu630BU2pjpQjsMrVEfXS4agGWfPP2-rnLtwzsY4CCHttt6r9sS8m0g_aUvDO42ZZmZ0dg4jJCo7Tjf8LNIcCbXKhDPKv66yrC8exco3WAZ7vtiGO2X1HzhB5y7pE0nUrWGZgB5O9jMVeZ5BUhl-74VSC0f-AZZaoLDRon4ooniDPJ5Lf-leKEHjupqXg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3orSVLUpY7-RLanF7_UPzpGY2AXJntKxXPWdmPdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzKgAdW20uoDyAEJqQK20GMU1sqwPuACAKgDAaoE9gFP0GuWrPl9ZDk6PnfRyRgyxbhaqH6HEZ7vt56r4MnFrrOz7W1nFksm5ubt_gqDq2eyYvm-RNS6FYkHtBLFBUmkxgjW70LlRLovXWNMNC0BGH5Q4FFAZYpZLRTde1fA1ufoQzClgDEqamocIH_uq5zi3McpJo0xQL6DgxwOmjF-koEMXGmp8NjktIyxK2YXSBpBei1QP07BdmBSGQ4hdkHhnmFr3Ym-StyanpQtdALQ4i87KOyT6VcKLHpBBzYFHEkTlRTlVJ8l8q2YLkhTJFJFiLLhLtyuBXhVmQ5gy5Ih6EXTqlGKO0FxSIJTdDjE8atwOtf6s93gBAGABsfNz5jfnu2p-QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0nh2Kp5GS3U2UUWDU7TCCo2nq5uQ%26client%3Dca-pub-4491659496372172%26adurl%3D

Requested by

Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3268b2edc171d25802f20761408d122b4c6f06a3731a589209f9d0e9139b1b25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Tue, 20 Sep 2022 12:43:00 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=h8jRd7BJsU4rBnsxr8iJJQbaEJky989csiPpJgcbWzjuy7snAZJy7Pg8WHUTcD73eFAWzkAytVqJcL_B-QqpTnBn-049PShZU1y4wgnpDXUOxd0yHIu93uKOuYb9dc8J1Koo7VLBjdwcp-Z1CPs9d9VJtGVNgA0mmeFSsOK22jMFq6w9nrv3WS7vrtXm-wDDcQz-d12Om2-Rou2Bvh4I7rzejVRoPw2n88iGX72oQys-Oq7P6kc4ACMq1u0"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 137458709
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/ Frame 379C 3 KB
1 KB 21ms
17ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/window_focus_fy2021.js

Requested by

Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:31:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 671
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 Oct 2022 12:31:50 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame CDD9 1 KB
749 B 29ms
14ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 76277
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Sep 2022 15:31:44 GMT
etag: 48472445140208031
expires: Tue, 20 Sep 2022 15:31:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/ Frame 379C 17 KB
7 KB 20ms
18ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:32:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 646
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7552
x-xss-protection: 0
server: cafe
etag: 1588701280721430806
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 Oct 2022 12:32:15 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 379C 0
0 27ms
24ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT21uBVlKxHPzIWd5xfIUqpCPDuzD0L5T--JZYpNBdCOud9SVKiwlpL5--NtxApSLeeKE3L7jArtClTRCorv2FgkmKAqg
Requested by: Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 379C 22 KB
7 KB 21ms
19ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 09:55:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10051
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 20 Sep 2023 09:55:30 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 379C 140 KB
44 KB 46ms
44ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d71b1f9bb2c1439edff9c640fedc7e649eeaa3a1d5b5b08199a6877b3328a71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44544
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663587528796173"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 20 Sep 2022 12:43:01 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame C643 624 B
297 B 65ms
52ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhjlkqp5MAE&v=APEucNUtZv4w6g9lutWbZPO4-AW9X5YuhltgZeRzzbn5fl9HZySHJmsJeZLJe6vvtH7VkOO5hxqwzgSMt-4Z_2C3FLFftodOU3BKQMVV5fMcRhlo5Olb5i63T8Mw7mtIJLeBEbnFudowtwTpIZTKj6iTEpMGmj0wn0FeMW2B2f_qOhLk6AC34-k

Requested by

Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 20 Sep 2022 12:43:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame D609 82 KB
34 KB 115ms
84ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bx3Y_y8YD5jfzCRpseo8EkR4F2XHK40fgtOVcAgjnlBonbh2u6IrZKm4X8Ag4MflxIWNpCu972YP1k3ci8RScNVV2bZBU0Svk7eUYhmgYC2yrelHvj4EdYWDQHIYl1tmE05qna9YhVLrHXsgrAeuKHi_tSTA&dbm_d=AKAmf-B68MZhcIHRT5sGIZUE-xSdcXtjJgQ0TH3M7-CmWpj9w6yHCgNCMMWMZQBC3G1Lf8NeFPODvBiNCk4xRQ3Uo5YEtZR3k75wGVEx-_suDMs72vyzggYE9LVjH8MKUG2f0UdLKpxLP6sYlaOALvTku6KgJ2VLSFbBjlP86RC2LwZq0S79dioAwJr1PqrOpXKWTqX9GuODy7l-VgG3IzEHxXffO0sn0gRj_oHqkj-2qL_ES3LSQZmvYifoM2xpmkqCPCZeet7fd4Ke_iWThZXhfFxTju4mdiPPUIihbytkT0-KZ-tqS-ueuldQ9muKZCcFcISP0764vG01ZrNHIjYfMKrOUYS8vMICUmPvSMNJ9iKB7MzfHnCrcBk13s5qJGMtJ5ZU5mew1WyJfPj0D8s5GxUzMy4X1oie0IjgrRYKOO7nLC_e1gS7Kg8kNO1m7VzrRL3jUfN7zAteHOHcokPkNgg7s8uwmb13eTuRZ3Dl2mHUTDMpASlkwo0LVbj5gQjXwtvw0GYIBosjeSNy2HhNmoASA1sVVXgGO7Dw86Vfb47fZmMamSiGBcz4AgcmzgtFcaVLpcw8IA8mYDVdMKMIHsmK5d2J0_VhQI3XCyVWm69Fiq_floVsGgfb3ZIT5lj5t5w5YUWBW9WosPKS1Wsdg3G-J0Ym3bFka5cmqqIxQHeZFVZBmDhETMwQMaY7xP9djnbaLxbnt0JZMtnnl1wH44JqFbd7qgPlnCB_fSyddY7chYMfrkkbPs1s3EDGjOZ6g9wUKJyhzZtyIze8yv_RODg2nh-rNKdkil-eulccgukkuGa_9iSatslT4wMKtCki871UH8dZx1-S3CU1z9F4GdfZOGXmpl3WTL-MM3CzyPbLIAkpSUMJMVWZL4h9hbU1zNTl_rOrwbJoUfCM1Erq1SjXN6jknUpsj-kjiOngrAge7nn554__7fFLGuwa9FZog-JSUfItC7DM9xTN59wzDDhDBdCB2nAdpFCFHnjFdX5eIxVVmA0Jd6WagvOl1WZg3alaHUB4jNjIDwJVKOiwiE1MFYzS8bOpuCSSCNu6RFG5lpI08f-5mZAbniHOAyI1kTc9DClHMRQT_dMVfTFBcWnQUWmcFi1_qYsTq3tSetVgNZgxY9oKRbBmFNHEKMjw74j6GGljXkHiFrlm1XpvtbpfMC-yL__gPsKlfVW7bmmqmg_N8cQHexxLo2tEDchqg339hdQb4w2ABkcMAJA9zFmq-Amuk_BkZFG7vq_hRCnAWdFaql2qORuJn7r7q0uIrHdjulIgb7RfRsSXSztA89lP4XIbr1LjDVxAloqh6vESIrA6iIRHPqEGquedHgAq5NxoIXIefdPkWGxRQ0nmDWYVkxrtyRIPQ2jYijks8OCmEWkIp-4q15l1EvQR2YOYcTk6u7Dsj8vOU3YohuzD4cTZr_NJd0QQzSNIRvwWEE-l6nrIQ7MRnrLjXZL5F-hpsL75kAMBP7B5zHhRzQM880s3gnudv_5Pgx8i5bLnIYKT-dFi7FQvY0_ixExOL1T_f_mqzPzjXrEcPRpEkWJQ7L6LB-MpnfURpfv2id1gjJFYx4LQZQj3em-hA1yPX1GbaDn0FR1J3gn3HgiBY3Xhi7vEyeoCwj8b2fqv1uVD979E3Gg2hgRHwCgrC1nAZE2wWU1sbPaSuc_EbiLwAeen-C0HNxQitxFsZWDTvh3psxstINFWeejkD0qMYAo4mcixXrWdmhVjsrDstjIt6GQWyoLoKjlhv6RM5OPsUYCL2MQpf1T33xMv_GbgyCtFjhUeRc-5aPpQ-JElDNy1QrAlJCuRcg2hsgztPtQqgImNii2shpEKgQhmuPJUDxuIYeyHA2JPaxxuxVd00L9tJeq3aqcIn1DUpGN1KDOlofM5PAWaOFQFWw7ee9fxNxPT4gkPJstMWwrxOBKWq_mOwXbGoXjMjgFzxHXriBLx0NRLLqPr8T1yY7L3JjjpK2QwSR0uJMl4oyGvrKzsB6m9QPosizaIVSgwAswL_RZC5R6YBMu_OWs2JfQoI3yHrcvFOrzeIOvrt7BFXtT0At0WimRTmj1AhQ_hGWWEKwjOSiACzdp9H03NlIu6Qwk-1olsH19LHVbLEdEZm7WZ7aZbftsolZo1gGItj_Udd03yk5jC4gExA6zO3fPMCYG-71XzCwKxzkPdvK9pVa-iS_12Blk8M7MGxqJUPiC6RuN0QSE_AZCeD5X52TPL5gfXaalZi_gI7AmIbXKO3hDDRyrj6FCZK1hH0pKQkD4sLgFgSikMgcoHUpo-fU7cNRq_YT6womS8UnQwF5ZmLQTLaF4WmyX-jtc9jhCF5kljQGeyt9BT4bxHNwijV80H8ZP945dxIE05rWqwr4_Okr6_OOgXeBC85EHOyP1gAEQod6lWLu5qFZcyPF0GJsMHe8vtIXktLpFNdpcSOy32cKKxvE-kTTZbLCLlzxXnMmU-byrdd9UM-fBnZcKTFm07xploCXOgFydQL8qhr2eghBnqUlWmtJQk7zr3NXgoWrWoaeUiaQme6Qo7yOcGhED3tFcKiqcQybNQ69gIX-0bIahpubUhaw7KOtiOjO8PxUEV1Os0j67hKdqOlQG5UqANv_iJanoxIc_2yVFF-TL0evF0KKoS6HCwYNlI_fdC6L4KHf3rU_qwgXZNvM8k46YiTY9--KmAaOh_WdilxjEG85KMFOsDkrGk6RnNgXqw6f-O2wqPqDE09wqzR3XzpBg1AuvrZoBAASzY_q31nZTXylqOQZ7yakw6aWJDJgUj-XnZcBN_N4j9meahGgCgxMoqoh6lwnJ5m9bXdDdV6LVb-DIF8F3kGiNxSqhITSdquH8PxOuCyro7WE8ezRaUzkIwTOpmbfJjFyYiP-RiAchKkK3t4uMC3aTj4oDyD6PBxOA87u7estjjHu9_q3FFOYyySg2RLCZ-DY7vxA2gJ6wP-6laUruLWwA6q19ApiIRsfEV5WDVHWlTYXZgfQ65Rh1TssHAg5-6mDIDko0Lv3mG8lZA6zMhzsrW3LYwkt4mrfg5ayqA-pjd9zbOXgsB5CrJ_lGEl1UAAXASWWYcqAgFidJlHxW2HPE8ZIM0mE5DOD6SktgKGayMSrbDlBbavSfnWIoofY9jiGx8Ax617uMGitziGOPGc3BHCW3r0sZjz0yqlLR4kswdLYAA5NnNrlzjVb2gzsFF767PR3qewYgFTyRaAaUOfcJUI0i3_H8M51DQXOrd54dCA2J2BZaCH98ogyJCXOR5xOOym7OBSOvyyzKbeN2Wuetyb84XmWfB7g&cid=CAASJeRouUIMDjli6WCs2GDHXclHTMOcNXNHit7wMlaHzhaWZxxClMw&rfl=1%2Chttps%253A%252F%252Fwww.walla.co.il%252F%240

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb66dba2410d5d917e9e21795d66caefb863adce13cce5145cad90146189bc51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:43:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34630
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame D609 42 B
63 B 78ms
47ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BHONbu9qIwEWwZb9UInlHsWSsRCcSUtcxOz392o_6_H6lyqBlqqGzca5hkYVr7T_VGl2sOr9BEvCHT_x9JtMji9D37FDrZt-zF7DWa7KcXqO9oQ-Q

Requested by

Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:43:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/ Frame D609 3 KB
1 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/window_focus_fy2021.js

Requested by

Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:31:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 671
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 Oct 2022 12:31:50 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/ Frame D609 17 KB
7 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:32:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 646
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7552
x-xss-protection: 0
server: cafe
etag: 1588701280721430806
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 Oct 2022 12:32:15 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame D609 0
0 28ms
27ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTCIWuoNJ62UF00TriVPu82vgjk4hm9C4SWeRi3Rq70zIHRpF0qE_UG1rzBkJb3VgXROesVMdL6FrBJaV8817TOLtVqyA
Requested by: Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D609 140 KB
44 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d71b1f9bb2c1439edff9c640fedc7e649eeaa3a1d5b5b08199a6877b3328a71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44544
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663587528796173"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 20 Sep 2022 12:43:01 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame F8A3 624 B
297 B 63ms
51ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhj73NDBATAB&v=APEucNUjFMS7JywVu2QwaERFaXohHvdcR61z8CjQulSmhwUD4YceQzBLSCK1Dm30zq8LX6BBHq_EkoTkaAggfeSq1VrU_VsVlukyWLl1rqeCIL-yFbEgtk_NpFCxFOtfjBjJfhLPmvq81pEGcYLe61gcGvXd7BmZAMoi0MFnyV8uwNmm7tJ_FPg

Requested by

Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 20 Sep 2022 12:43:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 9450 82 KB
34 KB 103ms
77ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DEigeEXq9HV7EFq0EApxHIxctrEmN7fyhvqxjplQMrMYi_5yV4tk-jV0IqXoRS1vBGzimiofy4WmTAqTTEFOZHLCauV0l4-xJHTAhYkDCG8YM2JQXK6o6ZuNJQo5PtlR6JMbNKLNYT983IsSCpi61eppNmNA&dbm_d=AKAmf-DFuDP4_4pN9s0Z9kKjLxL1ps2fwEKSk2qZfGLMAbv3R6s_h-oJ1v8HzW8uMcOh8NHOP_oo05VCi_g5YMjnucm_cjZKrd4W9hPLHGL-5LqjPBlL0ugjSH_SZJSrwY5RSNLfC53vH-3vX8a8XmdJCIbLoto1-M7tE7u2c9qeGx9mrzGF0yi_XFo_kcvYCAuKR-BXG0WngvwRQnJkim0VkYvJAtrwWSbhWqt08dK1jI0lE8Orh8VrgqnvJi49yDL8yo17Usa0hZcZgxdn1XH2DF-YPRzk_1Tsd-E4VTZ7TrqJdaZSUTtRfANGRZR18w-0PADAatMiQuzHlvJts5xzt-y3dEi4ANOhG1GCoHfJ5WYUAqfOTV-1nT2saK5NA1jdM08XsCmw2cK5S6CB3c7ViijMv6vTHpmFeYXVrgQoVbpdmDXANHBH5S5ACI0vQ3QDo67nLu5VmM-JD7FQYWIECfYYx2LVHiXkb0Seq7OxSRgVvRAeaSBMa0B5Ir06dd5lW6JsrHC87cXOaDYjkT8XRwnUQ2VDBC526JmARBBDuEae48GCnZy2qQrVWMCWVJSUu_xxunM3cAvDvK_XVcB2qW4PJK1RhiTJCBisOTLcxV4lHZmVUcBA_2Y5fgV80mJIxwi35HculLGXSECanKi9lrmKpoBbKdMo4TGvM1JfF7pj1uceHu-hcL6AD6wCVcCmlRKk7QiXcHuGmHM67rVog8jUbvy4APqbVtuIGBWkjwdma4Y8d9uBg8NsW_167CdTJ7XCVwKd5zvTg1dUZ3e7ui2PLZIK9Lf550fwIWrQQja1Kk3iC2f7hYvuQA0pqSus46XJtVdumrXxk0a6AQ3lFEkXKA0KyVWiDZZy0VGOcdyM1fFEDeDdXJDgKKu7-fgDiZVGB2TWXiA64XCY2BaQbHJEMq938fzEyAnvLiA8U_hPzOzX3JYluxZ-qg5CDPRNvi_JpyiNcFbiIuZd9xcwKVwLnqHTQCqA52ulom197fnnCAE7e96suXhALHQdIfLIpNZHdhzX8dMT3eu4VbbKlt-YkzP6yyxP2MLveTcnK7k7Ks6_Uq8klceaRJNkwtaOjaD6Z5lxi8-n5nj5oKjQIRR5GKMfM_qwEWvr5Uz0Otpvs89-DJbWlJ0VdMJL0TzSWyvYWaSlICXDYemQcgQpszzmm1I0G1FAiXZtJiJRcgulw1L8w2jj-yS_gMyuezWyvnS27_zEz6pT7ZyGVu8AJ2rtFUra3r_fupM9EIF7JmxoxpFhJtTsHXAiF99mwpfdmvuJulozlh-WlSjLLMQM4CWG0j7CDmUCWKulknQ50dUN40nuhqOOKBNmBk5Qb2CmHVkSRat3YGnRhdP9HFhho8_AdYFkBiuBsLNnmhHAuFH0nicnvLbhu0901W4moizxn0fJvBR0vS5do7mBmxGwQO_SMCeob65AGm3QpeIuOEnxd9L7HaiZM1QQhpAXSDb9YEv8RGmBSkxHIO9nF34fXw4EKnNGOqDGMFT2GxWloVt3FSwyCArMurDH8IZNz-_gAWTAYfExKAI8BohedqTDGc6uvZOMgf2jK6F2SuQ7rDiqe0dfQTFz94GQGJh462i8vSdygNgjfEoO1Ug_6TZyFXSqlCpwBGEkQhgGsPqwJ0C3p0Z_m8emAv1qPYP2HYOx_sNOmkO6NgMEHSRqOrkTYYZgrFWsaGIiVgo6UPcwln3q6Kgrl5wH27bpho4WdIoO4ntWHyX2-sApq3hTXbLYszdOnlUPiQduAPz9HM2nR-vJauo2okY-XhMq1v4-2V1Dxq8A-tptlWpVsgBilptovSsDELOwMy4k3L390X9aTWW4fxxfOwOZ1kCbcmCerVcaDyXLuoGITv8w0P5sEdzSEP8xC7wao-fT4S3gvpagfN8qQjOto5AMsP5gFB_Ovj30OR5s70oG0fXvN_3ZOL5Rqu4krDkbvvYueZAWAL5Fl79T7IVGFxkjI04hPYwvYhOPpzPPU8oku45T01w0QSGJ16Hsgmo-1fOnvHQghsJUiiShSUKLpRFJpNb7ct1ni3J-05Fs344UDR2LkMTbFlMjWN8v-TW4vq3-xw1ZCVqXwnU2fH5MORRLSWPxeTVYqotYT0cJ3EU1gTKRcqQH2SkVbyntYr5Z_Cs26-olTEO4mKcsvhR5VFuGNWrpxMcpaEFyv5zHLpYBVVopT7pWAwFV4F7Ygznp4QLda973VMIvcM4Igmx1YnXQDiJxXlNollBuanfJ0CAtFJxxEwnmi1bNAEbaDeVYsoijzd_lzduwDT4U_I-p8VkIzS2bIIsNYaFlwzf7hKsULxuVsYa4BCm5mNrxx9kCiF39AWUFVpvwOvF4ZhVR0aSu_nT11ZXjuK2mwXPdLIIl3Aaf9ptiedQqCLVslZYr46vjWyoe87ZGM3m0nwsznk-aSGlqfI6Qjjn3pmP63UtjlOxgCw1PGTF72ptIkzC6t99JMBkNP3b2qGHv01sw7AHHhJNfYNHGbnWqhdDGlldLoQXwadCJBR2qO28ERAZjmmjzoJBBLsFw9wqvL8Q7jVPFcXVy9zwVZa29uVtxKfC0rI6l6VrifwtBfPZAXo-9WbvBNnDnJH0MIR2BRYF-wXQ4mkJRjW8zHJ1JRq6bSSbUd5W8YQ3bY2sAfW4QEdkFjy6m-hWAL6bmo1k18aPa4VKKbdmBA9dQuZ_XNBoaXHeUK6xfygOiS0vC3wNKeOs5-I8vMXvwF1CZP3SUK68ZYZcVBX9dqf3-Bu20CW-4fAJKQ9pTHPgASRcLyr3H7wg1lPFUBWV-DIEehEN0M7IovplJCg8lmFtrkOskq5ezhYel1fgPg-j1N1w5AwnDUaDcRcbU86ZXdlDsQNWWv7M2NIwNBdAy2b5BU94LtldAl9hz5b1EKFk_h4xNgW3H2Cl3-8_VhVFtAPIObfix31DEFN2rRJZ2wgvW-_8Zc66oNxrOvz1jYkqO115U4dQQV2ovx4AYGrQFZ0XHZ2xoJjv8UgYHhjAVK20qFG6hHGQ-X_QVQcXFg5i09iRRwQw5MDv_H7vKLVYoGwPpEE_1G_XQEsZTs_uHIrFWdBubeJRQWYavc2hdfyJDwyep3q4XQa6pCX1zNUGJnisJYQ_4aXC2uLcRQ8w10vr32Xg0y9iS5TfZh6WRZoPkyyu9GubJVlHRDcTGDjIlr4Be5o8h78hHiRzcIXfdZ4Hwdr_nIlnVhLMuojcUDGOgVAtuoWLZ16J0Yt9CXPCf9kBfZ3YqgyKk1rSeg1lKfoG2EqT8dwV7QYawWNCveIi0ssu74gGCE-uWtw&cid=CAASJeRo2TWZYfNoSM-ZvEjMZBHPtXLNvSY9C3hJZacEU3d-uWSVmeU&rfl=1%2Chttps%253A%252F%252Fwww.walla.co.il%252F%240

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15be5054046154482f653c696097628fea08a5f812f09e1fd7a2de3904168572

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:43:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34615
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9450 42 B
63 B 73ms
46ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AqUHAZ1Z8QXQ6EopHiVl50HWKc-_ulDAMOc-d_Ahb3qwkzurPbBx9VP-Jona1580FAWCbZUGH3-p5eyEMtjVkVMXLTtoe_dm5XJ62yxViWG3C-gag

Requested by

Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:43:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/ Frame 9450 3 KB
1 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/window_focus_fy2021.js

Requested by

Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:31:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 671
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 Oct 2022 12:31:50 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/ Frame 9450 17 KB
7 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:32:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 646
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7552
x-xss-protection: 0
server: cafe
etag: 1588701280721430806
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 Oct 2022 12:32:15 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 9450 0
0 26ms
25ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQUlsU9EJiM1Fv-pWBkn0sjk9u6_MZyMFt6j1u7f2pcHii76srWVY8lZ8ZTyao_LLY5r7bs3F_5vz9bVdP0NZ-xg37tbg
Requested by: Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9450 140 KB
44 KB 52ms
51ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d71b1f9bb2c1439edff9c640fedc7e649eeaa3a1d5b5b08199a6877b3328a71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44544
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663587528796173"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 20 Sep 2022 12:43:01 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 379C 0
0 59ms
59ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CMxvRVLUpY7-RLanF7_UPzpGY2AXJntKxXPWdmPdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzKgAdW20uoDyAEJqQK20GMU1sqwPuACAKgDAaoE8wFP0GuWrPl9ZDk6PnfRyRgyxbhaqH6HEZ7vt56r4MnFrrOz7W1nFksm5ubt_gqDq2eyYvm-RNS6FYkHtBLFBUmkxgjW70LlRLovXWNMNC0BGH5Q4FFAZYpZLRTde1fA1ufoQzClgDEqamocIH_uq5zi3McpJo0xQL6DgxwOmjF-koEMXGmp8NjktIyxK2YXSBpBei1QP07BdmBSGQ4hdkHhnmFr3Ym-StyanpQtdALQ4i87KOyT6VcKLHpBBzYFHEkTlRTlVJ8l8q2YLkhTZlBkGjVuss8RmWz2STPGM5s14vPZhEkIj4lM7nDsahTcdAH0KWjgBAGABsfNz5jfnu2p-QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTQ0OTE2NTk0OTYzNzIxNzIY8eYT&sigh=ggv-5714HKc&uach_m=[UACH]&cid=CAQSPACsnQUxjoC2ErJMOIz3JOuPOtMoaSR1NM1ygK4HHh3HBe1gb5kt3t0xf1FsxbvbZnqbrsCg_IJifywy9xgBIBM&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame 379C 0
0 15ms
15ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=k5CTFLr5RKwCkAOdg2ICAgAAALjck6Iuirl4UwfGnKm6Zz0QVLUpY3-rC6SEXIEo4NnpABIAAA&wp=Yym1VAALSL8Iu-KpAAYIzp8ErF5fVBGjXZOxyw&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:01 GMT
server: Kestrel
server-processing-duration-in-ticks: 353678
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 7FFA 0
39 B 13ms
13ms Script
text/plain 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=22904471&p=158810&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:01 GMT
content-length: 0

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame F8D8 12 KB
6 KB 21ms
20ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:01 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 15 Sep 2023 12:43:01 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame F8D8 11 KB
11 KB 79ms
14ms Image
image/png 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=496&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F8d6bc06124f044d4973e0db21c495799_logo.png&v=3&w=356&s=RvgLKdjxsCa071ptabsHOAat

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

cdeac9e009d394737c133d4f4692a8fe3ee3c88df825af37b647e2610b9082e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:00 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=28916064
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 11301
expires: Mon, 21 Aug 2023 04:57:25 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame F8D8 5 KB
5 KB 78ms
13ms Image
image/png 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F7%2FlogoRasenBallsport-Leipzig-GmbH-112203DE-2011231618.gif%3Feb%3D1&v=3&w=400&s=nf2adO-GqH0fTKK0GZ6m24ZY&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

049197d27fc218a1fc7185322d281d1f12d8cb637cce49e815600869e12e463a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:01 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 5240
expires: Fri, 15 Sep 2023 12:43:01 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame F8D8 2 KB
2 KB 78ms
14ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FB%2FlogoFormel-D-Group-3583DE-2008190935.gif%3Feb%3D1&v=3&w=400&s=DrzYj4BBZ_BeucmSC-VkbH0_&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

386531a08f54c0c8d3ba891ec58687e227a48302afa25312dd0cddeb858fe61a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:00 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1807912
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1672
expires: Tue, 11 Oct 2022 10:54:53 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame F8D8 2 KB
2 KB 95ms
31ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FC%2FlogoCollins-GmbH-Co-KG-123264DE.gif%3Feb%3D1&v=3&w=400&s=aXqxBpu2zJqlcYjFJF-DeorP&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

a11a8094ccb2478ac3fe14dbe80d6c43e472d89bc6797c3aca65f509ff5a33ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:01 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1778641
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1654
expires: Tue, 11 Oct 2022 02:47:02 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame F8D8 4 KB
4 KB 96ms
32ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F0%2FlogoGWG-Staedtische-Wohnungsgesellschaft-Munchen-mbH-179440DE-2009031123.gif%3Feb%3D1&v=3&w=400&s=wkkPbSujrL7ymfv1S1c9w8wn&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

cdf9d45c608ddaf1301c83f1aab1b088fbc0333e06209472d00a633de416cd1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:01 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1124
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 4192
expires: Tue, 20 Sep 2022 13:01:45 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame F8D8 2 KB
2 KB 96ms
32ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F6%2FlogoBosch-Gruppe-2804DE-1909091413.gif%3Feb%3D1&v=3&w=400&s=mpSaavc37cTAcDERDSmhZdBJ&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

490319aff00a55cfc00d9e24f71f39fc0801858055c62c07bec8fabf2f6e24ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:00 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1286533
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1584
expires: Wed, 05 Oct 2022 10:05:14 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame F8D8 3 KB
3 KB 29ms
28ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F5%2FlogoGoogle-Germany-GmbH-284878DE-2112100939.gif%3Feb%3D1&v=3&w=400&s=aApKQiIxs5vamvb0T4w9k65l&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

a1164d38f35c8d9599848239639641326905ba695401405af5e5ed66dcd5c811

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:01 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=2391484
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 2640
expires: Tue, 18 Oct 2022 05:01:05 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame F8D8 1 KB
1 KB 28ms
27ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FS%2Flogosup-mobile-services-GmbH-107017DE.gif%3Feb%3D1&v=3&w=400&s=PtGEoq3ZsbzrS5a7equsqTtB&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

a762a9a8a72f30592d8eb51021992999e9853831a7b4da13c38e7bb6fdac102d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:00 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1811550
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1036
expires: Tue, 11 Oct 2022 11:55:31 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame F8D8 2 KB
2 KB 29ms
28ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FM%2FlogoMichael-Page-48681DE.gif%3Feb%3D1&v=3&w=400&s=AD9T3buEinIxF5Y0-yTgwI-A&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

39a977ca421acde9875574f55b075f935825ab845687cef86941ee6ef9d10456

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:01 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1856
expires: Fri, 15 Sep 2023 12:43:01 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame F8D8 1 KB
1 KB 30ms
29ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FR%2FlogoReflex-Verlag-GmbH-DE.gif%3Feb%3D1&v=3&w=400&s=zLwiflfp-yFir_QVaiN5kNsH&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

d0fb5fc3a8ae8199cbf7d9b464d107f9613805f027d5cb030c4c2ad45cc9d38f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:01 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1698242
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1146
expires: Mon, 10 Oct 2022 04:27:03 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame F8D8 824 B
1 KB 31ms
30ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FF%2Flogoforsa-GmbH-106079DE.gif%3Feb%3D1&v=3&w=400&s=SWE6M4UNbOZ85LqWAXorsR09&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

99db7c45413b65d885b0ed8ee9b5adcb77066510eeb758cf53c6fdd1f07c0eda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:00 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1970943
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 824
expires: Thu, 13 Oct 2022 08:12:04 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame F8D8 1 KB
1 KB 29ms
29ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FJ%2FlogoJS_Deutschland_GmbH_24984DE.gif%3Feb%3D1&v=3&w=400&s=t5TW_8UYa2eFuuuPo_Q7nmQe&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

639665b9e97aad7d30114d5b9b4d4b391d1ee6e870fd4515ec28e5a24c22863a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:00 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=2101100
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1100
expires: Fri, 14 Oct 2022 20:21:21 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame F8D8 0
128 B 80ms
13ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=3tfl57BJsU4rBnsx-g7GHTn6CXsF8jFbZXkhaV9dcNy44GfRoerIANOa2MgYSr93Qj_laYqLa4k6Dg9pUGK9RggaBrza8J5zDeqVxC0Mde-08E_VPRUMP-9_bQezX_aF73npX-0JV4DqC7GNnTUgf3PmjFS1CRRdn3p3YBS8kmhH2cSpWKPX41VYQ0DFdGvNzniXxnZV-HNE65Xxk_Z8oaTfBiRikpMujEqddWfVIYZd2tz2OhKSh_MJga5XfQPWgr3tkg&sds=2&rev=82759&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 20 Sep 2022 12:43:01 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame F8D8 2 KB
1 KB 13ms
12ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:01 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 15 Sep 2023 12:43:01 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame F8D8 2 KB
1 KB 13ms
13ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:01 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 15 Sep 2023 12:43:01 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame D40D 12 KB
5 KB 78ms
33ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:01 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2316124
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bSz%2Fm%2F%2FgYOfj3FlmmX%2BMDsK00qNkv3lb2UIT%2B7G3YIZFSeBUZ4s5BnX87FHPqDK8Z4mh67ZtIjTnEO460KJdXCSUqlRlmD%2Fausq9Ke6fV%2FO2jZoN%2Fk2dF5n0D%2FMDLn6A83hfAS7kb7zqr3NVMMWKST7K"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 74daa4f6dcaa9b77-FRA
expires: Sun, 10 Sep 2023 12:43:01 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame D40D 12 KB
6 KB 16ms
16ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:01 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 15 Sep 2023 12:43:01 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D40D 41 KB
41 KB 30ms
27ms Image
image/png 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=128&m=0&partner=9239&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F9239%2F170803%2F30e4849c5d614685904990e5b965229b_stabilo.png&v=3&w=596&s=DiBbXmtEzQVOdPpsWrtrBx4K

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

1dd3a32156629192a4dded4809fc5d293178e7aebaf56e5ab49429fa2e4843fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:01 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=28726800
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 41988
expires: Sat, 19 Aug 2023 00:23:02 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D40D 3 KB
3 KB 49ms
46ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=9239&q=80&r=0&u=https%3A%2F%2Fcdn02.plentymarkets.com%2Fbl8cypz80juz%2Fitem%2Fimages%2F925064%2Ffull%2Fprima-terra-Feuerstelle-Kocheinsatz-Calido-3003326.jpg&v=3&w=400&s=MKUZNMEsE3hLoyNG0AiQRmrl&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

361e0473b973b9b2a0e097b615145be89559ecbaaea651f92603df20b170693b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:01 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=9770825
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 2788
expires: Wed, 11 Jan 2023 14:50:06 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D40D 11 KB
11 KB 39ms
36ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=9239&q=80&r=0&u=https%3A%2F%2Fcdn02.plentymarkets.com%2Fbl8cypz80juz%2Fitem%2Fimages%2F921533%2Ffull%2FHundehuette---Hundehaus-Rocky-111x96x94-cm-Holz.jpg&v=3&w=400&s=CI5iMIMANQV8es7dbDIV3Xdm&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

751512901e0579b0348e9809c27187ba09999e0e09c5a079f6b146164322a8e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:01 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=10342627
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 10858
expires: Wed, 18 Jan 2023 05:40:08 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D40D 23 KB
23 KB 41ms
39ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=9239&q=80&r=0&u=https%3A%2F%2Fcdn02.plentymarkets.com%2Fbl8cypz80juz%2Fitem%2Fimages%2F925730%2Ffull%2FGartentonne--Gartensack--Laubsack-Pop-Up-120-Liter--Gartenabfallsack--Gartenabfall-Schnittgut-Sack--Gartentasche-14937-925730.jpg&v=3&w=400&s=S4FPu4hffr37mLJLX8giUCv0&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

1a8d1a88faea7461f530758dd1ae3808d07241325a074bc518c1617daea4c883

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:00 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=8241017
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 23190
expires: Sat, 24 Dec 2022 21:53:19 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D40D 5 KB
5 KB 49ms
47ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=9239&q=80&r=0&u=https%3A%2F%2Fcdn02.plentymarkets.com%2Fbl8cypz80juz%2Fitem%2Fimages%2F925862%2Ffull%2FWassereimer--Eimer-10-Liter-weiss-emailliert--Putzeimer-mit-Holzgriffhenkel--Alltagseimer--Blumeneimer--Kartoffeleimer--Pferdeeimer--Dekoeimer-15147-925862.jpg&v=3&w=400&s=p-laAIVSZ8bEFJr4OaNxs1tN&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

0241bd5dbdad179fabfb2c31f9e92f69a6775fa10bce39b184d2e74fb0daf343

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:01 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=8956583
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 4852
expires: Mon, 02 Jan 2023 04:39:24 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D40D 6 KB
7 KB 47ms
46ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=9239&q=80&r=0&u=https%3A%2F%2Fcdn02.plentymarkets.com%2Fbl8cypz80juz%2Fitem%2Fimages%2F925850%2Ffull%2FSchneefanggitterstuetze-Stuetzen-fuer-das-Schneefanggitter-zum-Einhaengen-Schneefang-schwarz--RAL-9005--770030-925850.jpg&v=3&w=400&s=cUKuK_nL9ZWzm3Cmva3BMy0a&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

f97735de94870f7303d7b7426767532e43eb8ff02e0ae889f4284c2851793877

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:00 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=8416421
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 6428
expires: Mon, 26 Dec 2022 22:36:43 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D40D 2 KB
3 KB 46ms
44ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=9239&q=80&r=0&u=https%3A%2F%2Fcdn02.plentymarkets.com%2Fbl8cypz80juz%2Fitem%2Fimages%2F924197%2Ffull%2FADB-Ecktisch-rechts-B200xT80-B120xT80cm-H75cm-RAL7035.jpg&v=3&w=400&s=wHrrd13cwqXCaPngRnA7fbvH&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

57d203bc18131c6123d2e2b3bf97c30e376255284bd161c99121349592530be3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:01 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=9685335
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 2382
expires: Tue, 10 Jan 2023 15:05:16 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D40D 3 KB
3 KB 47ms
45ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

85220b1da94808efd83eda0092bf4063615a22c8a2877270725a0391d35d79cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:01 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=8524894
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 3226
expires: Wed, 28 Dec 2022 04:44:35 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D40D 20 KB
20 KB 49ms
48ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=9239&q=80&r=0&u=https%3A%2F%2Fcdn02.plentymarkets.com%2Fbl8cypz80juz%2Fitem%2Fimages%2F925454%2Ffull%2FWD-40-Kontaktspray-6er-Set-je-300ml-Vielzweckspray-Multifunktionsoel-Universaloel-Schmiermittel-Rostloeser-21277x6-925454.jpg&v=3&w=400&s=RGW6XuPI2_pIlFR9C1mlo9Yj&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

536c9f6e11feee4df033fa8154bfb495fb1d89552c391f6f1075d894bcae4211

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:00 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=8019387
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 20186
expires: Thu, 22 Dec 2022 08:19:29 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D40D 4 KB
4 KB 48ms
47ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

da7c07650ba846a57899018b088e40643d3abfe04e35491533afb489ccf90fc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:00 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=9826599
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 4186
expires: Thu, 12 Jan 2023 06:19:41 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame D40D 0
127 B 14ms
14ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=GwwbXbBJsU4rBnsxCBCtbf4Sw0g2kZ66hxMbOkQkb_8DRaNoXXOykYGxr8_IQ9lRB5HPcOWb8aBAKcec4tzg-vUbZ_pICmegWMhfEoK0UfHHLUehyW7wUFQPt_Gc-37-6UtYhT7huMONt3sUtQSCdJk5XZ17WwMSA2SRb9isv_qOZ3R_wfzUAMzf8q3sc2CWn5OKjXZUmi6O-nZUz--cszrSGSC2PdALXB_xtRGn3bsSTF7_XQTWewagh_-vQkpDLEnwgg&sds=2&rev=82759&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 20 Sep 2022 12:43:00 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame D40D 2 KB
1 KB 17ms
17ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:01 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 15 Sep 2023 12:43:01 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame D40D 2 KB
1 KB 18ms
18ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:01 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 15 Sep 2023 12:43:01 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame F942
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECyQiykcCufNxzYAEcrmU3k&google_cver=1

43 B
333 B

36ms
36ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECyQiykcCufNxzYAEcrmU3k&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGNzxhNMBMAE&v=APEucNXU-3eoYyzricyJ-F3znqoyaU8fjZPC3QmibdM-tyMlYdoUhTQsScA98EGPJYOhwN9KmVU_JR_S4lXCnTBBnApvkpkKMGiGT0xts5y1b9xQSEZ34v7PQiex-1VfPB3ldK0fU9JZQRYgH4ZAB258gt5yZZEpL-mr7AoB1XOm85DASlszXu4
Protocol: H2
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray: 74daa4f83dd69265-FRA
pragma: no-cache
date: Tue, 20 Sep 2022 12:43:01 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yrfLGd%2B06K4tadKwsWF0XTg6XrGD%2FyjsAd5bJw7xCA7p71LKvt9H7%2F5JheF9YcpOQ7baU%2Be%2BdgyyL626lShWeTkzgmknYt1xpXXHD%2BuXudLvRf9K9gGt4ryz9kFoKXneuxUgML%2B%2FVheC2w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:43:01 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECyQiykcCufNxzYAEcrmU3k&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame F942
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yym1VcH8vwiFSBs-qsoP7wAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECyQiykcCufNxzYAEcrmU3k&google_cver=1

43 B
839 B

94ms
77ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECyQiykcCufNxzYAEcrmU3k&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGNzxhNMBMAE&v=APEucNXU-3eoYyzricyJ-F3znqoyaU8fjZPC3QmibdM-tyMlYdoUhTQsScA98EGPJYOhwN9KmVU_JR_S4lXCnTBBnApvkpkKMGiGT0xts5y1b9xQSEZ34v7PQiex-1VfPB3ldK0fU9JZQRYgH4ZAB258gt5yZZEpL-mr7AoB1XOm85DASlszXu4
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray: 74daa4f91d536987-FRA
pragma: no-cache
date: Tue, 20 Sep 2022 12:43:02 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7xrpVzqgrmlFhOXiRUuSHOK1ysMazdnEu4H7rVwyDvtgTxj0MCn41pNJMuVD5TRsf6drM2Djr1n9pkznjDTCDSQcX9gmBCu7TiCQRUpEY%2FZKJpQem11erlgjzFM5B2yEa7HkxiO1u41EKw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:43:01 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECyQiykcCufNxzYAEcrmU3k&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame F942
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEHPxTKdVPV9b6V1WWaLKAZQ&google_cver=1

43 B
1 KB

13ms
13ms

Image
image/gif

185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEHPxTKdVPV9b6V1WWaLKAZQ&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGNzxhNMBMAE&v=APEucNXU-3eoYyzricyJ-F3znqoyaU8fjZPC3QmibdM-tyMlYdoUhTQsScA98EGPJYOhwN9KmVU_JR_S4lXCnTBBnApvkpkKMGiGT0xts5y1b9xQSEZ34v7PQiex-1VfPB3ldK0fU9JZQRYgH4ZAB258gt5yZZEpL-mr7AoB1XOm85DASlszXu4

Protocol

HTTP/1.1

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Sep 2022 12:43:01 GMT
X-Proxy-Origin: 37.58.58.250; 37.58.58.250; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: e0d94003-081d-4ae1-9608-1a84fc2e3f8e
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:43:01 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEHPxTKdVPV9b6V1WWaLKAZQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F942
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjA3MDM5ODE5ODg4Njg3OTc2

170 B
188 B

27ms
26ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjA3MDM5ODE5ODg4Njg3OTc2

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:43:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 20 Sep 2022 12:43:01 GMT
X-Proxy-Origin: 37.58.58.250; 37.58.58.250; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: e938251d-b185-4185-a64f-c191e9953064
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjA3MDM5ODE5ODg4Njg3OTc2
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/1171009/65650039/ Frame 28CC 236 KB
71 KB 127ms
34ms Script
application/javascript 52.48.14.237
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/1171009/65650039/skeleton.js?ias_dspID=3&ias_campId=1008929676&ias_pubId=pub-4491659496372172&ias_chanId=1&ias_placementId=18252516133&bidurl=https://www.walla.co.il/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gwGLY1ALN4EfwHA5jCcLgR
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.14.237 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-14-237.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 5d428646b1f95215bfe283bc7f5adcfb78ea8313c98327d39d2ad7f125a7653c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:43:01 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 28CC 106 KB
37 KB 114ms
53ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/
Origin: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 15:22:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76834
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 20 Sep 2022 15:22:27 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220915/r20110914/elements/html/ Frame 28CC 8 KB
3 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220915/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DvRbk96APGI3o6HwYzcbDdR8BJtb_F1Pf3PuxfszX8ih5Wt1guQ3YSJuZhBRmjWliXRdIo5lcYfQGmaBlsYjW4r0qO5Lqkn0wz8apKrO0TXiNJvh2mQaNUUgLy-_ckKDiBWgBMsWy0e0mBsbM60dfCbuAKwg&dbm_d=AKAmf-AT7I7syU7FHHPw8N7a7UvcXgeeOHorKrkLne7d1UBKp6rIbK2AU9avRv_oAMrVrIh-xtdTa2NFBuPn8BSmvVHPE6qf_NdtzC4kfChXeG-5zhp3SYbz7dz84SOt1GDrhPadR2dThUnpAhlx2URXAjZARudCj-Y4BEI1RI5eFTMqsd1rV2x0iQeQZ8FMxit1DM7bxvT9FwQwQSR8-eNc8fu-EIV0_s-H-bjvPtcscIs8ByH2Atj59twIrSNwUyC98jeqy0Ek7vcQoqqWd_H93EsKzpGoXK-Sc6JX7YaRDI4-pJTxr8ZnycX_BEszu_D2oYUzFGMNGAQqeyP2fp2BlRrDvORj12G67tLfW58xQhu_ccfcEFU9KaVEsRgP6CDpcoZA0p06z4Ioynzibc8GIYhkCPDnc5KqAbTiOan9w-9zh_6hsPEI0cr4QzOhItAMk4bgmgOjglcflg8MTwBD3In4nfT5YywFeD86c1T5K2HPn0TIrClPRCsdTwalRuglNzMcpMWcJMrsy_QMFEkpYSrzVC79CosIaeEH4i521YxHS5Qat4XzZSTQqgiiQYK87H35oq9hrIRl2sOaAM-Ly0kRiFITtAXZMDX9tDMwMZOf2K5M4i_2KrMDwL6EbeSnoL_15d44lbdEmomdWU7Ehz8ZvNv1aHMhUErP6Lx3e4Hyj1uxctV20dnKzABIwZI5aHWsLLgRGMsIliNDxoseJdg9n7r_1ffc69wtsbk67CH-ZgL-PCXMwXqXBFO5WI_5ohLP4cyRG2cBYs51loLzF0gVc3VAvvl5eb7DETbfaqrtRhs1qTPFU-N8Gf3z2CCKFwJUx5r_R4IJCIPw0VDuHISs651L_mxLWEnIaZ2yBKDdm9fFYEKD5E0dEWSn9FwQUas4s9_-HGFHp78WmaagIFKnDhE_zvTQtcV41JEzsyxcNpkv0ra9U4lE-gFpvO2bUmj8ohrOjq7nClqUm0NkBLQjedbsDuSrQ4cVJo0E8K2pS4Az0SJMO5NcgS2qbGK3SvNaW6bb0C9vmVTr1GSXOjb0pKwOcnNP87UCco_TMJzgiqfzW7vVxlCVFc0MfASojCUxffpl4plz6LhyEyaOVqf24VqUCOUhgLeLBFzO1mm3VGuHbg6gLCFtjuzrVyjL_tWf8HiVcKCEKPASHnCiNQehx7azHWMhGxHCTX_JTebWUU92To8Vi6AQjYwbaEHNEBy_kq8ZftqjdJnxMQeRFyBwc0rcsZf0pKiVKSTf4wiKh-2GZerZC5CrUkHugqWBzrSFsfpYO9gCl7a59nwznMUxzoG2AsSn9oKuARhNrcby3EkApXxZqflSXF5ZDSetoCbfatFWWue1xQ-PQMH948GwXy2U5kaC5z2SqZmjP1uvxHJBqEoxyPfJeTcxXTBqMSujURdmnwvUdeG-ZiI5N2OlCoGvSj60MPfpumunaEi2qLtIcTiTs62Rqsb-1Sw3ZXByLjWwcRYmz6dQ_cRK6cKeel6W7EfY_GqXHsdUzCogcql4B_xKxBQ1cy579a4oDAgDhUGBRLtOHj2uICNBn1QtdCeiSzsUJypursLCO1xqe1cytDAF_AWFC_Oerj875jNmcr9BhUyncOZaCaHIqDG1gAtPuE3a7Adjy9XD2xnTN4FEAOML342x49g_2WZCr1KxXLz4Bc-lwBYlLDESf1YwIa2aWc2_c8y47dp60RosDZrhAK1QTsBrRoqwsYTzIuHQWPXYHWYXOsBle4jVZ_QReDQbp-Lib-Wda_l19yf05gumiZJvHfgN8jQMks23cCnNz3zYQ8O0_eKMy7pcdNHlCZiFEq5zHQ21RPxEJfYWi0bJ1eIiFB7cAHb6RIFAmgc_oKrkgmhADx7c2Ozht94ayCzFdKh_y5KRk4C6Cx6br_mY6BhDy7aLxdmEj7qFGaA8My9ypq4dQHwWd2r6C61kLX69BmgrVkuJjMbEHTegmjuUgv5TlHT7FKjFaFq8rVksmTefES7pUZpKb2MLqdtzRmy1jbZhRnwg3sYppph8_LlYS10NHhSKyUh9gkbv-ljGpL1MkOPHWaqUYPTULl03C2LOIZzzWpVRgt-RGtf1X5ygVp5odRnEqdLNNgURjC7ZSNVAe814yue8GCdrbdZtDeG1iQNjESR0lEQafCacFImb5_H7UBAF8f916YmwsZcnFbaIPwPCAroHb13XlZwKCuI10anpPxQUnRCsDGPSSv0R-j1DyZhwswlSG46M14EXWvxh9LO-QyPn49ZVJFjrysthS4P-NxYcdGToycIjjQSBkms4-rzLBOPe-iD5xWqudCcGGv5Qg_xVGuuwGurEVx-uhQ3Efx8fVz_GWNyDRwDBmabx1AuTmNOiWaxnXWTCym3NmVanL4FQEYrtnyC1Y03gaaWoJXbv4ZpSOYDPZpV2ubqkVJdkJluiqAilfgQy38P8jNYeUM8vIizqdPkUBFuWaY0ToaNTX2mglbw4W0xESrkyT0rA9g2fQ6JDNE6qTlucCAxnytAR5ENe_oPEwYBoYiWz7KtAwub0VVMpwchPhmOI8_OxDUGX8LSi4KaTd78j4vHMbWUb55bv2RGb5fk6gnErKm1Mgz0bZMF3QE5MsA3TxFqt0Oh2WCPC9-vucKNOUuLnZuDU0knU0QCNsj0BALTY7-FJkI-O7weyO_WgIBqMO3GSOTtTryumMcY3w9HZQzZIITyNPfUYLZkf3D3mwtSExs39vNTFJkgViaY2nnoCph-cEVyk528Scc0GFKM9_WKcWi4BOk6jdTqbxBsNQ14o4jOP1GxavBvdkARLzwqHNlqQMMaPCfjKpLtBek6P3Fnk-WAHL_7QRcleq62vzeW-S5syEj_cJnxgvIYsuyk2HIiRJRvpAyamsNowIUqT8-8xOSz0348J0GXy9MR3n0gLjHrKtf8KV23uBDNIBcOwB_JCJ3ZbkFJnbSAqejZc4Wgnrv9zWB-6pGeF_AFF4qbdBBuJKOMxYK8yF932z9AOyZsAD4S-y79Dheq5TlOvdm8JCG4eRVI67gSuFR9K9pjx5726RkwkcIZMvB5DCTVg1hp9cyyPm4vUU5_R-F2B9ql68hsZkv2S09AoehLFF1mYA4QtGKNpSGkq0k5qtt0&cid=CAASJeRoR4p8HyAqel5sczG_cPm5EC807KtD3DT9geAYIZbiJppvmMk&rfl=1%2Chttps%253A%252F%252Fwww.walla.co.il%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:36:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 417
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 10699485926258732851
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 Oct 2022 12:36:04 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220915/r20110914/ Frame 28CC 30 KB
11 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220915/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7348579c41b9264b67476504697d1205b3a40f15b3442ca6457eef60542670a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:39:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 236
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11717
x-xss-protection: 0
server: cafe
etag: 8998177921611256807
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 Oct 2022 12:39:05 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame F8A3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECyQiykcCufNxzYAEcrmU3k&google_cver=1

43 B
341 B

23ms
23ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECyQiykcCufNxzYAEcrmU3k&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhj73NDBATAB&v=APEucNUjFMS7JywVu2QwaERFaXohHvdcR61z8CjQulSmhwUD4YceQzBLSCK1Dm30zq8LX6BBHq_EkoTkaAggfeSq1VrU_VsVlukyWLl1rqeCIL-yFbEgtk_NpFCxFOtfjBjJfhLPmvq81pEGcYLe61gcGvXd7BmZAMoi0MFnyV8uwNmm7tJ_FPg
Protocol: H2
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray: 74daa4f83de79265-FRA
pragma: no-cache
date: Tue, 20 Sep 2022 12:43:01 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yEnJ%2B%2BcRyGCdKcutsdlGWjdrqbzmeu55uEqyN0vVMgP0x5DuelCaOkz13Buki8JWEsoSean6Z%2F8n7629RwA%2Fbc4NllZbyLHd%2FZKT2OG2%2BADvzmKIo7a4GSfnpC4VHm3YWSUd5vVhMWMqAg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:43:01 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECyQiykcCufNxzYAEcrmU3k&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame F8A3
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yym1VcH8vwiFSBs-qsoP7wAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECyQiykcCufNxzYAEcrmU3k&google_cver=1

43 B
875 B

75ms
58ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECyQiykcCufNxzYAEcrmU3k&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhj73NDBATAB&v=APEucNUjFMS7JywVu2QwaERFaXohHvdcR61z8CjQulSmhwUD4YceQzBLSCK1Dm30zq8LX6BBHq_EkoTkaAggfeSq1VrU_VsVlukyWLl1rqeCIL-yFbEgtk_NpFCxFOtfjBjJfhLPmvq81pEGcYLe61gcGvXd7BmZAMoi0MFnyV8uwNmm7tJ_FPg
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray: 74daa4f91d506987-FRA
pragma: no-cache
date: Tue, 20 Sep 2022 12:43:01 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BEJ5pWl0ggt6gaFEbvbZNzAgMS8L6ETAhm4DsujENgxGttWsntMIFQc3NupW4IkiZ6xY7oA1k0FSSD4g8YL5GQO2F6BrXiCdiSqFjWkjv5kndnwkollHdYcBYFSqM0ZIuEyFc93NAFr9gQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:43:01 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECyQiykcCufNxzYAEcrmU3k&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame F8A3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEHPxTKdVPV9b6V1WWaLKAZQ&google_cver=1

43 B
1 KB

16ms
16ms

Image
image/gif

185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEHPxTKdVPV9b6V1WWaLKAZQ&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhj73NDBATAB&v=APEucNUjFMS7JywVu2QwaERFaXohHvdcR61z8CjQulSmhwUD4YceQzBLSCK1Dm30zq8LX6BBHq_EkoTkaAggfeSq1VrU_VsVlukyWLl1rqeCIL-yFbEgtk_NpFCxFOtfjBjJfhLPmvq81pEGcYLe61gcGvXd7BmZAMoi0MFnyV8uwNmm7tJ_FPg

Protocol

HTTP/1.1

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Sep 2022 12:43:01 GMT
X-Proxy-Origin: 37.58.58.250; 37.58.58.250; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: a9e59524-768d-4a96-98f9-f93bed47d618
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:43:01 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEHPxTKdVPV9b6V1WWaLKAZQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F8A3
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjA3MDM5ODE5ODg4Njg3OTc2

170 B
188 B

24ms
23ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjA3MDM5ODE5ODg4Njg3OTc2

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:43:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 20 Sep 2022 12:43:01 GMT
X-Proxy-Origin: 37.58.58.250; 37.58.58.250; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: ab99b1e8-70fd-47d4-8d28-2b6ed0d426a6
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjA3MDM5ODE5ODg4Njg3OTc2
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame C643
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECyQiykcCufNxzYAEcrmU3k&google_cver=1

43 B
422 B

34ms
34ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECyQiykcCufNxzYAEcrmU3k&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhjlkqp5MAE&v=APEucNUtZv4w6g9lutWbZPO4-AW9X5YuhltgZeRzzbn5fl9HZySHJmsJeZLJe6vvtH7VkOO5hxqwzgSMt-4Z_2C3FLFftodOU3BKQMVV5fMcRhlo5Olb5i63T8Mw7mtIJLeBEbnFudowtwTpIZTKj6iTEpMGmj0wn0FeMW2B2f_qOhLk6AC34-k
Protocol: H2
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray: 74daa4f84dea9265-FRA
pragma: no-cache
date: Tue, 20 Sep 2022 12:43:01 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mCjNrlZpzBMxI5m5zTTVtUDnDIoOyCx1%2B0PFbZyJ2hQfOdP%2B8KSoHwmT9zFfFyB4EDCexkeeql4poXP66ffUzKdZjIOWYIDB1cDmYHkO3%2FVFNvYs4md8Pw7eu%2FKjNzt6MnX2SsjDG%2BPnyg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:43:01 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECyQiykcCufNxzYAEcrmU3k&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame C643
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yym1VcH8vwiFSBs-qsoP7wAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECyQiykcCufNxzYAEcrmU3k&google_cver=1

43 B
841 B

87ms
70ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECyQiykcCufNxzYAEcrmU3k&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhjlkqp5MAE&v=APEucNUtZv4w6g9lutWbZPO4-AW9X5YuhltgZeRzzbn5fl9HZySHJmsJeZLJe6vvtH7VkOO5hxqwzgSMt-4Z_2C3FLFftodOU3BKQMVV5fMcRhlo5Olb5i63T8Mw7mtIJLeBEbnFudowtwTpIZTKj6iTEpMGmj0wn0FeMW2B2f_qOhLk6AC34-k
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray: 74daa4f91d576987-FRA
pragma: no-cache
date: Tue, 20 Sep 2022 12:43:01 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QY%2FyEFSdVJOdrn0bypIEJ6IJFL4oJfr1RYExBYpHXle2QgdAmDjKIWeJRE0d1QIOUXgFT3D9KMBi3DC6XpPR61MfvxECv8r3hI9rYnDVtm7cSr74p1HtJL3%2FDYDsTl8qSaWqtIKOy3YB9g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:43:01 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECyQiykcCufNxzYAEcrmU3k&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame C643
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEHPxTKdVPV9b6V1WWaLKAZQ&google_cver=1

43 B
1 KB

27ms
14ms

Image
image/gif

185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEHPxTKdVPV9b6V1WWaLKAZQ&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhjlkqp5MAE&v=APEucNUtZv4w6g9lutWbZPO4-AW9X5YuhltgZeRzzbn5fl9HZySHJmsJeZLJe6vvtH7VkOO5hxqwzgSMt-4Z_2C3FLFftodOU3BKQMVV5fMcRhlo5Olb5i63T8Mw7mtIJLeBEbnFudowtwTpIZTKj6iTEpMGmj0wn0FeMW2B2f_qOhLk6AC34-k

Protocol

HTTP/1.1

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Sep 2022 12:43:01 GMT
X-Proxy-Origin: 37.58.58.250; 37.58.58.250; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 1782d482-976d-4f2f-bab1-ce4463de56a7
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:43:01 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEHPxTKdVPV9b6V1WWaLKAZQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C643
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjA3MDM5ODE5ODg4Njg3OTc2

170 B
188 B

25ms
25ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjA3MDM5ODE5ODg4Njg3OTc2

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:43:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 20 Sep 2022 12:43:01 GMT
X-Proxy-Origin: 37.58.58.250; 37.58.58.250; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 8181ee89-d8bc-44b0-8921-37719fe14084
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjA3MDM5ODE5ODg4Njg3OTc2
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame D609 170 KB
59 KB 65ms
22ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/
Origin: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 15:19:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77023
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 20 Sep 2022 15:19:18 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220915/r20110914/elements/html/ Frame D609 8 KB
3 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220915/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bx3Y_y8YD5jfzCRpseo8EkR4F2XHK40fgtOVcAgjnlBonbh2u6IrZKm4X8Ag4MflxIWNpCu972YP1k3ci8RScNVV2bZBU0Svk7eUYhmgYC2yrelHvj4EdYWDQHIYl1tmE05qna9YhVLrHXsgrAeuKHi_tSTA&dbm_d=AKAmf-B68MZhcIHRT5sGIZUE-xSdcXtjJgQ0TH3M7-CmWpj9w6yHCgNCMMWMZQBC3G1Lf8NeFPODvBiNCk4xRQ3Uo5YEtZR3k75wGVEx-_suDMs72vyzggYE9LVjH8MKUG2f0UdLKpxLP6sYlaOALvTku6KgJ2VLSFbBjlP86RC2LwZq0S79dioAwJr1PqrOpXKWTqX9GuODy7l-VgG3IzEHxXffO0sn0gRj_oHqkj-2qL_ES3LSQZmvYifoM2xpmkqCPCZeet7fd4Ke_iWThZXhfFxTju4mdiPPUIihbytkT0-KZ-tqS-ueuldQ9muKZCcFcISP0764vG01ZrNHIjYfMKrOUYS8vMICUmPvSMNJ9iKB7MzfHnCrcBk13s5qJGMtJ5ZU5mew1WyJfPj0D8s5GxUzMy4X1oie0IjgrRYKOO7nLC_e1gS7Kg8kNO1m7VzrRL3jUfN7zAteHOHcokPkNgg7s8uwmb13eTuRZ3Dl2mHUTDMpASlkwo0LVbj5gQjXwtvw0GYIBosjeSNy2HhNmoASA1sVVXgGO7Dw86Vfb47fZmMamSiGBcz4AgcmzgtFcaVLpcw8IA8mYDVdMKMIHsmK5d2J0_VhQI3XCyVWm69Fiq_floVsGgfb3ZIT5lj5t5w5YUWBW9WosPKS1Wsdg3G-J0Ym3bFka5cmqqIxQHeZFVZBmDhETMwQMaY7xP9djnbaLxbnt0JZMtnnl1wH44JqFbd7qgPlnCB_fSyddY7chYMfrkkbPs1s3EDGjOZ6g9wUKJyhzZtyIze8yv_RODg2nh-rNKdkil-eulccgukkuGa_9iSatslT4wMKtCki871UH8dZx1-S3CU1z9F4GdfZOGXmpl3WTL-MM3CzyPbLIAkpSUMJMVWZL4h9hbU1zNTl_rOrwbJoUfCM1Erq1SjXN6jknUpsj-kjiOngrAge7nn554__7fFLGuwa9FZog-JSUfItC7DM9xTN59wzDDhDBdCB2nAdpFCFHnjFdX5eIxVVmA0Jd6WagvOl1WZg3alaHUB4jNjIDwJVKOiwiE1MFYzS8bOpuCSSCNu6RFG5lpI08f-5mZAbniHOAyI1kTc9DClHMRQT_dMVfTFBcWnQUWmcFi1_qYsTq3tSetVgNZgxY9oKRbBmFNHEKMjw74j6GGljXkHiFrlm1XpvtbpfMC-yL__gPsKlfVW7bmmqmg_N8cQHexxLo2tEDchqg339hdQb4w2ABkcMAJA9zFmq-Amuk_BkZFG7vq_hRCnAWdFaql2qORuJn7r7q0uIrHdjulIgb7RfRsSXSztA89lP4XIbr1LjDVxAloqh6vESIrA6iIRHPqEGquedHgAq5NxoIXIefdPkWGxRQ0nmDWYVkxrtyRIPQ2jYijks8OCmEWkIp-4q15l1EvQR2YOYcTk6u7Dsj8vOU3YohuzD4cTZr_NJd0QQzSNIRvwWEE-l6nrIQ7MRnrLjXZL5F-hpsL75kAMBP7B5zHhRzQM880s3gnudv_5Pgx8i5bLnIYKT-dFi7FQvY0_ixExOL1T_f_mqzPzjXrEcPRpEkWJQ7L6LB-MpnfURpfv2id1gjJFYx4LQZQj3em-hA1yPX1GbaDn0FR1J3gn3HgiBY3Xhi7vEyeoCwj8b2fqv1uVD979E3Gg2hgRHwCgrC1nAZE2wWU1sbPaSuc_EbiLwAeen-C0HNxQitxFsZWDTvh3psxstINFWeejkD0qMYAo4mcixXrWdmhVjsrDstjIt6GQWyoLoKjlhv6RM5OPsUYCL2MQpf1T33xMv_GbgyCtFjhUeRc-5aPpQ-JElDNy1QrAlJCuRcg2hsgztPtQqgImNii2shpEKgQhmuPJUDxuIYeyHA2JPaxxuxVd00L9tJeq3aqcIn1DUpGN1KDOlofM5PAWaOFQFWw7ee9fxNxPT4gkPJstMWwrxOBKWq_mOwXbGoXjMjgFzxHXriBLx0NRLLqPr8T1yY7L3JjjpK2QwSR0uJMl4oyGvrKzsB6m9QPosizaIVSgwAswL_RZC5R6YBMu_OWs2JfQoI3yHrcvFOrzeIOvrt7BFXtT0At0WimRTmj1AhQ_hGWWEKwjOSiACzdp9H03NlIu6Qwk-1olsH19LHVbLEdEZm7WZ7aZbftsolZo1gGItj_Udd03yk5jC4gExA6zO3fPMCYG-71XzCwKxzkPdvK9pVa-iS_12Blk8M7MGxqJUPiC6RuN0QSE_AZCeD5X52TPL5gfXaalZi_gI7AmIbXKO3hDDRyrj6FCZK1hH0pKQkD4sLgFgSikMgcoHUpo-fU7cNRq_YT6womS8UnQwF5ZmLQTLaF4WmyX-jtc9jhCF5kljQGeyt9BT4bxHNwijV80H8ZP945dxIE05rWqwr4_Okr6_OOgXeBC85EHOyP1gAEQod6lWLu5qFZcyPF0GJsMHe8vtIXktLpFNdpcSOy32cKKxvE-kTTZbLCLlzxXnMmU-byrdd9UM-fBnZcKTFm07xploCXOgFydQL8qhr2eghBnqUlWmtJQk7zr3NXgoWrWoaeUiaQme6Qo7yOcGhED3tFcKiqcQybNQ69gIX-0bIahpubUhaw7KOtiOjO8PxUEV1Os0j67hKdqOlQG5UqANv_iJanoxIc_2yVFF-TL0evF0KKoS6HCwYNlI_fdC6L4KHf3rU_qwgXZNvM8k46YiTY9--KmAaOh_WdilxjEG85KMFOsDkrGk6RnNgXqw6f-O2wqPqDE09wqzR3XzpBg1AuvrZoBAASzY_q31nZTXylqOQZ7yakw6aWJDJgUj-XnZcBN_N4j9meahGgCgxMoqoh6lwnJ5m9bXdDdV6LVb-DIF8F3kGiNxSqhITSdquH8PxOuCyro7WE8ezRaUzkIwTOpmbfJjFyYiP-RiAchKkK3t4uMC3aTj4oDyD6PBxOA87u7estjjHu9_q3FFOYyySg2RLCZ-DY7vxA2gJ6wP-6laUruLWwA6q19ApiIRsfEV5WDVHWlTYXZgfQ65Rh1TssHAg5-6mDIDko0Lv3mG8lZA6zMhzsrW3LYwkt4mrfg5ayqA-pjd9zbOXgsB5CrJ_lGEl1UAAXASWWYcqAgFidJlHxW2HPE8ZIM0mE5DOD6SktgKGayMSrbDlBbavSfnWIoofY9jiGx8Ax617uMGitziGOPGc3BHCW3r0sZjz0yqlLR4kswdLYAA5NnNrlzjVb2gzsFF767PR3qewYgFTyRaAaUOfcJUI0i3_H8M51DQXOrd54dCA2J2BZaCH98ogyJCXOR5xOOym7OBSOvyyzKbeN2Wuetyb84XmWfB7g&cid=CAASJeRouUIMDjli6WCs2GDHXclHTMOcNXNHit7wMlaHzhaWZxxClMw&rfl=1%2Chttps%253A%252F%252Fwww.walla.co.il%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:36:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 417
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 10699485926258732851
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 Oct 2022 12:36:04 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220915/r20110914/ Frame D609 30 KB
11 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220915/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7348579c41b9264b67476504697d1205b3a40f15b3442ca6457eef60542670a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:39:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 236
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11717
x-xss-protection: 0
server: cafe
etag: 8998177921611256807
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 Oct 2022 12:39:05 GMT

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 9450 170 KB
59 KB 66ms
32ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/
Origin: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 15:19:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77023
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 20 Sep 2022 15:19:18 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220915/r20110914/elements/html/ Frame 9450 8 KB
3 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220915/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DEigeEXq9HV7EFq0EApxHIxctrEmN7fyhvqxjplQMrMYi_5yV4tk-jV0IqXoRS1vBGzimiofy4WmTAqTTEFOZHLCauV0l4-xJHTAhYkDCG8YM2JQXK6o6ZuNJQo5PtlR6JMbNKLNYT983IsSCpi61eppNmNA&dbm_d=AKAmf-DFuDP4_4pN9s0Z9kKjLxL1ps2fwEKSk2qZfGLMAbv3R6s_h-oJ1v8HzW8uMcOh8NHOP_oo05VCi_g5YMjnucm_cjZKrd4W9hPLHGL-5LqjPBlL0ugjSH_SZJSrwY5RSNLfC53vH-3vX8a8XmdJCIbLoto1-M7tE7u2c9qeGx9mrzGF0yi_XFo_kcvYCAuKR-BXG0WngvwRQnJkim0VkYvJAtrwWSbhWqt08dK1jI0lE8Orh8VrgqnvJi49yDL8yo17Usa0hZcZgxdn1XH2DF-YPRzk_1Tsd-E4VTZ7TrqJdaZSUTtRfANGRZR18w-0PADAatMiQuzHlvJts5xzt-y3dEi4ANOhG1GCoHfJ5WYUAqfOTV-1nT2saK5NA1jdM08XsCmw2cK5S6CB3c7ViijMv6vTHpmFeYXVrgQoVbpdmDXANHBH5S5ACI0vQ3QDo67nLu5VmM-JD7FQYWIECfYYx2LVHiXkb0Seq7OxSRgVvRAeaSBMa0B5Ir06dd5lW6JsrHC87cXOaDYjkT8XRwnUQ2VDBC526JmARBBDuEae48GCnZy2qQrVWMCWVJSUu_xxunM3cAvDvK_XVcB2qW4PJK1RhiTJCBisOTLcxV4lHZmVUcBA_2Y5fgV80mJIxwi35HculLGXSECanKi9lrmKpoBbKdMo4TGvM1JfF7pj1uceHu-hcL6AD6wCVcCmlRKk7QiXcHuGmHM67rVog8jUbvy4APqbVtuIGBWkjwdma4Y8d9uBg8NsW_167CdTJ7XCVwKd5zvTg1dUZ3e7ui2PLZIK9Lf550fwIWrQQja1Kk3iC2f7hYvuQA0pqSus46XJtVdumrXxk0a6AQ3lFEkXKA0KyVWiDZZy0VGOcdyM1fFEDeDdXJDgKKu7-fgDiZVGB2TWXiA64XCY2BaQbHJEMq938fzEyAnvLiA8U_hPzOzX3JYluxZ-qg5CDPRNvi_JpyiNcFbiIuZd9xcwKVwLnqHTQCqA52ulom197fnnCAE7e96suXhALHQdIfLIpNZHdhzX8dMT3eu4VbbKlt-YkzP6yyxP2MLveTcnK7k7Ks6_Uq8klceaRJNkwtaOjaD6Z5lxi8-n5nj5oKjQIRR5GKMfM_qwEWvr5Uz0Otpvs89-DJbWlJ0VdMJL0TzSWyvYWaSlICXDYemQcgQpszzmm1I0G1FAiXZtJiJRcgulw1L8w2jj-yS_gMyuezWyvnS27_zEz6pT7ZyGVu8AJ2rtFUra3r_fupM9EIF7JmxoxpFhJtTsHXAiF99mwpfdmvuJulozlh-WlSjLLMQM4CWG0j7CDmUCWKulknQ50dUN40nuhqOOKBNmBk5Qb2CmHVkSRat3YGnRhdP9HFhho8_AdYFkBiuBsLNnmhHAuFH0nicnvLbhu0901W4moizxn0fJvBR0vS5do7mBmxGwQO_SMCeob65AGm3QpeIuOEnxd9L7HaiZM1QQhpAXSDb9YEv8RGmBSkxHIO9nF34fXw4EKnNGOqDGMFT2GxWloVt3FSwyCArMurDH8IZNz-_gAWTAYfExKAI8BohedqTDGc6uvZOMgf2jK6F2SuQ7rDiqe0dfQTFz94GQGJh462i8vSdygNgjfEoO1Ug_6TZyFXSqlCpwBGEkQhgGsPqwJ0C3p0Z_m8emAv1qPYP2HYOx_sNOmkO6NgMEHSRqOrkTYYZgrFWsaGIiVgo6UPcwln3q6Kgrl5wH27bpho4WdIoO4ntWHyX2-sApq3hTXbLYszdOnlUPiQduAPz9HM2nR-vJauo2okY-XhMq1v4-2V1Dxq8A-tptlWpVsgBilptovSsDELOwMy4k3L390X9aTWW4fxxfOwOZ1kCbcmCerVcaDyXLuoGITv8w0P5sEdzSEP8xC7wao-fT4S3gvpagfN8qQjOto5AMsP5gFB_Ovj30OR5s70oG0fXvN_3ZOL5Rqu4krDkbvvYueZAWAL5Fl79T7IVGFxkjI04hPYwvYhOPpzPPU8oku45T01w0QSGJ16Hsgmo-1fOnvHQghsJUiiShSUKLpRFJpNb7ct1ni3J-05Fs344UDR2LkMTbFlMjWN8v-TW4vq3-xw1ZCVqXwnU2fH5MORRLSWPxeTVYqotYT0cJ3EU1gTKRcqQH2SkVbyntYr5Z_Cs26-olTEO4mKcsvhR5VFuGNWrpxMcpaEFyv5zHLpYBVVopT7pWAwFV4F7Ygznp4QLda973VMIvcM4Igmx1YnXQDiJxXlNollBuanfJ0CAtFJxxEwnmi1bNAEbaDeVYsoijzd_lzduwDT4U_I-p8VkIzS2bIIsNYaFlwzf7hKsULxuVsYa4BCm5mNrxx9kCiF39AWUFVpvwOvF4ZhVR0aSu_nT11ZXjuK2mwXPdLIIl3Aaf9ptiedQqCLVslZYr46vjWyoe87ZGM3m0nwsznk-aSGlqfI6Qjjn3pmP63UtjlOxgCw1PGTF72ptIkzC6t99JMBkNP3b2qGHv01sw7AHHhJNfYNHGbnWqhdDGlldLoQXwadCJBR2qO28ERAZjmmjzoJBBLsFw9wqvL8Q7jVPFcXVy9zwVZa29uVtxKfC0rI6l6VrifwtBfPZAXo-9WbvBNnDnJH0MIR2BRYF-wXQ4mkJRjW8zHJ1JRq6bSSbUd5W8YQ3bY2sAfW4QEdkFjy6m-hWAL6bmo1k18aPa4VKKbdmBA9dQuZ_XNBoaXHeUK6xfygOiS0vC3wNKeOs5-I8vMXvwF1CZP3SUK68ZYZcVBX9dqf3-Bu20CW-4fAJKQ9pTHPgASRcLyr3H7wg1lPFUBWV-DIEehEN0M7IovplJCg8lmFtrkOskq5ezhYel1fgPg-j1N1w5AwnDUaDcRcbU86ZXdlDsQNWWv7M2NIwNBdAy2b5BU94LtldAl9hz5b1EKFk_h4xNgW3H2Cl3-8_VhVFtAPIObfix31DEFN2rRJZ2wgvW-_8Zc66oNxrOvz1jYkqO115U4dQQV2ovx4AYGrQFZ0XHZ2xoJjv8UgYHhjAVK20qFG6hHGQ-X_QVQcXFg5i09iRRwQw5MDv_H7vKLVYoGwPpEE_1G_XQEsZTs_uHIrFWdBubeJRQWYavc2hdfyJDwyep3q4XQa6pCX1zNUGJnisJYQ_4aXC2uLcRQ8w10vr32Xg0y9iS5TfZh6WRZoPkyyu9GubJVlHRDcTGDjIlr4Be5o8h78hHiRzcIXfdZ4Hwdr_nIlnVhLMuojcUDGOgVAtuoWLZ16J0Yt9CXPCf9kBfZ3YqgyKk1rSeg1lKfoG2EqT8dwV7QYawWNCveIi0ssu74gGCE-uWtw&cid=CAASJeRo2TWZYfNoSM-ZvEjMZBHPtXLNvSY9C3hJZacEU3d-uWSVmeU&rfl=1%2Chttps%253A%252F%252Fwww.walla.co.il%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:36:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 417
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 10699485926258732851
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 Oct 2022 12:36:04 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220915/r20110914/ Frame 9450 30 KB
11 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220915/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7348579c41b9264b67476504697d1205b3a40f15b3442ca6457eef60542670a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:39:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 236
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11717
x-xss-protection: 0
server: cafe
etag: 8998177921611256807
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 Oct 2022 12:39:05 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame D40D 2 KB
1011 B 98ms
38ms Stylesheet
text/css 2a00:1450:400a:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400a:802::200a Zurich, Switzerland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e2464f998b38ae5f4a6f68dd19faea6939ccb6db5388ce17a0621c3fe186f859

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 20 Sep 2022 11:02:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 20 Sep 2022 12:43:01 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 20 Sep 2022 12:43:01 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame CDD9 0
104 B 234ms
64ms Image
text/plain 2a02:fa8:8806:13::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESELAsrAdGXv6hB5_T59_YWiI&google_cver=1&google_push=AZmPxg-jiNfj8snjcxWGLcYFsbzSpYrKFgRszX9zAwE5uih8YTpOIkjqk7Of-ym7c3cO0r79yjK29ADEWAhPDLRj-6JPCFi9a4diyw
Requested by: Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:43:01 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CDD9
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEFVR3JfqG-IC0vJF5wQicBo&google_cver=1&google_push=AZmPxg9oWGRNjlpEE0X4ho6IPL96sokRx0uIifcR6VdXqiQVfn1V1qqUTcnW2dcN6ref2Erh0kUo3HKrnz-AxDjD...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AZmPxg9oWGRNjlpEE0X4ho6IPL96sokRx0uIifcR6VdXqiQVfn1V1qqUTcnW2dcN6ref2Erh0kUo3HKrnz-AxDjD4mOBO_DWE3Vp

170 B
188 B

26ms
25ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AZmPxg9oWGRNjlpEE0X4ho6IPL96sokRx0uIifcR6VdXqiQVfn1V1qqUTcnW2dcN6ref2Erh0kUo3HKrnz-AxDjD4mOBO_DWE3Vp

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:43:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 20 Sep 2022 12:43:02 GMT
Server: MT3 4505 5b23575 master hkg-pixel-x12 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AZmPxg9oWGRNjlpEE0X4ho6IPL96sokRx0uIifcR6VdXqiQVfn1V1qqUTcnW2dcN6ref2Erh0kUo3HKrnz-AxDjD4mOBO_DWE3Vp
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 20 Sep 2022 12:43:01 GMT

GET
H2 503 5w3jqr4k
sync-tm.everesttech.net/upi/pid/ Frame CDD9 0
177 B 78ms
8ms Image
text/plain 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEHAyKdZ2oIxPHZ33HeukrI0&google_cver=1&google_push=AZmPxg_OLup_o7rga9Da7PxFHhrBB2q-PIvBHhAQmwcYllBvzGJnDtduEbBsO1egdkSBXZ4yc-iriTtaJah81IFELNbMHGiSpKqWYQ
Requested by: Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:43:01 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1663677782.867580,VS0,VE0
x-cache: MISS
cache-control: no-cache
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
retry-after: 0
x-served-by: cache-fra19163-FRA

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame CDD9 70 B
264 B 37ms
35ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEK_qtQOCzqDxBFPxtZjFrKQ&google_cver=1&google_push=AZmPxg9cZnZyr3b-hdL1eNwjlq_NPbMFqsUJRLKtHXrxOL7WN18y2aTM7qmyQM7W4hkED2tkaLQKUH-5MdXIUsw9nU9JSbQBhgcsvw
Requested by: Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:43:01 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CDD9
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMdqsH3zf7uk8aSD2AmDYyY&google_cver=1&google_push=AZmPxg9lApMZuaUWYKYtkzX23p6plyul9NBBA9yS7S9CMR4borSqLzTUDkzqqDNd8-titJHY_s5...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhBNlNNWlYtMjItRzBLTg==&google_push=AZmPxg9lApMZuaUWYKYtkzX23p6plyul9NBBA9yS7S9CMR4borSqLzTUDkzqqDNd8-titJHY_s5_gvh_gXRQX5pRIr0PCcwwrkeaRg

170 B
188 B

26ms
26ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhBNlNNWlYtMjItRzBLTg==&google_push=AZmPxg9lApMZuaUWYKYtkzX23p6plyul9NBBA9yS7S9CMR4borSqLzTUDkzqqDNd8-titJHY_s5_gvh_gXRQX5pRIr0PCcwwrkeaRg

Requested by

Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:43:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhBNlNNWlYtMjItRzBLTg==&google_push=AZmPxg9lApMZuaUWYKYtkzX23p6plyul9NBBA9yS7S9CMR4borSqLzTUDkzqqDNd8-titJHY_s5_gvh_gXRQX5pRIr0PCcwwrkeaRg
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CDD9
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEB4ox0KbiMI_At1civSDPuc&google_cver=1&google_push=AZmPxg_-yFi79v6HWy7MKDEu17ZI8DMCcCr_n6I_tpKn6LHzAdqR46H1kslgCToGtyYKI6yUliI9WUBe_N64ZIja...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AZmPxg_-yFi79v6HWy7MKDEu17ZI8DMCcCr_n6I_tpKn6LHzAdqR46H1kslgCToGtyYKI6yUliI9WUBe_N64ZIja7sjfOinEtm_LyQ

170 B
188 B

25ms
24ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AZmPxg_-yFi79v6HWy7MKDEu17ZI8DMCcCr_n6I_tpKn6LHzAdqR46H1kslgCToGtyYKI6yUliI9WUBe_N64ZIja7sjfOinEtm_LyQ

Requested by

Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:43:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 20 Sep 2022 12:43:01 GMT
via: 1.1 d4744f6f4cb683596fb4a26e59b2aba8.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-P5
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AZmPxg_-yFi79v6HWy7MKDEu17ZI8DMCcCr_n6I_tpKn6LHzAdqR46H1kslgCToGtyYKI6yUliI9WUBe_N64ZIja7sjfOinEtm_LyQ
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: Du8PV3aJ4tnhJYHCAY4hJWduhyrTgJkZRVVT0ya63N3MGfjiTPFD4g==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CDD9
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEM94GEvOS9SwR2t9FP7xlQA&google_cver=1&google_push=AZmPxg93tizFi_TI08ChDLmYIP7mE63r4s90zEXJ7g56JLUsT9eSC-7xYLavZkb4lEc5SuKYX0UpWAPKyOZm2scoCdr-Y9NfYU...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mzk4MjM5MTA5NzE4NDczMDQ4ODI5Ng%3D%3D&google_push=AZmPxg93tizFi_TI08ChDLmYIP7mE63r4s90zEXJ7g56JLUsT9eSC-7x...

170 B
188 B

26ms
26ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mzk4MjM5MTA5NzE4NDczMDQ4ODI5Ng%3D%3D&google_push=AZmPxg93tizFi_TI08ChDLmYIP7mE63r4s90zEXJ7g56JLUsT9eSC-7xYLavZkb4lEc5SuKYX0UpWAPKyOZm2scoCdr-Y9NfYULBpQ

Requested by

Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:43:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mzk4MjM5MTA5NzE4NDczMDQ4ODI5Ng%3D%3D&google_push=AZmPxg93tizFi_TI08ChDLmYIP7mE63r4s90zEXJ7g56JLUsT9eSC-7xYLavZkb4lEc5SuKYX0UpWAPKyOZm2scoCdr-Y9NfYULBpQ
date: Tue, 20 Sep 2022 12:43:01 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame CDD9 0
12 B 23ms
22ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L4SDxcB4AW2-7QGATt0euACpYkWI3jRoXIs16L9aJ_UM8J9tcTJneo4OMt3Cg8gBTMF3En

Requested by

Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:01 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 49FE 2 KB
1 KB 24ms
24ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yym1VAALSL8Iu-KpAAYIzp8ErF5fVBGjXZOxyw&u=%7CTWikUgAWzViqFhXS32Kw%2BBlkmgCcg5jnh1D%2BcXVOYO8%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T_7v7MIbxeCIjSgfvZLBL8aH-p9QRgQj1yDpp-4lJCYY3bX2YbWD_ebFCuR9E_-r0mUQ-YZIsPAnYJjJvj5hgesd7uSu91h7D6Hv-vow67WGWDvOezoYrRRJf_4ayXzIRAp8TfYNp2GbSv1ylIskZKFyb56wVGSFvrCAhnA9_BtPjuK71qPfS8YQLGlYlCgA8h2_92zbZ4HuCKkWpbUef1fiph_g963SSacyhuyjqQYs5mV1WJ5wgZZkK0dfTTpbEB4YslJmQur6rFO1M4gbaFQn5DtbQhFHerudOK-dlHoTfWSBTmrX5HxMGwZkq6aj7ug_F9j0XdP2oO0ZkQBONyH1wpkOQSPNxQuhC72RsWhgXZ2iMMxdYZTN-Yxu630BU2pjpQjsMrVEfXS4agGWfPP2-rnLtwzsY4CCHttt6r9sS8m0g_aUvDO42ZZmZ0dg4jJCo7Tjf8LNIcCbXKhDPKv66yrC8exco3WAZ7vtiGO2X1HzhB5y7pE0nUrWGZgB5O9jMVeZ5BUhl-74VSC0f-AZZaoLDRon4ooniDPJ5Lf-leKEHjupqXg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3orSVLUpY7-RLanF7_UPzpGY2AXJntKxXPWdmPdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzKgAdW20uoDyAEJqQK20GMU1sqwPuACAKgDAaoE9gFP0GuWrPl9ZDk6PnfRyRgyxbhaqH6HEZ7vt56r4MnFrrOz7W1nFksm5ubt_gqDq2eyYvm-RNS6FYkHtBLFBUmkxgjW70LlRLovXWNMNC0BGH5Q4FFAZYpZLRTde1fA1ufoQzClgDEqamocIH_uq5zi3McpJo0xQL6DgxwOmjF-koEMXGmp8NjktIyxK2YXSBpBei1QP07BdmBSGQ4hdkHhnmFr3Ym-StyanpQtdALQ4i87KOyT6VcKLHpBBzYFHEkTlRTlVJ8l8q2YLkhTJFJFiLLhLtyuBXhVmQ5gy5Ih6EXTqlGKO0FxSIJTdDjE8atwOtf6s93gBAGABsfNz5jfnu2p-QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0nh2Kp5GS3U2UUWDU7TCCo2nq5uQ%26client%3Dca-pub-4491659496372172%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:01 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 15 Sep 2023 12:43:01 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 49FE 2 KB
1 KB 20ms
19ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:01 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 15 Sep 2023 12:43:01 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 49FE 308 B
636 B 15ms
13ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:01 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Fri, 15 Sep 2023 12:43:01 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 49FE 293 B
621 B 15ms
13ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:01 GMT
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Fri, 15 Sep 2023 12:43:01 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame 49FE 43 B
347 B 18ms
16ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=mWBBygJ6N5xdH3oldp0yrA2cxHXj9gvPgt9xlv4CtP0L5rYaie0Oij1NA-6uZTgV_kqD4xL-V5CEw7cqmo6XDNcUheQ3KUYlAaH9KAE2pQul-qJnqEnGNrfJvIwPjqvm1kQRL8zCd9lKCeLPVL41zwJt_ihJ1H7-Oht2p6Y-7SHHpA9lYB2uXryikB2tkiUsMp-tvzA0brdpOOq4s0XNhxKYqsmNMtJ1-m-Qr-TAAUl-JzelkOCVn2vlXgezj4Je_K0dUqCTrNVrgj2WR14_OaiR0nIw469k7NWzwRnrFd8yZe-3DyzmkbaghbKcS6WGZri2AkNUDgdu4HC_tyqboHWi06t1wzK3P9Ay_4ShD_X3iabFXVFrxTKV9t2q0nx36_GsMJQWgFqLFzVOjEUerf1am5QA6khie84wwxPwZaIjNqMU

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:43:01 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3322809
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 m
secure-gl.imrworldwide.com/cgi-bin/ Frame 49FE 44 B
753 B 103ms
101ms Image
image/gif 2600:9000:2250:2e00:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1663677781
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yym1VAALSL8Iu-KpAAYIzp8ErF5fVBGjXZOxyw&u=%7CTWikUgAWzViqFhXS32Kw%2BBlkmgCcg5jnh1D%2BcXVOYO8%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T_7v7MIbxeCIjSgfvZLBL8aH-p9QRgQj1yDpp-4lJCYY3bX2YbWD_ebFCuR9E_-r0mUQ-YZIsPAnYJjJvj5hgesd7uSu91h7D6Hv-vow67WGWDvOezoYrRRJf_4ayXzIRAp8TfYNp2GbSv1ylIskZKFyb56wVGSFvrCAhnA9_BtPjuK71qPfS8YQLGlYlCgA8h2_92zbZ4HuCKkWpbUef1fiph_g963SSacyhuyjqQYs5mV1WJ5wgZZkK0dfTTpbEB4YslJmQur6rFO1M4gbaFQn5DtbQhFHerudOK-dlHoTfWSBTmrX5HxMGwZkq6aj7ug_F9j0XdP2oO0ZkQBONyH1wpkOQSPNxQuhC72RsWhgXZ2iMMxdYZTN-Yxu630BU2pjpQjsMrVEfXS4agGWfPP2-rnLtwzsY4CCHttt6r9sS8m0g_aUvDO42ZZmZ0dg4jJCo7Tjf8LNIcCbXKhDPKv66yrC8exco3WAZ7vtiGO2X1HzhB5y7pE0nUrWGZgB5O9jMVeZ5BUhl-74VSC0f-AZZaoLDRon4ooniDPJ5Lf-leKEHjupqXg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3orSVLUpY7-RLanF7_UPzpGY2AXJntKxXPWdmPdwwI23ARABIABglYKAgJQHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzKgAdW20uoDyAEJqQK20GMU1sqwPuACAKgDAaoE9gFP0GuWrPl9ZDk6PnfRyRgyxbhaqH6HEZ7vt56r4MnFrrOz7W1nFksm5ubt_gqDq2eyYvm-RNS6FYkHtBLFBUmkxgjW70LlRLovXWNMNC0BGH5Q4FFAZYpZLRTde1fA1ufoQzClgDEqamocIH_uq5zi3McpJo0xQL6DgxwOmjF-koEMXGmp8NjktIyxK2YXSBpBei1QP07BdmBSGQ4hdkHhnmFr3Ym-StyanpQtdALQ4i87KOyT6VcKLHpBBzYFHEkTlRTlVJ8l8q2YLkhTJFJFiLLhLtyuBXhVmQ5gy5Ih6EXTqlGKO0FxSIJTdDjE8atwOtf6s93gBAGABsfNz5jfnu2p-QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0nh2Kp5GS3U2UUWDU7TCCo2nq5uQ%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:2e00:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:01 GMT
via: 1.1 9905602b8526d2635024f3edbf1df702.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
x-cache: Miss from cloudfront
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
cross-origin-resource-policy: cross-origin
content-length: 44
pragma: no-cache
server: nginx
access-control-allow-methods: POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-id: gVU1y9ovkEfd5hzVj_HyAXzuYUX9k5NKPJHEdb8tTmE6dNdOxfcUog==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 379C 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63763c67c6d7ec73fe95ad0ee284111571df12657486c7e503ad384e38ca18c5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v17/ Frame D40D 44 KB
45 KB 52ms
15ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 19:26:35 GMT
x-content-type-options: nosniff
age: 494186
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45300
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Sep 2023 19:26:35 GMT

GET
H2 200 jizfRExUiTo99u79B_mh0O6tLQ.woff2
fonts.gstatic.com/s/ptsans/v17/ Frame D40D 46 KB
46 KB 65ms
29ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 19:28:45 GMT
x-content-type-options: nosniff
age: 494056
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47048
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:55:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Sep 2023 19:28:45 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 28CC 41 KB
15 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 07:32:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18614
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Sep 2023 07:32:47 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame B443 1 KB
749 B 13ms
13ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 76277
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Sep 2022 15:31:44 GMT
etag: 48472445140208031
expires: Tue, 20 Sep 2022 15:31:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 28CC 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 097fcdda97c92bac2e9ae86095a491a4a091509c3eeef10dc7214b8faf3107fb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/7024728442041512453/ Frame ACE4 115 KB
25 KB 53ms
23ms Document
text/html 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=4k5F7HlOqC&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b7733207cffdf30a54d5243350f4d55e696721a83a3022df349ce7ee17cbd3c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 20 Sep 2022 12:43:02 GMT
expires: Wed, 20 Sep 2023 12:43:02 GMT
last-modified: Thu, 23 Jun 2022 10:58:01 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame D609 0
622 B 111ms
58ms Ping
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv4v8P_FrH9h4ycornmGYxYixRK5nqpOEngVOaZIbajYCT5F4qo2ptLPQbmS4TQWw3nejr8787DPtl9fM6HjatzEa9bVfnNS67S-mjLbQavpeje4qXOmW1im6jSJOKsjAJJMCgC0iVqxvkEMzCUIT3WIIzWX6star6xpRRQH4iqB3AZSmKoc7AJq091oNN1JS0MwQ8JC_accswDHedcXYw7oM2cyppC4FtL_MFY9xxKOhxBSLYU_fnA2Z9DF804LnVZ_x9ZtXQaonZ-ntRKFKtYFUWtR4IcKcAy1zCjod80Z0mOHkdNMlLbMrTW1ccv_3Ykj5RY0p2eHUbs-8I-pUxE3P4ZwNGKfLJBC3kd-a1tHzTNO2yNsvuqlEeaVPCKaQH4e-pupq-pIpTRu2S5Ke5iFv29tP--po1fi1x7azCCvsJqTNP5gzadTZWKXBPmt3VYc6DCG1xSk0152hiIrrZ2zx3kiL3IMhHTeRCfgt49UjSMuZgM_HQ6CY2UFEv0R8rOEIpQrwK1Necb4VUelr7Tf7HvLEZ_oPhQQF7_0TcxRvRa5QcqioaFl0ifSpIFLj45oJCJDRks8z_ouCrpTq5_t5H2vypfpIi7v6xcoXGH726n_WG4zJKP1Scl-xbpX5c8p6FdA0wBPdeBZ9mwgZOdmrTv7mTzjVX_bV0DsX0XQWxQ1KLm9WdKqM0VGLTOs5NpsxtilTR-iamapkck6pfjwHoDziW5oC5ljOw15U90vfa8G7Up1bfRtBj7_xTxRBndQr0hBTLfZRYrL3_Y4dxvvjkQIy-jQiU9oPKcRQLrvfuJ_wgz9wR4Q3rFOYY1Da2JoOz4GREYrfGZIj1KamsOFmAWRR61uxzK2Hl4kfng7sxoihxbkSRTijtUgWDpJ0vNacWpJXZ4EqoFXBhdds7xBYv2Xy_RMRdmixTkPWeo4ViWRLTHVeCxrYnUNpikFDteU-TjCTKVj7F4rgNAP7d1uCBbTgJGmyPNH49QvdCifd-958UVsTSl9VnE0v21MrLbTNrBT_bPAbB-52uKRKFGDAK7jaJDDUciW9mZXHcgwfTsFaS6xobMTbvXZQ3ekpYHZXDgCJ5mFDVRq0TM4_nzeezt4YJNYX76UHl-z_XrGb-FUyfd1aosCfysE6aZOV_mrWvrSKb-NL3ZgwO771wjWbebYOdxbDQTRmIrt-eTDfp4MobRuSFjK0sTlcvg0uEepyhNG8-4zCzZMKu2ODBtRETCVw&sai=AMfl-YTJOvj4FmGEGFrOHTGJND60RN97rdL5NADPWBIrpwAswewLNfFpla1eC6cw0pxFEMWJAvW75d8ccpMBLj3bb86NDzFZYAYVLYb-sjKYY_P8Ku2vSC3u3_feDs5Ix3xwmvfSEkkwxo6BxifH2W7WJ-c7s3pgf0bjAhDfobd1X-gpBfmI3beq2-64hvINQofUvEraKzckunemCTN3nAlhJj2Aimc&sig=Cg0ArKJSzBtNVvdTEXhlEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=222&cbvp=1&cstd=214&cisv=r20220915.69326&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Tue, 20 Sep 2022 12:43:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/7024728442041512453/ Frame F1D2 115 KB
25 KB 41ms
25ms Document
text/html 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=Mh0o89bu2S&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b7733207cffdf30a54d5243350f4d55e696721a83a3022df349ce7ee17cbd3c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 20 Sep 2022 12:43:02 GMT
expires: Wed, 20 Sep 2023 12:43:02 GMT
last-modified: Thu, 23 Jun 2022 10:58:01 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9450 0
64 B 104ms
60ms Ping
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuAwJu2MVWvZ4EmPzHmBmsMWHrAnrqjrzJ1lAi1CzPy3e8AHEfTT6Dhp56FazeIuArEDdwgBTVdjXOlfd6fv1wsHylzzsSP_9hm7lFm3w3M5P3yfYskjniUbscqRENxm57m4m-4lz6sjZDSUfP5ia-TAGQAsdw7QZlyyM2tQzUWnQi-YvvZTgD7z5L--NeTlFWW8eFFQij6gKVXjUIXKNj0cScV3Q4e77SxgL5Bo4GQf7uAm3M40X6DOZlwPMEXfikoy9agRs10iC83FpQ7MgsFXspQ7L4sD21fgiivK7BKsDVbZmsnHoBNo69qmkMA7gFsjMppu7iOCVEle1dmfCfc_egS6aGcxK-WMwNB6HFRX3B7t74hFCJyBqt6T85uvSjy4BWBTZGbFw6mkW1I-WKOcTb1Z-dN0Aw71P0wFNGRGef1DWRnW_vi00_vsoJTf-9_79RnlCLQ7WUbY8HfNvxX_4dxw8faLPXF5qZ7p6PbpZNmtb-YpeHapbpE-WuBL25ehKgsmpE0n8QqzGSopo_P_GrQTm6jkdEl03PhFGImisfc4o0L0KTrKgU3Th0t_3HPh92ODokkUpQhQhu3obj8m7GoHINiBljMcGGPXcXI0keGekZs-siHF3ktr-yBw5yV7vYwQ735A-BjJfK4WPKyTs-i18M-XobxvGLWPIqjwwCEZSiSfNIeGclQPII1-ArV_AXylx7x5Ev5WADd3lEyMsWepY9TEImIJzoA-HcQMiqFSPNoldSKnE-I29I9_P8Wsh9cTdVn0aKFYFfUCtCnFmEKPZpkYXtlPyew80YRrO5ecgRaCfNo9_-oBYDpI548YaAXae630ABXQ0tojXF9VlB0uVD_EAAV4lfX4arbUJi_AJBenYryUlneGd0ptarL9euGkHDpK16d_u28UvtZwiOBrD5feT2btcPddxWpIEkcjDdVUOIh76uT6QzZPItJy3EKvWZnKxM6CpNK_wSi9u18VcP9G5BBfMsxvsoEZDbNjTj8QuTmlSUfhStB8CRqzw_eYkLxTcze0vkHtDawXofgpREw2XVxNOvpIDOZgJps_ZWLXp1WJYuom7tjCCUn3x6-y2n_76aYz0LCQVwmXS9KotX7y4EjueLnqjAnO3EwecQj_KkfN5dncN2bPfNZMgJVqDLtX3ZwK-NVCy1BxQvYq-1dZX7ehITHd6t_uF-FCGTzvtYSIhrnwJNQqG4zcW_sE5PtxG-IAZJAqPlQn8fNFrZa&sai=AMfl-YRTnJEKNkQYWb8oUe9A7KtpaH8XvHSGs8c4_TP-3Mrl4ja9e66smQH1mu4IXJj8XCSQDtfq1rORw78Q8QZuxNoeSB6n6NAfec5gq-qYce9hOTsJeBzbViXHGlpBah5tplyf246jVFekoMfWAckB_R07lYEmYxSqTsO_ZGfYZwW8Kpb8mW3BKJUcFsx2prG5MpQ80QuHoYl6jM2EV8YFzXFFsOY&sig=Cg0ArKJSzL93YxDKiQAiEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=222&cbvp=1&cstd=217&cisv=r20220915.98906&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Tue, 20 Sep 2022 12:43:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame D609 41 KB
15 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 07:32:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18614
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Sep 2023 07:32:47 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 0EDC 1 KB
749 B 14ms
14ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 76277
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Sep 2022 15:31:44 GMT
etag: 48472445140208031
expires: Tue, 20 Sep 2022 15:31:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame D609 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67bc5732b0bbe940d887683d50a3f2a5037fe86af3c784217480e833d5a38c80

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 9450 41 KB
15 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 07:32:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18615
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Sep 2023 07:32:47 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 8194 1 KB
749 B 16ms
15ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 76278
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Sep 2022 15:31:44 GMT
etag: 48472445140208031
expires: Tue, 20 Sep 2022 15:31:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 9450 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4068d2d5b60d8612d714e1c375f0eb381ff3aa18201a19a29d722641070f9ea9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 49FE 12 KB
6 KB 13ms
13ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:02 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 15 Sep 2023 12:43:02 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 49FE 5 KB
5 KB 15ms
13ms Image
image/png 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

049197d27fc218a1fc7185322d281d1f12d8cb637cce49e815600869e12e463a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:01 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 5240
expires: Fri, 15 Sep 2023 12:43:02 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 49FE 2 KB
2 KB 16ms
14ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

386531a08f54c0c8d3ba891ec58687e227a48302afa25312dd0cddeb858fe61a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:01 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1807911
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1672
expires: Tue, 11 Oct 2022 10:54:53 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 49FE 2 KB
2 KB 15ms
13ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

a11a8094ccb2478ac3fe14dbe80d6c43e472d89bc6797c3aca65f509ff5a33ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:01 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1778640
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1654
expires: Tue, 11 Oct 2022 02:47:02 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 49FE 824 B
1 KB 16ms
15ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

99db7c45413b65d885b0ed8ee9b5adcb77066510eeb758cf53c6fdd1f07c0eda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:01 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1970942
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 824
expires: Thu, 13 Oct 2022 08:12:04 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 49FE 2 KB
2 KB 15ms
14ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

490319aff00a55cfc00d9e24f71f39fc0801858055c62c07bec8fabf2f6e24ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:01 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1286532
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1584
expires: Wed, 05 Oct 2022 10:05:14 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 49FE 1 KB
1 KB 16ms
15ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

d0fb5fc3a8ae8199cbf7d9b464d107f9613805f027d5cb030c4c2ad45cc9d38f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:01 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1698241
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1146
expires: Mon, 10 Oct 2022 04:27:03 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 49FE 3 KB
3 KB 16ms
16ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

a1164d38f35c8d9599848239639641326905ba695401405af5e5ed66dcd5c811

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:01 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=2391483
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 2640
expires: Tue, 18 Oct 2022 05:01:05 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 49FE 19 KB
19 KB 18ms
17ms Image
image/png 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=116&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F8d6bc06124f044d4973e0db21c495799_logo.png&v=3&w=596&s=YAIFeLPAH54uGQl3I5DObQ3q

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

83b19de212ca6202b9339b9c3ad8b16c1775d34cc7663631c12cffbdcdacb8e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:01 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=28916063
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 19171
expires: Mon, 21 Aug 2023 04:57:25 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 49FE 612 B
876 B 14ms
13ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FA%2FlogoApollon-Dialog-Marketing-GmbH-243434DE-2003061509.gif%3Feb%3D1&v=3&w=400&s=oXt3JbVT3sTID16hdSBNFhmg&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

b1b55c963a99c89a6f93b7ff76ea63445e9c1c8b02e5ce70450af0d2df7fac66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:01 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1817339
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 612
expires: Tue, 11 Oct 2022 13:32:01 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 49FE 2 KB
2 KB 14ms
13ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FG%2FlogoGEFTA-Gesellschaft-fur-Telearbeit-144662DE.gif%3Feb%3D1&v=3&w=400&s=e9EpEGeBF9Mc9qk1rls0U2-z&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

500d3279302f66fc7a11529941e7d156e45f9b20a70ac0134fbe7fd85caa20a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:01 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1134313
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1794
expires: Mon, 03 Oct 2022 15:48:16 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 49FE 400 B
657 B 20ms
20ms Image
image/png 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FD%2FlogoDB_Mobility_Logistics_AG_60544DE.gif%3Feb%3D1&v=3&w=400&s=qejL_9Irgvb-0KwTC4SpoEgt&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

42c9e4f9d8c14ea0ecac49e147f029a6bb58b69e544bd63667e5b0e64169f631

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:02 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 400
expires: Tue, 20 Sep 2022 12:43:02 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 49FE 2 KB
3 KB 20ms
19ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FC%2FlogoWasserverband-Treene-172534DE-2203240946.gif%3Feb%3D1&v=3&w=400&s=fZbud2xewBgC9OvACG2WgKqG&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

073ab0c70cecc35699ebec8604c9bfd1452641831e4c673ef98311859c748d01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:01 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=452117
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 2508
expires: Sun, 25 Sep 2022 18:18:19 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 49FE 1 KB
1 KB 19ms
19ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FZ%2FlogoZEISS-3427DE.gif%3Feb%3D1&v=3&w=400&s=57jpJpXqQqO6aPmte_wy5ihf&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

a6c11502463f3445d37d3184cef1016bb3c77dbc12b88636788632bfe5e87b98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:02 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1984577
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1244
expires: Thu, 13 Oct 2022 11:59:19 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 49FE 0
127 B 13ms
13ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=h8jRd7BJsU4rBnsxr8iJJQbaEJky989csiPpJgcbWzjuy7snAZJy7Pg8WHUTcD73eFAWzkAytVqJcL_B-QqpTnBn-049PShZU1y4wgnpDXUOxd0yHIu93uKOuYb9dc8J1Koo7VLBjdwcp-Z1CPs9d9VJtGVNgA0mmeFSsOK22jMFq6w9nrv3WS7vrtXm-wDDcQz-d12Om2-Rou2Bvh4I7rzejVRoPw2n88iGX72oQys-Oq7P6kc4ACMq1u0&sds=2&rev=82759&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 20 Sep 2022 12:43:01 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 49FE 2 KB
1 KB 38ms
37ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:02 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 15 Sep 2023 12:43:02 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 49FE 2 KB
1 KB 13ms
12ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:02 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 15 Sep 2023 12:43:02 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/7559232315826932986/ Frame 7967 5 KB
2 KB 14ms
14ms Document
text/html 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7559232315826932986/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ad54fbb2ed6cb69b67b9d2ad0e72b1b3a064710aeace36672dd01eebe09ddd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 357395
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2106
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 16 Sep 2022 09:26:27 GMT
expires: Sat, 16 Sep 2023 09:26:27 GMT
last-modified: Thu, 08 Sep 2022 10:59:39 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 28CC 0
27 B 91ms
61ms Ping
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstVz6aQKUBzT1re0F38ug5823gT_fYJeDEDrpa9bF4EUpTbS7LfeYai4-lZeHypBNABZEzCkbJpvgK9fWgZM9H5RHA7kLhL6HV7dzQo59hvDCY8eMFsFpTgpTUsSpLkxzZSowF-6d6HI3a8bl3dv9_1FKYncoJ0qYi4M1wYdOzY3wwagaA62sJ4y4FLPLO7BVGXF57P7snuwOkwS70UMSR2P_tF5-j_WQstiHsIxQIbPVSGll6tUTjt4RdlB-dzlhV2bQX5SN4briRCGfy6PhV3GNmJdzZ7XEuKdHsHqw-6COsWwmvFdyyD0lGW1PpgENqsfsP_X3UM3KYwfnpJmDzZ5T-vjozxnPvUSoHgsnOXkJYsANbuRcOpfxXIViUsf_pwBZxj2gqq73CeDj-uOF44gAgAcgILyO_c11k0A_0PwrRDRDrFxe5vk-CKGEc9z-aGCCM_8oqEBY3upcGAUBw9Hh2wKfwVDV7V-Cf3ES2ELpriATr_6lThJaFg7X02LqqcW7gXoeG41BOFqymL2dmiE0xtX35jEkbRYPaGDtbtYOFCmmf6R5H5f-ktO6Mtpt-1B2MV4DdTVyTBFTVpHpkgW6H5pcs4TQvbayuZ2zAVDA0E_BFb6OJNyrauqVbBjdRwWrg-MLX29BYJMLfHZKL3ouG-Q5vAXwcunDg5_J5QOI802CsxN-JRtdydd_HBC_ON2mL1fQwxsOpVW1KgnpbMOvwr4yGwby_a4YJkAq3Ow1VCnwho1UQIfGHtq6XUJbl2AViq9nAXP3ZBcXIJ_miKngz6wgBZcOWMFP12P-yuvORungJ1oWo79X55HtM74gR6INLudEvVGKGJyBXONARcZjky2R_vZbhgB_uf8ZUzHlTZAXaLzrl8WFmegyC7yAH_z66-N6VN1kFhHoW8u-m1Dqk18Dzl79iSOw-VkjgaEdDMZny9oPDb-wLjVS_QH7wzQmRGeMHV9Lob0YQjRShwF_kgv-mqgCsaeot7iLmApaFQqYrGVz_ppur4K47EZ1kvt7zYnHy0yGs5DW4AOaFGsxml6qeNGfnwHe37kwBohCg0KsfgC_EA_1YBqWWT7k3kbOFbzfeJWkCa95-_C1GTLodKEWDnOtSAQY_mBw27KBaskBqJ6MkvvoSGQFK8VI7zNf6fxakwCEy8WhcY-IVbZox0bfIKO3KiZin6TTFjmJ3RcjRxYA&sai=AMfl-YQDJFY15MJpBPtngmDVt5rLQaYY12nKpQ1FaFoP9hWicbhjHrwPdOSzw6urvrX93ENYiTOZGvKZhh1kc1IEx_sWlUedHbtWAWDuHp4f-HD7cydBKvSrWs4NpZTtkvby8EnhwqGaRc_jzWhJaNycWZVLyFXb_QtMuuGKjQZbIl86_YxgnBpfJNWiQXb8uxxqAFYcc1_EInnijZWKDSqA_tsJ_BU&sig=Cg0ArKJSzGsynoaVTF7wEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=420&cbvp=1&cstd=405&cisv=r20220915.39971&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Tue, 20 Sep 2022 12:43:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame 28CC
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/1171009/65650039/4.js?ias_dspID=3&ias_campId=1008929676&ias_pubId=pub-4491659496372172&ias_chanId=1&ias_placementId=18252516133&bidurl=https://www.walla.co.il/...
https://static.adsafeprotected.com/4.js

1 KB
1 KB

20ms
13ms

Script
application/javascript

2600:9000:2190:8200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js
Requested by: Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Server: 2600:9000:2190:8200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 14:19:14 GMT
content-encoding: gzip
age: 339829
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Fri, 16 Sep 2022 14:19:08 GMT
server: AmazonS3
etag: W/"33dffa7df253125904b2f354b5bb5e8d"
vary: Accept-Encoding
x-amz-version-id: F9SFrZ64oEGbgZWabg99TABbvOn4m_yP
via: 1.1 f0f5607a03d2ae4c43b553dc2cef0c9e.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript
x-amz-cf-id: mYbBMxYpcUGCjFHnAlMfKBlYB27f4XAyWzHXF34tk10h4U7h7yVhXw==

Redirect headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:43:02 GMT
x-server-name: app08.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame 98FE 80 KB
21 KB 66ms
19ms Script
application/javascript 2600:9000:2190:8200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:8200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 09:09:25 GMT
content-encoding: gzip
age: 5715218
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: AmazonS3
etag: W/"9304f57298c3834ff107ea7ccb547996"
vary: Accept-Encoding
x-amz-version-id: 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via: 1.1 f0f5607a03d2ae4c43b553dc2cef0c9e.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript
x-amz-cf-id: cBiDYRhZ_B0MYAnolgmCY07WlCAHvxVhiBPwtYkn9NdbvRvP6zlO2Q==

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 993F 42 B
64 B 90ms
54ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstHOY1e7599ud5337IRIp5jW0xIxCDuTviXICwwb1znVcmm58EfMwwGwt4vAMkQuZ4Y6O8hy6LiknhJuAlHT0gQFpCn&sig=Cg0ArKJSzJJK9bVy4WbSEAE&cid=CAASF-RoB-Y50JW6H1xbqrOGxyBwiGlCbtng&id=lidar2&mcvt=1154&p=1035,199,1235,499&mtos=0,1154,1154,1154,1154&tos=0,1154,0,0,0&v=20220919&bin=7&avms=nio&bs=0,0&mc=0.82&if=1&vu=1&app=0&itpl=20&adk=2822717126&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663677780779&rpt=326&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:43:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7801 42 B
64 B 87ms
54ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuvphBH930_DsV7pQbf7NZhKZ4wUXDDZHcvHURpr5Z-S8UPnfcGGIeh1PaYWHySLU4ZxBcxZAJkTUVLwU_9RQmKmhk&sig=Cg0ArKJSzFd4q-lvWkKKEAE&cid=CAASF-RoC037ETloS1lvJlA5r7sFxsBie7wt&id=lidar2&mcvt=1157&p=20,315,270,1285&mtos=1157,1157,1157,1157,1157&tos=1157,0,0,0,0&v=20220919&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=885339185&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663677780771&rpt=305&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:43:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame ACE4 118 KB
40 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=4k5F7HlOqC&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=4k5F7HlOqC&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 15:19:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77023
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 20 Sep 2022 15:19:19 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame F1D2 118 KB
40 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=Mh0o89bu2S&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=Mh0o89bu2S&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 15:19:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77023
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 20 Sep 2022 15:19:19 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 28CC 43 B
215 B 334ms
99ms Image
image/gif 2600:1f18:1aca:4281:10e8:8b26:ece0:cc82
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1171009&asId=cf5c56e4-e301-5005-e583-b3d2705c8f55&tv=%7Bc:oL3NQ8,pingTime:-3,time:112,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:31%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:112,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:31,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B104~0%5D,as:%5B104~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:thYGqAs+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C181%7C182%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f1%7C1g%7C1h%7C1i*.1171009-65650039%7C1i1%7C1i2%7C1i3%7C1j1%7C1j2%7C1k1%7C1k2%7C1k3%7C1l1%7C1l2%7C1l3%7C1m%7C1n%7C1o,idMap:1i*,rmeas:1,rend:0,renddet:DIV,siq:32%7D&br=c
Requested by: Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:10e8:8b26:ece0:cc82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:43:02 GMT
x-server-name: dt16.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 28CC 43 B
216 B 327ms
96ms Image
image/gif 2600:1f18:1aca:4281:10e8:8b26:ece0:cc82
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1171009&asId=cf5c56e4-e301-5005-e583-b3d2705c8f55&tv=%7Bc:oL3NQ9,pingTime:-6,time:113,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:113,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:31,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B105~0%5D,as:%5B105~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:thYGqAs+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C181%7C182%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f1%7C1g%7C1h%7C1i*.1171009-65650039%7C1i1%7C1i2%7C1i3%7C1j1%7C1j2%7C1k1%7C1k2%7C1k3%7C1l1%7C1l2%7C1l3%7C1m%7C1n%7C1o,idMap:1i*,rmeas:1,rend:0,renddet:DIV,siq:32%7D&tpiLookup=ao:www.walla.co.il*&br=c
Requested by: Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:10e8:8b26:ece0:cc82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:43:02 GMT
x-server-name: dt02.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame AF48 22 KB
8 KB 22ms
16ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 18615
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 20 Sep 2022 07:32:47 GMT
expires: Wed, 20 Sep 2023 07:32:47 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 7967 236 KB
63 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7559232315826932986/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7559232315826932986/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 20 Sep 2022 12:43:02 GMT

GET
H3 200 index.js Show response
s0.2mdn.net/sadbundle/7559232315826932986/ Frame 7967 226 KB
51 KB 15ms
14ms Script
application/x-javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7559232315826932986/index.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7559232315826932986/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

331bde9181cedf86e0ed7301b734a77b9e89548c03950b84ca55b1ebf8cd64ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7559232315826932986/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 09:26:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 357395
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52144
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 10:59:39 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 16 Sep 2023 09:26:27 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame D7CA 22 KB
8 KB 16ms
16ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 18615
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 20 Sep 2022 07:32:47 GMT
expires: Wed, 20 Sep 2023 07:32:47 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 082C 22 KB
8 KB 26ms
20ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 18615
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 20 Sep 2022 07:32:47 GMT
expires: Wed, 20 Sep 2023 07:32:47 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 28CC 43 B
215 B 293ms
98ms Image
image/gif 2600:1f18:1aca:4281:10e8:8b26:ece0:cc82
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1171009&asId=cf5c56e4-e301-5005-e583-b3d2705c8f55&tv=%7Bc:oL3NQN,pingTime:-2,time:153,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:1095,beZ:1097,mfA:1099,cmA:1101,inA:1101,inZ:1106,prA:1106,prZ:1120,si:1127,poA:1128,poZ:1153,cmZ:1153,mfZ:1153,loA:1208,loZ:1212,ltA:1248,ltZ:1248%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:160.600,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:31%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:153,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:31,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B145~0%5D,as:%5B145~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:thYGqAs+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C181%7C182%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f1%7C1g%7C1h%7C1i*.1171009-65650039%7C1i1%7C1i2%7C1i3%7C1j1%7C1j2%7C1k1%7C1k2%7C1k3%7C1l1%7C1l2%7C1l3%7C1m%7C1n%7C1o,idMap:1i*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:DIV,siq:32,sinceFw:119,readyFired:true%7D&br=c
Requested by: Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:10e8:8b26:ece0:cc82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:43:02 GMT
x-server-name: dt17.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame B443 0
103 B 16ms
13ms Image
text/plain 2a02:fa8:8806:13::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESELAsrAdGXv6hB5_T59_YWiI&google_cver=1&google_push=AZmPxg99HhCGcbMM2ba4IgU9dM2cr9zfS9DOwgQnBRaa60cUjxvxa_kzYNMSsEFLzVut6PVpGVvaQUILhaWU2BiD5VYEY9GeY6Ul
Requested by: Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:43:02 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B443
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPgEbLYHE1SOq0rzP9gO7AQ&google_cver=1&google_push=AZmPxg82893J6uDJtlyDjCuSTBO8IhGTsxHgotO0-iAOxBy28IpayEfD62OSR-yKltR6G2t-yx6w8D0DdX_tnkilw5X0O9r...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg82893J6uDJtlyDjCuSTBO8IhGTsxHgotO0-iAOxBy28IpayEfD62OSR-yKltR6G2t-yx6w8D0DdX_tnkilw5X0O9rIrdiX&google_hm=MjE1MTE2MTM2ODc0Mzk5NzE1

170 B
188 B

26ms
25ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg82893J6uDJtlyDjCuSTBO8IhGTsxHgotO0-iAOxBy28IpayEfD62OSR-yKltR6G2t-yx6w8D0DdX_tnkilw5X0O9rIrdiX&google_hm=MjE1MTE2MTM2ODc0Mzk5NzE1

Requested by

Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:43:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 20 Sep 2022 12:43:02 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg82893J6uDJtlyDjCuSTBO8IhGTsxHgotO0-iAOxBy28IpayEfD62OSR-yKltR6G2t-yx6w8D0DdX_tnkilw5X0O9rIrdiX&google_hm=MjE1MTE2MTM2ODc0Mzk5NzE1
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
content-length: 0
x-content-type-options: nosniff

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B443
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESENp1TqVNhYyUZ5Ae-LTcS_M&google_cver=1&google_push=AZmPxg_f5q52iXqAlzMDavcTKscKasAz6zM1W6fGo2pu7GXNhk6AvBGICL7O4h1eC1PefQMLETJEakdj...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESENp1TqVNhYyUZ5Ae-LTcS_M&google_cver=1&google_push=AZmPxg_f5q52iXqAlzMDavcTKscKasAz6zM1W6fGo2pu7GXNhk6AvBGICL7O4h1eC1PefQMLETJ...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzYyNDMxNzIxNzczMTgwMzk5MQ&google_push=AZmPxg_f5q52iXqAlzMDavcTKscKasAz6zM1W6fGo2pu7GXNhk6AvBGICL7O4h1eC1PefQMLETJEak...

170 B
188 B

26ms
25ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzYyNDMxNzIxNzczMTgwMzk5MQ&google_push=AZmPxg_f5q52iXqAlzMDavcTKscKasAz6zM1W6fGo2pu7GXNhk6AvBGICL7O4h1eC1PefQMLETJEakdjPDcgz81s3F-LdJk-uvo

Requested by

Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:43:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:43:02 GMT
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzYyNDMxNzIxNzczMTgwMzk5MQ&google_push=AZmPxg_f5q52iXqAlzMDavcTKscKasAz6zM1W6fGo2pu7GXNhk6AvBGICL7O4h1eC1PefQMLETJEakdjPDcgz81s3F-LdJk-uvo
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame B443 0
41 B 21ms
19ms Image
text/html 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEDQimZlKd81tFnh0aR8ZveQ&google_cver=1&google_push=AZmPxg-GT4DRXd3wMgn42Fg04p1AKN4K1lXePTRSTNfJVnvpZiSylKUO8QfW3_G3NRp1haDbYR0mxt2NO5f3Cte46AQrpjnvRX7w
Requested by: Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:02 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B443
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESEAU0ugoTlMQOAttTUHIU6MU&google_cver=1&google_push=AZmPxg_4NPV0RiPihXEwuuLP2lzB4PAHbqOft_8wn69NfbTBGDFmlWqO9abjVxZNLf_5KEYFIBzB8r6TIM8g5kAAagkmB5...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=ygwkyExkT3yLYCxHapnucA&google_push=AZmPxg_4NPV0RiPihXEwuuLP2lzB4PAHbqOft_8wn69NfbTBGDFmlWqO9abjVxZNLf_5KEYFIBzB8r6TIM8g5kA...

170 B
188 B

27ms
27ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=ygwkyExkT3yLYCxHapnucA&google_push=AZmPxg_4NPV0RiPihXEwuuLP2lzB4PAHbqOft_8wn69NfbTBGDFmlWqO9abjVxZNLf_5KEYFIBzB8r6TIM8g5kAAagkmB5VBF3Qj

Requested by

Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:43:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=ygwkyExkT3yLYCxHapnucA&google_push=AZmPxg_4NPV0RiPihXEwuuLP2lzB4PAHbqOft_8wn69NfbTBGDFmlWqO9abjVxZNLf_5KEYFIBzB8r6TIM8g5kAAagkmB5VBF3Qj
date: Tue, 20 Sep 2022 12:43:02 GMT
access-control-allow-origin: *
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B443
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEC...
https://sync.targeting.unrulymedia.com/csync/RX-4626b40a-488b-485d-9cd5-c06ab77d095c-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAZmPxg_y6cQBKB6VOrNsVRksS...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg_y6cQBKB6VOrNsVRksSfz5nqu99TV3YkH2nTtAY4loZprrOFNtLO8fC71hKbMICAFgVTrNg9lc18cu2bA2G4z_1pGEBzw&google_hm=A0YmtApIi0hdnNXAard9CVw

170 B
188 B

24ms
24ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg_y6cQBKB6VOrNsVRksSfz5nqu99TV3YkH2nTtAY4loZprrOFNtLO8fC71hKbMICAFgVTrNg9lc18cu2bA2G4z_1pGEBzw&google_hm=A0YmtApIi0hdnNXAard9CVw

Requested by

Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:43:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg_y6cQBKB6VOrNsVRksSfz5nqu99TV3YkH2nTtAY4loZprrOFNtLO8fC71hKbMICAFgVTrNg9lc18cu2bA2G4z_1pGEBzw&google_hm=A0YmtApIi0hdnNXAard9CVw
date: Tue, 20 Sep 2022 12:43:02 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX4626b40a488b485d9cd5c06ab77d095c003
content-type: text/html

GET
H2

200

/
onetag-sys.com/match/ Frame B443
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEPt-ahUxnzb7zK6XLpbUgFQ&google_cver=1&google_push=AZmPxg8AGLMGJ2W9bz7k4M_7ThgGAIkElBU4WBnLXV4YUqmWF1g28JfZNUIcFb-c_OIvKYUSgTdEAVTkgWg...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg8AGLMGJ2W9bz7k4M_7ThgGAIkElBU4WBnLXV4YUqmWF1g28JfZNUIcFb-c_OIvKYUSgTdEAVTkgWg-t1qM44PAYH1efDY65A
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

18ms
17ms

Image
text/plain

51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:43:02 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame B443 0
12 B 24ms
23ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J876M5hwxa5LY_tedA8H3ZToAFzd1K4moZYwIEwhlIX6Ba_IRuqL8lZpEtpUnVNM0CX4Dyjw

Requested by

Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:02 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0EDC
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEFVR3JfqG-IC0vJF5wQicBo&google_cver=1&google_push=AZmPxg8015nrEY9sTQ9UWyNj5pGOdYGdzd962VTFAG2STj-fMoekD6auM1s5OhR5opfbcTZmcS0WhUvGUrrizDhf...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=EFpjKbVWQgCsHrwep4Kd4A&google_push=AZmPxg8015nrEY9sTQ9UWyNj5pGOdYGdzd962VTFAG2STj-fMoekD6auM1s5OhR5opfbcTZmcS0WhUvGUrrizDhfYXmPaEsctiw

170 B
188 B

33ms
29ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=EFpjKbVWQgCsHrwep4Kd4A&google_push=AZmPxg8015nrEY9sTQ9UWyNj5pGOdYGdzd962VTFAG2STj-fMoekD6auM1s5OhR5opfbcTZmcS0WhUvGUrrizDhfYXmPaEsctiw

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:43:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 20 Sep 2022 12:43:02 GMT
Server: MT3 4505 5b23575 master hkg-pixel-x8 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=EFpjKbVWQgCsHrwep4Kd4A&google_push=AZmPxg8015nrEY9sTQ9UWyNj5pGOdYGdzd962VTFAG2STj-fMoekD6auM1s5OhR5opfbcTZmcS0WhUvGUrrizDhfYXmPaEsctiw
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 20 Sep 2022 12:43:01 GMT

GET
H3 200 i.match
a.tribalfusion.com/ Frame 0EDC 43 B
650 B 198ms
183ms Image
image/gif 2606:4700:4400::ac40:98f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b6&u=CAESEIwg_jNVTm8sPiiXqiMOlWw&google_cver=1&google_push=AZmPxg8cL_kJCHkJLElq51xaltrMM0W4Xo8Nc-FQ2INo3-b-alqwXWQZEBa1TzARej2ti9VvWK2LLYYD-hLEUvD527cRLxt2hys&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg8cL_kJCHkJLElq51xaltrMM0W4Xo8Nc-FQ2INo3-b-alqwXWQZEBa1TzARej2ti9VvWK2LLYYD-hLEUvD527cRLxt2hys%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:43:02 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
cf-ray: 74daa4fc1e6abbaf-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 503 5w3jqr4k
sync-tm.everesttech.net/upi/pid/ Frame 0EDC 0
83 B 15ms
7ms Image
text/plain 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEHAyKdZ2oIxPHZ33HeukrI0&google_cver=1&google_push=AZmPxg_dG5DLcHMQiP2SywAbpB1AEaGyU95St_FLeq2_EVsmzKV-NrvUdinR_Z56C1DKsrsWhhHLAn20YX69D2s2SJa08R5KDdc
Requested by: Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:43:02 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1663677782.406868,VS0,VE0
x-cache: MISS
cache-control: no-cache
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
retry-after: 0
x-served-by: cache-fra19163-FRA

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 0EDC 70 B
264 B 41ms
34ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEK_qtQOCzqDxBFPxtZjFrKQ&google_cver=1&google_push=AZmPxg81X2kp4VKq1oBAgZQi99-NLcESNSSse1XSm6cuOlU-ZVq2H4i0BPZz7cQyok0P6DCv3cDsrNGhSPuF6Gd6OOfvGpMRVVE
Requested by: Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:43:02 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0EDC
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPgEbLYHE1SOq0rzP9gO7AQ&google_cver=1&google_push=AZmPxg-JPycodZCfc4WCxupgpj_BW1uZBUZt-_Nte_JOBl34NlCTHLeP2caBpoUPwviXe5J7JBL5i7nrrym5fM6lFx5uUnu...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg-JPycodZCfc4WCxupgpj_BW1uZBUZt-_Nte_JOBl34NlCTHLeP2caBpoUPwviXe5J7JBL5i7nrrym5fM6lFx5uUnu8nU0&google_hm=MjE1MTE2MTM2ODc0Mzk5NzE1

170 B
188 B

25ms
25ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg-JPycodZCfc4WCxupgpj_BW1uZBUZt-_Nte_JOBl34NlCTHLeP2caBpoUPwviXe5J7JBL5i7nrrym5fM6lFx5uUnu8nU0&google_hm=MjE1MTE2MTM2ODc0Mzk5NzE1

Requested by

Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:43:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 20 Sep 2022 12:43:02 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg-JPycodZCfc4WCxupgpj_BW1uZBUZt-_Nte_JOBl34NlCTHLeP2caBpoUPwviXe5J7JBL5i7nrrym5fM6lFx5uUnu8nU0&google_hm=MjE1MTE2MTM2ODc0Mzk5NzE1
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
content-length: 0
x-content-type-options: nosniff

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0EDC
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFfwMySZqm-WIoUnpcb-Ssc&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFfwMySZqm-WIoUnpcb-Ssc&google_hm=Yym1VcH8vwiFSBs_qsoP7wAABLsAAAIB&google_nid=index&google_push=AZmPxg-UXziYKSDhhOr33CJid8vzndbGirY2i...

170 B
188 B

28ms
27ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFfwMySZqm-WIoUnpcb-Ssc&google_hm=Yym1VcH8vwiFSBs_qsoP7wAABLsAAAIB&google_nid=index&google_push=AZmPxg-UXziYKSDhhOr33CJid8vzndbGirY2i2cefJ7jXgUKw7w2qyWdBgfn7e0VGHilx7EmHAQGUbUm5gkdXWxTEvLW4Z3fLw

Requested by

Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:43:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:43:02 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DJFoxR0criu%2BC8cC7jMBVKU%2FMmqkenE%2BrXeWbjGLbpbzx8swRygGsVECuH3hKEs8BWfBVFoc42HoPs7g%2BA7hTvNdAN1%2FwwuIXJHXsV4d9HMEF1CEaeHIGWnS4mr7%2Bimm4HX96LsZKJDfkw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFfwMySZqm-WIoUnpcb-Ssc&google_hm=Yym1VcH8vwiFSBs_qsoP7wAABLsAAAIB&google_nid=index&google_push=AZmPxg-UXziYKSDhhOr33CJid8vzndbGirY2i2cefJ7jXgUKw7w2qyWdBgfn7e0VGHilx7EmHAQGUbUm5gkdXWxTEvLW4Z3fLw
cache-control: no-cache
cf-ray: 74daa4fc090a9bd6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame 0EDC 0
75 B 24ms
18ms Image
text/plain 185.86.139.103
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESELWKYrb0Nmlg3B4DNOCSwOU&google_cver=1&google_push=AZmPxg9O9DbWH0sl2sSMVF8khwY0bdxluraZZQwUiTbL2gvihnS8axyHl8klRh0KZufNa5QEQc8Rww6M9y3b3GNikFDJkT4xVtk
Requested by: Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.103 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:02 GMT
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 0EDC 0
12 B 31ms
25ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KsKdQj_hrdKKIAZUQROOS_7v4KV91WkC6f2gQr6IYC9nQ866J9dZ_DDQ6txvhRufaljzVE

Requested by

Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:02 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 8194
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEEI4zHIIHQ7xSCV1AuRh0Ig&google_cver=1&google_push=AZmPxg-KLjMQAN5zkrLdyx7FWchwM66xFLHhv6GceasOKyd0z1lKoTVX4TkBHHVeKky9T0BjkmFfDLUZXNqQculZOMjx0lWpPDux
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzY4NzY4ODU4MDcxNjc0MjMzNg==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEI4zHIIHQ7xSCV1AuRh0Ig&google_cver=1

43 B
398 B

38ms
15ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEI4zHIIHQ7xSCV1AuRh0Ig&google_cver=1
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:43:02 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: image/gif
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:43:02 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEI4zHIIHQ7xSCV1AuRh0Ig&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 503 5w3jqr4k
sync-tm.everesttech.net/upi/pid/ Frame 8194 0
59 B 9ms
6ms Image
text/plain 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEHAyKdZ2oIxPHZ33HeukrI0&google_cver=1&google_push=AZmPxg-WpuWJRxUlcpxRF7caWzka2YBzouWaS6eADa4OC0aWXw-UaYYrO6tn8FvW8ncIdwfvf-27iqC4AFt6l6naqKlzpkMeaGa6
Requested by: Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:43:02 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1663677782.424649,VS0,VE0
x-cache: MISS
cache-control: no-cache
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
retry-after: 0
x-served-by: cache-fra19163-FRA

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8194
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEKctdFDIOco2K4n5TOftVmQ&google_cver=1&google_push=AZmPxg_7M_mTt_NZqDz_FY62UjcOs0RqQ86f5WVgfVqZVRNL62Wuvx0g5m7Qc8GDmludUirBLkJHYo0rLIwuRO...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE0NTQ0MTY2MDQ4MzY2NDAyNQ%3D%3D&google_push=AZmPxg_7M_mTt_NZqDz_FY62UjcOs0RqQ86f5WVgfVqZVRNL62Wuvx0g5m7Qc8GDmludUirBLkJHYo0rLIwuROL7fs...

170 B
188 B

31ms
29ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE0NTQ0MTY2MDQ4MzY2NDAyNQ%3D%3D&google_push=AZmPxg_7M_mTt_NZqDz_FY62UjcOs0RqQ86f5WVgfVqZVRNL62Wuvx0g5m7Qc8GDmludUirBLkJHYo0rLIwuROL7fswl71Eqqof1

Requested by

Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:43:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE0NTQ0MTY2MDQ4MzY2NDAyNQ%3D%3D&google_push=AZmPxg_7M_mTt_NZqDz_FY62UjcOs0RqQ86f5WVgfVqZVRNL62Wuvx0g5m7Qc8GDmludUirBLkJHYo0rLIwuROL7fswl71Eqqof1
Date: Tue, 20 Sep 2022 12:43:02 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8194
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPgEbLYHE1SOq0rzP9gO7AQ&google_cver=1&google_push=AZmPxg9pQNrFrzFBW1vE0s5tbFiVoK0hKVoj0GOT9vzgS_e92raCz28PMsqed-fnqNrxRIdHJJhgEdLBKuxHgEwTvbtaHYR...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg9pQNrFrzFBW1vE0s5tbFiVoK0hKVoj0GOT9vzgS_e92raCz28PMsqed-fnqNrxRIdHJJhgEdLBKuxHgEwTvbtaHYRpbuPI&google_hm=MjE1MTE2MTM2ODc0Mzk5NzE1

170 B
188 B

24ms
24ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg9pQNrFrzFBW1vE0s5tbFiVoK0hKVoj0GOT9vzgS_e92raCz28PMsqed-fnqNrxRIdHJJhgEdLBKuxHgEwTvbtaHYRpbuPI&google_hm=MjE1MTE2MTM2ODc0Mzk5NzE1

Requested by

Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:43:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 20 Sep 2022 12:43:02 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg9pQNrFrzFBW1vE0s5tbFiVoK0hKVoj0GOT9vzgS_e92raCz28PMsqed-fnqNrxRIdHJJhgEdLBKuxHgEwTvbtaHYRpbuPI&google_hm=MjE1MTE2MTM2ODc0Mzk5NzE1
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
content-length: 0
x-content-type-options: nosniff

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 8194 0
41 B 15ms
12ms Image
text/html 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEDQimZlKd81tFnh0aR8ZveQ&google_cver=1&google_push=AZmPxg-FtK01nB-gNlMSi81vUWC9-XJrMps9ef-rtL-CIP9dpqVX3ACSO7fUN3RUFz9PCCjEwzex2ZaUwM1cno9b4CLLzYbqXA40
Requested by: Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:02 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8194
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEPt-ahUxnzb7zK6XLpbUgFQ&google_cver=1&google_push=AZmPxg-rLAQvqgVS08-Vt-ON1T-GpHaSOMD61DcKFmK-ToLYWHVy4QTI7IPXi_pI3imNI7dJWG7DZ4A47wj-...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg-rLAQvqgVS08-Vt-ON1T-GpHaSOMD61DcKFmK-ToLYWHVy4QTI7IPXi_pI3imNI7dJWG7DZ4A47wj-uDDFEtbKM6xDF5Ev

170 B
188 B

26ms
25ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg-rLAQvqgVS08-Vt-ON1T-GpHaSOMD61DcKFmK-ToLYWHVy4QTI7IPXi_pI3imNI7dJWG7DZ4A47wj-uDDFEtbKM6xDF5Ev

Requested by

Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:43:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg-rLAQvqgVS08-Vt-ON1T-GpHaSOMD61DcKFmK-ToLYWHVy4QTI7IPXi_pI3imNI7dJWG7DZ4A47wj-uDDFEtbKM6xDF5Ev
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

/
onetag-sys.com/match/ Frame 8194
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEPt-ahUxnzb7zK6XLpbUgFQ&google_cver=1&google_push=AZmPxg-TVaqR5G7Xbye1NPJdha0dcUm1x1uTkl2Zk91YK31Roz7l6rN_XsfQB754VHGPUGnPWDf3g5Ss2Fz...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg-TVaqR5G7Xbye1NPJdha0dcUm1x1uTkl2Zk91YK31Roz7l6rN_XsfQB754VHGPUGnPWDf3g5Ss2FzVPc8swMY1td323UwC
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

17ms
16ms

Image
text/plain

51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:43:02 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 8194 0
12 B 23ms
22ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ksqw_XO6Cu1C3IpyzPI_xVgN3vnefb5DLBd0Lj8Z29lnxXM6j0kNL5QBC_lXpceZe7v7NdBw

Requested by

Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:02 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 btn_cta_arrow.svg
s0.2mdn.net/sadbundle/7024728442041512453/ Frame ACE4 363 B
294 B 21ms
20ms Image
image/svg+xml 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7024728442041512453/btn_cta_arrow.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=4k5F7HlOqC&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47a278025cea905349e975bf082b6d027e22a536a4b3d370afeb04d8fc5b2ca4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=4k5F7HlOqC&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 21:22:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 228026
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 265
x-xss-protection: 0
last-modified: Thu, 23 Jun 2022 10:58:01 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 17 Sep 2023 21:22:36 GMT

GET
H3 200 kia.woff
s0.2mdn.net/sadbundle/7024728442041512453/ Frame ACE4 23 KB
23 KB 20ms
19ms Font
font/woff 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7024728442041512453/kia.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=4k5F7HlOqC&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4974622fff31e0fe9dcc6c31c33e3f74dfb665d2678bd876ab807506e3bab60c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=4k5F7HlOqC&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 20:02:55 GMT
x-content-type-options: nosniff
age: 60007
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23072
x-xss-protection: 0
last-modified: Thu, 23 Jun 2022 10:58:01 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 19 Sep 2023 20:02:55 GMT

GET
H3 200 btn_cta_arrow.svg
s0.2mdn.net/sadbundle/7024728442041512453/ Frame F1D2 363 B
294 B 13ms
13ms Image
image/svg+xml 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7024728442041512453/btn_cta_arrow.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=Mh0o89bu2S&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47a278025cea905349e975bf082b6d027e22a536a4b3d370afeb04d8fc5b2ca4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=Mh0o89bu2S&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 21:22:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 228026
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 265
x-xss-protection: 0
last-modified: Thu, 23 Jun 2022 10:58:01 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 17 Sep 2023 21:22:36 GMT

GET
H3 200 kia.woff
s0.2mdn.net/sadbundle/7024728442041512453/ Frame F1D2 23 KB
23 KB 14ms
13ms Font
font/woff 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7024728442041512453/kia.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=Mh0o89bu2S&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4974622fff31e0fe9dcc6c31c33e3f74dfb665d2678bd876ab807506e3bab60c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=Mh0o89bu2S&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 20:02:55 GMT
x-content-type-options: nosniff
age: 60007
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23072
x-xss-protection: 0
last-modified: Thu, 23 Jun 2022 10:58:01 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 19 Sep 2023 20:02:55 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame D609 0
26 B 54ms
53ms Ping
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv4v8P_FrH9h4ycornmGYxYixRK5nqpOEngVOaZIbajYCT5F4qo2ptLPQbmS4TQWw3nejr8787DPtl9fM6HjatzEa9bVfnNS67S-mjLbQavpeje4qXOmW1im6jSJOKsjAJJMCgC0iVqxvkEMzCUIT3WIIzWX6star6xpRRQH4iqB3AZSmKoc7AJq091oNN1JS0MwQ8JC_accswDHedcXYw7oM2cyppC4FtL_MFY9xxKOhxBSLYU_fnA2Z9DF804LnVZ_x9ZtXQaonZ-ntRKFKtYFUWtR4IcKcAy1zCjod80Z0mOHkdNMlLbMrTW1ccv_3Ykj5RY0p2eHUbs-8I-pUxE3P4ZwNGKfLJBC3kd-a1tHzTNO2yNsvuqlEeaVPCKaQH4e-pupq-pIpTRu2S5Ke5iFv29tP--po1fi1x7azCCvsJqTNP5gzadTZWKXBPmt3VYc6DCG1xSk0152hiIrrZ2zx3kiL3IMhHTeRCfgt49UjSMuZgM_HQ6CY2UFEv0R8rOEIpQrwK1Necb4VUelr7Tf7HvLEZ_oPhQQF7_0TcxRvRa5QcqioaFl0ifSpIFLj45oJCJDRks8z_ouCrpTq5_t5H2vypfpIi7v6xcoXGH726n_WG4zJKP1Scl-xbpX5c8p6FdA0wBPdeBZ9mwgZOdmrTv7mTzjVX_bV0DsX0XQWxQ1KLm9WdKqM0VGLTOs5NpsxtilTR-iamapkck6pfjwHoDziW5oC5ljOw15U90vfa8G7Up1bfRtBj7_xTxRBndQr0hBTLfZRYrL3_Y4dxvvjkQIy-jQiU9oPKcRQLrvfuJ_wgz9wR4Q3rFOYY1Da2JoOz4GREYrfGZIj1KamsOFmAWRR61uxzK2Hl4kfng7sxoihxbkSRTijtUgWDpJ0vNacWpJXZ4EqoFXBhdds7xBYv2Xy_RMRdmixTkPWeo4ViWRLTHVeCxrYnUNpikFDteU-TjCTKVj7F4rgNAP7d1uCBbTgJGmyPNH49QvdCifd-958UVsTSl9VnE0v21MrLbTNrBT_bPAbB-52uKRKFGDAK7jaJDDUciW9mZXHcgwfTsFaS6xobMTbvXZQ3ekpYHZXDgCJ5mFDVRq0TM4_nzeezt4YJNYX76UHl-z_XrGb-FUyfd1aosCfysE6aZOV_mrWvrSKb-NL3ZgwO771wjWbebYOdxbDQTRmIrt-eTDfp4MobRuSFjK0sTlcvg0uEepyhNG8-4zCzZMKu2ODBtRETCVw&sai=AMfl-YTJOvj4FmGEGFrOHTGJND60RN97rdL5NADPWBIrpwAswewLNfFpla1eC6cw0pxFEMWJAvW75d8ccpMBLj3bb86NDzFZYAYVLYb-sjKYY_P8Ku2vSC3u3_feDs5Ix3xwmvfSEkkwxo6BxifH2W7WJ-c7s3pgf0bjAhDfobd1X-gpBfmI3beq2-64hvINQofUvEraKzckunemCTN3nAlhJj2Aimc&sig=Cg0ArKJSzBtNVvdTEXhlEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=794&vt=11&dtpt=572&dett=3&cstd=214&cisv=r20220915.69326&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Sep 2022 12:43:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 index_atlas_P_.png
s0.2mdn.net/sadbundle/7559232315826932986/images/ Frame 7967 19 KB
19 KB 14ms
14ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7559232315826932986/images/index_atlas_P_.png

Requested by

Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9ed7686d106414f0322521fed051713efa78fe5a7fceb6108c567294a307b6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7559232315826932986/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 09:26:27 GMT
x-content-type-options: nosniff
age: 357395
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19004
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 10:59:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 16 Sep 2023 09:26:27 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 28CC 0
26 B 53ms
53ms Ping
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstVz6aQKUBzT1re0F38ug5823gT_fYJeDEDrpa9bF4EUpTbS7LfeYai4-lZeHypBNABZEzCkbJpvgK9fWgZM9H5RHA7kLhL6HV7dzQo59hvDCY8eMFsFpTgpTUsSpLkxzZSowF-6d6HI3a8bl3dv9_1FKYncoJ0qYi4M1wYdOzY3wwagaA62sJ4y4FLPLO7BVGXF57P7snuwOkwS70UMSR2P_tF5-j_WQstiHsIxQIbPVSGll6tUTjt4RdlB-dzlhV2bQX5SN4briRCGfy6PhV3GNmJdzZ7XEuKdHsHqw-6COsWwmvFdyyD0lGW1PpgENqsfsP_X3UM3KYwfnpJmDzZ5T-vjozxnPvUSoHgsnOXkJYsANbuRcOpfxXIViUsf_pwBZxj2gqq73CeDj-uOF44gAgAcgILyO_c11k0A_0PwrRDRDrFxe5vk-CKGEc9z-aGCCM_8oqEBY3upcGAUBw9Hh2wKfwVDV7V-Cf3ES2ELpriATr_6lThJaFg7X02LqqcW7gXoeG41BOFqymL2dmiE0xtX35jEkbRYPaGDtbtYOFCmmf6R5H5f-ktO6Mtpt-1B2MV4DdTVyTBFTVpHpkgW6H5pcs4TQvbayuZ2zAVDA0E_BFb6OJNyrauqVbBjdRwWrg-MLX29BYJMLfHZKL3ouG-Q5vAXwcunDg5_J5QOI802CsxN-JRtdydd_HBC_ON2mL1fQwxsOpVW1KgnpbMOvwr4yGwby_a4YJkAq3Ow1VCnwho1UQIfGHtq6XUJbl2AViq9nAXP3ZBcXIJ_miKngz6wgBZcOWMFP12P-yuvORungJ1oWo79X55HtM74gR6INLudEvVGKGJyBXONARcZjky2R_vZbhgB_uf8ZUzHlTZAXaLzrl8WFmegyC7yAH_z66-N6VN1kFhHoW8u-m1Dqk18Dzl79iSOw-VkjgaEdDMZny9oPDb-wLjVS_QH7wzQmRGeMHV9Lob0YQjRShwF_kgv-mqgCsaeot7iLmApaFQqYrGVz_ppur4K47EZ1kvt7zYnHy0yGs5DW4AOaFGsxml6qeNGfnwHe37kwBohCg0KsfgC_EA_1YBqWWT7k3kbOFbzfeJWkCa95-_C1GTLodKEWDnOtSAQY_mBw27KBaskBqJ6MkvvoSGQFK8VI7zNf6fxakwCEy8WhcY-IVbZox0bfIKO3KiZin6TTFjmJ3RcjRxYA&sai=AMfl-YQDJFY15MJpBPtngmDVt5rLQaYY12nKpQ1FaFoP9hWicbhjHrwPdOSzw6urvrX93ENYiTOZGvKZhh1kc1IEx_sWlUedHbtWAWDuHp4f-HD7cydBKvSrWs4NpZTtkvby8EnhwqGaRc_jzWhJaNycWZVLyFXb_QtMuuGKjQZbIl86_YxgnBpfJNWiQXb8uxxqAFYcc1_EInnijZWKDSqA_tsJ_BU&sig=Cg0ArKJSzGsynoaVTF7wEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=817&vt=11&dtpt=397&dett=3&cstd=405&cisv=r20220915.39971&vwbs=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Sep 2022 12:43:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9450 0
26 B 53ms
53ms Ping
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuAwJu2MVWvZ4EmPzHmBmsMWHrAnrqjrzJ1lAi1CzPy3e8AHEfTT6Dhp56FazeIuArEDdwgBTVdjXOlfd6fv1wsHylzzsSP_9hm7lFm3w3M5P3yfYskjniUbscqRENxm57m4m-4lz6sjZDSUfP5ia-TAGQAsdw7QZlyyM2tQzUWnQi-YvvZTgD7z5L--NeTlFWW8eFFQij6gKVXjUIXKNj0cScV3Q4e77SxgL5Bo4GQf7uAm3M40X6DOZlwPMEXfikoy9agRs10iC83FpQ7MgsFXspQ7L4sD21fgiivK7BKsDVbZmsnHoBNo69qmkMA7gFsjMppu7iOCVEle1dmfCfc_egS6aGcxK-WMwNB6HFRX3B7t74hFCJyBqt6T85uvSjy4BWBTZGbFw6mkW1I-WKOcTb1Z-dN0Aw71P0wFNGRGef1DWRnW_vi00_vsoJTf-9_79RnlCLQ7WUbY8HfNvxX_4dxw8faLPXF5qZ7p6PbpZNmtb-YpeHapbpE-WuBL25ehKgsmpE0n8QqzGSopo_P_GrQTm6jkdEl03PhFGImisfc4o0L0KTrKgU3Th0t_3HPh92ODokkUpQhQhu3obj8m7GoHINiBljMcGGPXcXI0keGekZs-siHF3ktr-yBw5yV7vYwQ735A-BjJfK4WPKyTs-i18M-XobxvGLWPIqjwwCEZSiSfNIeGclQPII1-ArV_AXylx7x5Ev5WADd3lEyMsWepY9TEImIJzoA-HcQMiqFSPNoldSKnE-I29I9_P8Wsh9cTdVn0aKFYFfUCtCnFmEKPZpkYXtlPyew80YRrO5ecgRaCfNo9_-oBYDpI548YaAXae630ABXQ0tojXF9VlB0uVD_EAAV4lfX4arbUJi_AJBenYryUlneGd0ptarL9euGkHDpK16d_u28UvtZwiOBrD5feT2btcPddxWpIEkcjDdVUOIh76uT6QzZPItJy3EKvWZnKxM6CpNK_wSi9u18VcP9G5BBfMsxvsoEZDbNjTj8QuTmlSUfhStB8CRqzw_eYkLxTcze0vkHtDawXofgpREw2XVxNOvpIDOZgJps_ZWLXp1WJYuom7tjCCUn3x6-y2n_76aYz0LCQVwmXS9KotX7y4EjueLnqjAnO3EwecQj_KkfN5dncN2bPfNZMgJVqDLtX3ZwK-NVCy1BxQvYq-1dZX7ehITHd6t_uF-FCGTzvtYSIhrnwJNQqG4zcW_sE5PtxG-IAZJAqPlQn8fNFrZa&sai=AMfl-YRTnJEKNkQYWb8oUe9A7KtpaH8XvHSGs8c4_TP-3Mrl4ja9e66smQH1mu4IXJj8XCSQDtfq1rORw78Q8QZuxNoeSB6n6NAfec5gq-qYce9hOTsJeBzbViXHGlpBah5tplyf246jVFekoMfWAckB_R07lYEmYxSqTsO_ZGfYZwW8Kpb8mW3BKJUcFsx2prG5MpQ80QuHoYl6jM2EV8YFzXFFsOY&sig=Cg0ArKJSzL93YxDKiQAiEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=801&vt=11&dtpt=579&dett=3&cstd=217&cisv=r20220915.98906&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Sep 2022 12:43:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 IIqf1vOd-6pW952NlRsbn4M3wW5PqZJVav1GItm6W8s.js Show response
pagead2.googlesyndication.com/bg/ Frame AF48 36 KB
16 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IIqf1vOd-6pW952NlRsbn4M3wW5PqZJVav1GItm6W8s.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

208a9fd6f39dfbaa56f79d8d951b1b9f8337c16e4fa992556afd4622d9ba5bcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 09:28:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11677
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16029
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Sep 2023 09:28:25 GMT

GET
H3 200 IIqf1vOd-6pW952NlRsbn4M3wW5PqZJVav1GItm6W8s.js Show response
pagead2.googlesyndication.com/bg/ Frame D7CA 36 KB
16 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IIqf1vOd-6pW952NlRsbn4M3wW5PqZJVav1GItm6W8s.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

208a9fd6f39dfbaa56f79d8d951b1b9f8337c16e4fa992556afd4622d9ba5bcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 09:28:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11677
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16029
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Sep 2023 09:28:25 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame F1D2 7 KB
6 KB 58ms
58ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3439c9d5dfc902e66f487d6483f312b73c13eae0e2322079b97c352e9afc1ef4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Sep 2022 12:43:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5758
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame ACE4 7 KB
6 KB 60ms
60ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16660ee88982f03003279dae9be0eef421179246caf4f4bb6a8fd2197708f4ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Sep 2022 12:43:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5660
x-xss-protection: 0

GET
H3 200 IIqf1vOd-6pW952NlRsbn4M3wW5PqZJVav1GItm6W8s.js Show response
pagead2.googlesyndication.com/bg/ Frame 082C 36 KB
16 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IIqf1vOd-6pW952NlRsbn4M3wW5PqZJVav1GItm6W8s.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

208a9fd6f39dfbaa56f79d8d951b1b9f8337c16e4fa992556afd4622d9ba5bcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 09:28:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11677
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16029
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Sep 2023 09:28:25 GMT

GET
H3 200 index_atlas_NP_.jpg
s0.2mdn.net/sadbundle/7559232315826932986/images/ Frame 7967 78 KB
78 KB 14ms
14ms Image
image/jpeg 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7559232315826932986/images/index_atlas_NP_.jpg

Requested by

Host: 0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com
URL: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1e8e36cafe3c0d2b7f4a78a47b74a1b77093ea8bfb6faa04fde94987215e667

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7559232315826932986/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 09:26:27 GMT
x-content-type-options: nosniff
age: 357395
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 80126
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 10:59:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 16 Sep 2023 09:26:27 GMT

GET
H3 200 motif.svg
s0.2mdn.net/sadbundle/7024728442041512453/ Frame ACE4 451 B
342 B 29ms
24ms Image
image/svg+xml 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7024728442041512453/motif.svg

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

524c55c8d2300cce448d346b995650dc7fcd703ab0c3734c057147b5c69d3773

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=4k5F7HlOqC&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 06:42:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 194462
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
last-modified: Thu, 23 Jun 2022 10:58:01 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 18 Sep 2023 06:42:00 GMT

GET
H3 200 logo_kia.svg
s0.2mdn.net/sadbundle/7024728442041512453/ Frame ACE4 1 KB
703 B 28ms
23ms Image
image/svg+xml 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7024728442041512453/logo_kia.svg

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4caec19fb48c8b123d8f1dd3443f2bd70863adf6408db3ea83b1ee46df65c454

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=4k5F7HlOqC&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 06:42:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 194462
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 674
x-xss-protection: 0
last-modified: Thu, 23 Jun 2022 10:58:01 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 18 Sep 2023 06:42:00 GMT

GET
H3 200 23717839_20211026010614039_bg_01.jpg
s0.2mdn.net/ads/richmedia/studio/23717839/ Frame ACE4 26 KB
26 KB 27ms
22ms Image
image/jpeg 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/23717839/23717839_20211026010614039_bg_01.jpg

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d38883ec6a138cc091d45183540e342837b148f52492b110a22e2ab323be92ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=4k5F7HlOqC&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:44:04 GMT
x-content-type-options: nosniff
age: 82738
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26565
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 08:06:14 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 20 Sep 2022 13:44:04 GMT

GET
H3 200 23717839_20211026010617349_bg_02.jpg
s0.2mdn.net/ads/richmedia/studio/23717839/ Frame ACE4 22 KB
22 KB 24ms
20ms Image
image/jpeg 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/23717839/23717839_20211026010617349_bg_02.jpg

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f80ccf259cb77a45984330a4b0412bd0afe3429376dd87a61db55e0eb647ef2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=4k5F7HlOqC&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:45:16 GMT
x-content-type-options: nosniff
age: 82666
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22350
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 08:06:17 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 20 Sep 2022 13:45:16 GMT

GET
H3 200 23717839_20211026010620926_bg_03.jpg
s0.2mdn.net/ads/richmedia/studio/23717839/ Frame ACE4 23 KB
23 KB 21ms
17ms Image
image/jpeg 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/23717839/23717839_20211026010620926_bg_03.jpg

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c44818c27d7051bc552bb00601257280ea1a0bd10b16a7996e56a5b6bf0b4d82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=4k5F7HlOqC&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:45:16 GMT
x-content-type-options: nosniff
age: 82666
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23348
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 08:06:21 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 20 Sep 2022 13:45:16 GMT

GET
H3 200 23717839_20211026010610415_bg_04.jpg
s0.2mdn.net/ads/richmedia/studio/23717839/ Frame ACE4 20 KB
20 KB 23ms
19ms Image
image/jpeg 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/23717839/23717839_20211026010610415_bg_04.jpg

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7c8860556f00aa2a642ee1fd53d5e817df8a189e93f6b3fe66f3481b5a82cff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=4k5F7HlOqC&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:45:16 GMT
x-content-type-options: nosniff
age: 82666
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20757
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 08:06:10 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 20 Sep 2022 13:45:16 GMT

GET
H3 200 motif.svg
s0.2mdn.net/sadbundle/7024728442041512453/ Frame F1D2 451 B
342 B 28ms
25ms Image
image/svg+xml 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7024728442041512453/motif.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=Mh0o89bu2S&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

524c55c8d2300cce448d346b995650dc7fcd703ab0c3734c057147b5c69d3773

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=Mh0o89bu2S&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 06:42:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 194462
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
last-modified: Thu, 23 Jun 2022 10:58:01 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 18 Sep 2023 06:42:00 GMT

GET
H3 200 logo_kia.svg
s0.2mdn.net/sadbundle/7024728442041512453/ Frame F1D2 1 KB
703 B 27ms
25ms Image
image/svg+xml 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7024728442041512453/logo_kia.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=Mh0o89bu2S&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4caec19fb48c8b123d8f1dd3443f2bd70863adf6408db3ea83b1ee46df65c454

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=Mh0o89bu2S&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 06:42:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 194462
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 674
x-xss-protection: 0
last-modified: Thu, 23 Jun 2022 10:58:01 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 18 Sep 2023 06:42:00 GMT

GET
H3 200 23717839_20220120063955117_bg_01.jpg
s0.2mdn.net/ads/richmedia/studio/23717839/ Frame F1D2 14 KB
14 KB 29ms
26ms Image
image/jpeg 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/23717839/23717839_20220120063955117_bg_01.jpg

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63e9a0058f74fed8eebe7be41e119de0a17cff86be74f63f438731b1f3e11bab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=Mh0o89bu2S&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:49:47 GMT
x-content-type-options: nosniff
age: 82395
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14582
x-xss-protection: 0
last-modified: Thu, 20 Jan 2022 14:39:55 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 20 Sep 2022 13:49:47 GMT

GET
H3 200 23717839_20220120063958473_bg_02.jpg
s0.2mdn.net/ads/richmedia/studio/23717839/ Frame F1D2 25 KB
25 KB 30ms
28ms Image
image/jpeg 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/23717839/23717839_20220120063958473_bg_02.jpg

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1f5dad11bc1eaef854848901913d4b452c3c6ad1844df5a9d7578ed0e9ce887

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=Mh0o89bu2S&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:49:52 GMT
x-content-type-options: nosniff
age: 82390
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25611
x-xss-protection: 0
last-modified: Thu, 20 Jan 2022 14:39:58 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 20 Sep 2022 13:49:52 GMT

GET
H3 200 23717839_20220120064001356_bg_03.jpg
s0.2mdn.net/ads/richmedia/studio/23717839/ Frame F1D2 24 KB
24 KB 27ms
25ms Image
image/jpeg 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/23717839/23717839_20220120064001356_bg_03.jpg

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

df0b62593763a1faa65202d76c4dad0774189bc742452b7895ebda8534da0b1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=Mh0o89bu2S&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 16:19:24 GMT
x-content-type-options: nosniff
age: 73418
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24095
x-xss-protection: 0
last-modified: Thu, 20 Jan 2022 14:40:01 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 20 Sep 2022 16:19:24 GMT

GET
H3 200 23717839_20220120064004362_bg_04.jpg
s0.2mdn.net/ads/richmedia/studio/23717839/ Frame F1D2 16 KB
16 KB 29ms
27ms Image
image/jpeg 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/23717839/23717839_20220120064004362_bg_04.jpg

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

815061e2fd0ba411deebcd25e999158eaedf768d16eb0742f48586db901be7a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=Mh0o89bu2S&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 13:49:47 GMT
x-content-type-options: nosniff
age: 82395
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15937
x-xss-protection: 0
last-modified: Thu, 20 Jan 2022 14:40:04 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 20 Sep 2022 13:49:47 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame F1D2 17 KB
6 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 20 Sep 2022 12:43:02 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame ACE4 17 KB
6 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 20 Sep 2022 12:43:02 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame F8D8 0
127 B 13ms
12ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 20 Sep 2022 12:43:02 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

POST
H2 200 all
csm.eu.criteo.net/ Frame D40D 0
127 B 13ms
13ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 20 Sep 2022 12:43:02 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 get Show response
odb.outbrain.com/utils/ 6 KB
3 KB 149ms
149ms Script
text/javascript 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.walla.co.il%2F&idx=9&rand=39941&key=NANOWDGT01&widgetJSId=AR_25&va=true&et=true&format=html&t=MzRkODg5ZWJiMjhlMTdhNWI5ZmM0MzQ5MDM4MzQxMjg=&adblck=false&abwl=false&clss=RZHZjuxJkIg2ruSRO5EdgYH3nG0x%2BjbkfEAExPX8XcL5BgYT7lZ5qaNnaMefN6OZqpBtedOPf4WlIZHb&px=0&py=2452&vpd=1252&cw=1600&activeTab=true&darkMode=false&ab=0&wl=0&em=1&settings=true&recs=true&version=2000897&sig=OmGPS8bW&apv=false&false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fwww.walla.co.il%2F
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 8fbc52381b040d2b49ce1ec53cf957dce164508ef5760a1253250d3290628681

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:03 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, HHN, Europe1
x-timer: S1663677783.866576,VS0,VE143
accept-ranges: bytes
x-served-by: cache-lga21953-LGA, cache-hhn4044-HHN
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-cache-hits: 0, 0
x-traceid: f73a8c64b0f19141bb7c46f55fab63eb
content-encoding: gzip
content-length: 2611
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 70ms
70ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022091501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091501.js?cb=31069671

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1dca2671523c934292ffebee82f63e08432a9cb5bcc3093c51d346addb9fe6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Sep 2022 12:43:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11259
x-xss-protection: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 28CC 43 B
215 B 95ms
95ms Image
image/gif 2600:1f18:1aca:4281:10e8:8b26:ece0:cc82
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1171009&asId=cf5c56e4-e301-5005-e583-b3d2705c8f55&tv=%7Bc:oL3NZl,pingTime:-10,time:683,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8V2luMzJ8fEdlY2tvfHwyMDAzMDEwN3x8MHx8TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwNS4wLjUxOTUuMTI1IFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1663677782903%7C%7Cf1799ce6eaf0697ac3ae0370e10276d0%7C%7Ca6d005963b3621e7f0de2da18354c282%7C%7Ca3b6a62b0f7f81b4365644d738b3bb2b%7C%7Cd148ff84c1615e98432c2d88d9c67c9e%7C%7Caaa1b693775ef469a4ac5594504c4bcf%7C%7C2dfd44d6b72792361ae615b5d9406f14%7C%7Cfd37209c19a64ebf5168bbc85972cefd%7C%7C1629390669%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:10e8:8b26:ece0:cc82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:43:02 GMT
x-server-name: dt20.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 IIqf1vOd-6pW952NlRsbn4M3wW5PqZJVav1GItm6W8s.js Show response
pagead2.googlesyndication.com/bg/ Frame D5E1 36 KB
16 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IIqf1vOd-6pW952NlRsbn4M3wW5PqZJVav1GItm6W8s.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

208a9fd6f39dfbaa56f79d8d951b1b9f8337c16e4fa992556afd4622d9ba5bcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 09:28:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11677
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16029
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Sep 2023 09:28:25 GMT

GET
H3 200 IIqf1vOd-6pW952NlRsbn4M3wW5PqZJVav1GItm6W8s.js Show response
pagead2.googlesyndication.com/bg/ Frame A032 36 KB
16 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IIqf1vOd-6pW952NlRsbn4M3wW5PqZJVav1GItm6W8s.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

208a9fd6f39dfbaa56f79d8d951b1b9f8337c16e4fa992556afd4622d9ba5bcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 09:28:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11677
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16029
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Sep 2023 09:28:25 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091501.js?cb=31069671

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 20 Sep 2022 12:43:02 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C839 13 KB
5 KB 16ms
14ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 75
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 20 Sep 2022 12:41:48 GMT
expires: Wed, 20 Sep 2023 12:41:48 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7CE0 783 B
535 B 25ms
25ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a2bd887c5b266225e99f45f85c9abbf8dadfcfe9885d9d1d76c871f0f6549827

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-3QOgXQr1DCT9sXCp4ezgbA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-3QOgXQr1DCT9sXCp4ezgbA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 20 Sep 2022 12:43:03 GMT
expires: Tue, 20 Sep 2022 12:43:03 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 get Show response
mv.outbrain.com/Multivac/api/ 17 KB
2 KB 247ms
247ms Script
text/javascript 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fwww.walla.co.il%2F&settings=true&recs=true&widgetJSId=AR_25&key=NANOWDGT01&version=2000897&apv=false&sig=OmGPS8bW&format=html&rand=32911&em=1&osLang=en-US&va=true&et=true&cmpStat=0&ccpaStat=0&scrW=1600&scrH=1200&t=MzRkODg5ZWJiMjhlMTdhNWI5ZmM0MzQ5MDM4MzQxMjg=&winW=1600&winH=1200&adblck=false&abwl=false&secured=true&feedIdx=9&lastIdx=9&lastCardIdx=0&fAB=no_abtest&clss=RZHZjuxJkIg2ruSRO5EdgYH3nG0x%2BjbkfEAExPX8XcL5BgYT7lZ5qaNnaMefN6OZqpBtedOPf4WlIZHb&dpr=1&cw=1600&darkMode=false&activeTab=true&ogn=https%3A%2F%2Fwww.walla.co.il%2F
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/2000897/module/streamFeed.js?e=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ec5b3850ced367e0db7a58480651c8a57ed1bb96ffdf8459b97220863c15d8fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:03 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, HHN, Europe1
x-timer: S1663677783.141498,VS0,VE238
accept-ranges: bytes
x-served-by: cache-lga21940-LGA, cache-hhn4044-HHN
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-cache-hits: 0, 0
x-traceid: bc832c33b1bdeeeee325e798d5045cdb
content-encoding: gzip
content-length: 2363
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 28CC 42 B
64 B 57ms
57ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstZ7cLcX5p6OV4eqJVekRM0-0tcUfYQOTOiEVjcOMId-S0A1evSLsV8tu865Xn0_NtyCEk1EHlfbm0vt3_i1MPPGReFLwFqhJHF60ig84nd99Y27TKbDXLGlg5liTnwVwyN7t43VA&sai=AMfl-YQx3zW2wW92gjSgoC5sn9ki1c5iP7wZh8jj9g-J5HYLF8pOrD3BuFvIIz3HRYgs2SRclsbA6UxTK-rhQREKjWOjeha36PLIFn2wkU-QNX41YYMpWGCGWZ6K1iFX90Q&sig=Cg0ArKJSzMvOMrF-n5SHEAE&cid=CAASJeRoR4p8HyAqel5sczG_cPm5EC807KtD3DT9geAYIZbiJppvmMk&id=lidar2&mcvt=1039&p=451,1558,491,1599&mtos=1039,1039,1039,1039,1039&tos=1039,0,0,0,0&v=20220919&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2273020712&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663677781125&rpt=818&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:43:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 publishertag.prebid.123.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 20ms
19ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.123.js

Requested by

Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1663632000000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:03 GMT
content-encoding: gzip
last-modified: Tue, 03 May 2022 11:21:03 GMT
server: nginx
etag: W/"6271101f-15b58"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 21 Sep 2022 12:43:03 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AF48 0
20 B 50ms
50ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B6JcAVbUpY4GCGeCW9u8PltKLwAYAAAAAOAHgBAI&bg=!dnWldTHNAAZqQh0mSkI7ACkAdvg8WtUNx-rjEvTsra9IIrQWD_F8BN9P7J3qjIod2AYYC-FAvuDY8gIAAAI9UgAAAAJoAQcKAEuqKtSey8OMvpfR65VuzpW7V_nmdXJlPpIvLwCcRfYBMmyyG7m_RH_Cq5l3OsIVhoLscPIAhGP9LF8lsmoI8LNfLDUwpOERYHLNUX-ZAvQ4BjiTGzgzldx5qsg_0hnuoEj0Ws9VMVXRlCVZWXQDY1Revg1nBccTWUEeZoMhObDCUdhsoIVxBFXHGb55qfXve2bjm4aFBjufQXu4AM_2wXiOvqpkyjLHVqJY_RZfVYawQx3SxW5xkw_cDmLWFjeZj3BnCcrWA7ZTD7Y4mcjeLp3PiBAHI3KBjMespY7nbdv4YHmzuGr21rqKEGhepnbWS8RhyIbKUWHW5uj3joUBXATjNLePadmWhY4bMFuNc07Gn8yzjXgxONiMvboq95vRqqowvVayMqO9FvSUWAL7VDjB59kvkOeVlg_V_YuSK9dy_ILHIqq8_ok1j7R6sfLePIGyOElxe1bzBR7eu7NlCmtvKgEMjpoV2qO1I513v8UuHKZWFkjPN8nUhEljkrBYCuuRWBxsi0TE7DL7arFBxMJDL0XOVzfShkErjWn5m6cbPBlHZBejA5aSkpfBaDRufn4AjVZWxcrUQtfCT9o3HTV7buxnK8kccuiNRp4ULUdnOyX-PMyt_VpNcbolJ6qhAyBZq5cN4k4Gmmar-ahUgdPdLZ70C_VIRCB2yZ8xjjqwkruqLbhyECYhbI2cWP0LwwA2XYrdiObTeqAOiVfZeL-OhF0mJOJeezdpy6VhyndFmYki9DzT1c-6_naa0Fkmz5ZrcdhxLob9Ma2RETdZC480JsoKPohZyi15a8bywWjAOD2TIydA-1_ZoFCAe4Q3eJam_18JbWrrd8__iF2ZgG2fvPICG7OzjafkmZZlc0NvfQfhCe9WzHoibwMb2Fu5YO8jWLFdvT3VmuZvMqnSEqXzjR8XqMuf6LHbaiMMW8WFlgAWkMkNNUTYheBAI7WjK1FZPYnjDfijxYcv7UCNhUK0Uo7yDCQObF_zzdyi86sDEW-C9YMb8L1ZtGQMsb-_FEEzBr_qJdzqgNvw959KkfP9QVjuSWkYqoC5UmZ8yl917zCG6bxoranp2FN0ZK0MLShflx-rQ4rQxrHtk0GIDACooZU

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:43:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 619D 15 KB
6 KB 226ms
16ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.walla.co.il

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e00397129d5c9f4de2565731d60bc0120d1fe4dc78bf0b5cc9ea8c6571e27052

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 20 Sep 2022 12:43:03 GMT
server: Kestrel
server-processing-duration-in-ticks: 928347
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 88 KB
29 KB 53ms
26ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:03 GMT
content-encoding: gzip
last-modified: Sat, 17 Sep 2022 19:59:55 GMT
server: nginx
etag: W/"6326273b-16120"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 21 Sep 2022 12:43:03 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D7CA 0
20 B 50ms
50ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BeeBmVbUpY6GKGa6G7_UPi7SSyAUAAAAAOAHgBAI&bg=!VFelVxPNAAZqQh0mSkI7ACkAdvg8Wor1kPxdTnrtSUPAhbvTAvDIqQ1M2U8Lqmnfi7cl7YOIoqdC6wIAAAJJUgAAAAJoAQcKAI3yH8QkY40DZqUZ1I0hc4xnvKEYXchYqv30s4c_90syPOAIddtCAD4VVegS7SGnKL_igv2JSOMk_iVRIrc3FiHL9WmV2qLcBI6FNgJi-7Pk0JxSw1tyz4vkUONEvAdSP-gD_gpdXm8UmcDNiL9O3ELs2CS7rV9MSCMTxTQlW9s8TQP0mQ1tZsm7ZxPBVkKZAuFHGaInkveHT38G7MjFOVTYIVcwMpLS6jku9ZGT_ysF_hBA7PQqiI5gxo7xtOcWKaiCIhGpzkQTDIDcY7tmGyVwgwM15TkyQN3wq7TNalSlJKsfGvL5iBKpZZtNmwKgrWa-HpCcmbrDjCUOsvQ8SbVvFlAyoWhCb6Zv_dy33tDZrMbtxWn6YhoUqky2aMm03zkDswm4iRwtKaBctlW8nKnXT1hRhI1HlnUi3igcqHzsXrqd0qXR-xxVA4U8iugmkX3X3R1AnVOyNl3cey0Qs4a9fhvAdKJM1_A6ygCJO7npfovk2fbe_3M2_MH21l7OFH7HLrEcilbh7uScWt-8L1AHTWaE1yLwWCGUX2yQIrC3xMSL6KHVhFRligf_CMMGc22qZiUMRBXNCioFnE1rUjr37HezxliglmUurTiZQcdXf-Gi6GcCfBvMGXTdA22xaWzq1VC45590NlaNuBYLNOHLDKWb_3stjrJ-qIl8Wbw1CglkoBB6kEHEPlUpnSWAi1S251c-VgVEWJtZllkAlPjtAYAW1cAjgiCeLlxdQsGIlyi9SYaXTRAsDIa7pbXmDamXOuLR-5UtGiWQKbCKOQXFwpStcqubnTIdScEYib44qqcdBcDacRu3w3UOZiQBUxVZpzLkLlMEs48o1HqMRlydDoKS1b7Ze63sKD4Ij8yEbJn7tJUTSuzZ_KGTQ1wHdo4AzGKSr7wADY02-A-Eo5qzoLqY5iqX_M4DWkNsU8vJcAtkOfeVO7cIKpCfA18XWIhxEN2dLhEU2cY8CeQG-EPipIOVDp9dL3YSNZyZi0ktHBNr50NxnHFOYOAlC-GDgTPCp5JMLnzxMibl6O1nxNXZwSOdANkJy48l86HzkjOEF729otgh_7d0fztn8wq8HYxZccg6TihgQdO9FI8j7B9MQ_b4uzcPyXJ0SdEL_OVjGUys2vhrDrNeBdOXPfYtWogi8VXsJVnmw6Xmy-iIqd_IXg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:43:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7CE0 0
0 47ms
47ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022091501&jk=1827664075416353&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 082C 0
20 B 51ms
51ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BuR7fVbUpY8CPGbqN9u8P5_Sq6AkAAAAAOAHgBAI&bg=!LS6lLmrNAAZqQh0mSkI7ACkAdvg8WsiE4XMSx-P7PhF7PTFoaZLbc6clKM-OeVNNJU0_2p6meUBSeAIAAAHSUgAAAANoAQcKAHBW4qMRZn9-dtuqQ3O02WuxAGGCZCVmB9B8yHwlHW9RcB2HMPJ3T16LeflY0GxAsXC1fHczCFJ1niPhE6qKkb9q1jT8k-tJrNbAuOvukvOaeIje2EUZ4gfbSxsy_Y5I71tMOiLJXSErfz9XUYkgMLn2mQLrLcRmjo5YNm-KtWtI9j2sssxf7rrEwXRpkgZ7eCtlWEaV3CU9AWfNemK0YVtsfQU44UBhZdaoW0Fa86_t6d1QZ2Kxtoz09ieVIqIwoq_X_i_kmfqZQXieHKtvEeE39O9g7l5I1UUwSmUXq-vAVF55A_apCXhptSYot0JCKCnYLDCnhZCfYaMHUIIa0Cs8KcFV2AHi2vrqSvcESmQTsJpQvX-jl21VTUdOjAbXQEBohxlSfLUqPbMunBUqTDM9AU97bwRgYsCLlhgNiu91E9-KyPje0cn8Yuzugdap0Ozgjq-EmT8x2vhzjvXrm3yeImAsGJTEH4Wy-c1vRL4bF9NMF3BSE81-vn-ByJE6MRLIUbyHxibu6Ygj0FQgXHTY4zrND-rMauXwUKwcd53ebugrFqLtrSF6j-W2Rq4qBhXxDgrIb6bIwutf5EQQzIie1st_iQNs-ZG6Axhe34TV6FnuV7fLRqlfBeV-JLgaURXSb0amE2GmA7h7cm95ib-D6aH05FbRhTIDcg83LR2y-o19d7YZJGoaiF04-8cRpQVhQUMvXlyOvMZi_yLD1-QHt91_do93PBQB--8QRzeC3X-ThuDrGIwzeqt7rCuNHQ6rnIOpvGhok5nBLFNcZS1k_xjD08CcpLIzT38jJ1AGiuVCPAVS1rx5bz-8lMMxdgtCHLPbt0A36ZkWObPs47rzTT_mBfziwYQGa-Pm7NAZ3fUip4EvWIWmB5E1aUr_L3ym86JiriOTHM7sbg-lZRp28wpbicBxLQOfCCBkjlXGrv0WYnFyTnwm7SnQLkzz_SnPTNeh51my72AlZCFycWfUPy4w2fAlKqe8Rz18Y08yUdtQkcyLKH1qJwgn4NsQOviVdLY610qmDQP3kUlCB-e2EKR0MDlj5TJFskc_9TX15_NV6ak7AIcO2y5cxgNYriPOeQQZ0I0bIbUQxynsAnXphmqiHjBSTpW4Gmp25GaHdTp5OSoyh1UVRJjzDOQE

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:43:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 IIqf1vOd-6pW952NlRsbn4M3wW5PqZJVav1GItm6W8s.js Show response
pagead2.googlesyndication.com/bg/ Frame C839 36 KB
16 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IIqf1vOd-6pW952NlRsbn4M3wW5PqZJVav1GItm6W8s.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

208a9fd6f39dfbaa56f79d8d951b1b9f8337c16e4fa992556afd4622d9ba5bcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 09:28:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11678
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16029
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Sep 2023 09:28:25 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 28CC 43 B
215 B 96ms
96ms Image
image/gif 2600:1f18:1aca:4281:10e8:8b26:ece0:cc82
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1171009&asId=cf5c56e4-e301-5005-e583-b3d2705c8f55&tv=%7Bc:oL3O7V,time:1215,type:e,im:%7Bpci:%7Btdr:1033%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:51,o:1164,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:31,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1157~0,0~100%5D,as:%5B1157~160.600%5D%7D%7D,%7Bsl:i,t:1164,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B50~100%5D,as:%5B50~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:173,fm:thYGqAs+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C181%7C182%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f1%7C1g%7C1h%7C1i*.1171009-65650039%7C1i1%7C1i2%7C1i3%7C1j1%7C1j2%7C1k1%7C1k2%7C1k3%7C1l1%7C1l2%7C1l3%7C1m%7C1n%7C1o,idMap:1i*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:32,sis:237%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:10e8:8b26:ece0:cc82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:43:03 GMT
x-server-name: dt24.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2

200

sid Show response
mug.criteo.com/ Frame 619D
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=walla.co.il&sn=ChromeSyncframe&so=0&topUrl=www.walla.co.il&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=ksketnw4VnFEMEl6QVRpcStkTzc4a1M1ODVFeFVHRDJuQWNKSXdPOXlkcHExWGJtQXp5NkF6elVBOEZIdnNzYkpKN1RJK3JwaldiNUduQnVmUFQ4N0pab1plb0c5K1dxamFqSXBnazNCY1gzU3R4SWF4T1NhcWJhbTVISj...

428 B
652 B

103ms
18ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=ksketnw4VnFEMEl6QVRpcStkTzc4a1M1ODVFeFVHRDJuQWNKSXdPOXlkcHExWGJtQXp5NkF6elVBOEZIdnNzYkpKN1RJK3JwaldiNUduQnVmUFQ4N0pab1plb0c5K1dxamFqSXBnazNCY1gzU3R4SWF4T1NhcWJhbTVISjJ1d1FxV215QUVDMGR0N1gxckMvTmVIVGhjYXV2OTZ5N1REY0dEa2NkUjcvT05JNWNlR0xDcllGYXhRR0RKeU1WWVJxaGpCQVBSS2hpUmk3WGh3ZXk5a0ticEplbjNxSWJ0ZDhlb0M1b3l1MmpSZU56QWhlV1BSdFRnWDFmTSthSGJjWWhGTDJQaFpxaUJOSmU4ZEpoUXRXcVIrZ2VCZz09fA&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

aa3c4a42b72349686f8e2c39f9890708a26e21f577ec1c53ecfd233c2422e567

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:43:02 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2412893
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:43:02 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
location: https://mug.criteo.com/sid?cpp=ksketnw4VnFEMEl6QVRpcStkTzc4a1M1ODVFeFVHRDJuQWNKSXdPOXlkcHExWGJtQXp5NkF6elVBOEZIdnNzYkpKN1RJK3JwaldiNUduQnVmUFQ4N0pab1plb0c5K1dxamFqSXBnazNCY1gzU3R4SWF4T1NhcWJhbTVISjJ1d1FxV215QUVDMGR0N1gxckMvTmVIVGhjYXV2OTZ5N1REY0dEa2NkUjcvT05JNWNlR0xDcllGYXhRR0RKeU1WWVJxaGpCQVBSS2hpUmk3WGh3ZXk5a0ticEplbjNxSWJ0ZDhlb0M1b3l1MmpSZU56QWhlV1BSdFRnWDFmTSthSGJjWWhGTDJQaFpxaUJOSmU4ZEpoUXRXcVIrZ2VCZz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 528830
content-length: 0
expires: 0

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.walla.co.il%2F&domain=www.walla.co.il&cw=1&pbt=1&lsw=1
https://mug.criteo.com/sid?cpp=gtUyH3xZUmtCT2pIYkRIWWFyOXJQWVpmb3pBTFNOeHJqMVlJMmhRUWs0ZFlOSTEyUDhqMjQ0dXRwWmtRaWtXdHd4U2x5cGVnazdkWTJWN3pHSEJMa0NmelpOU2draWI2Uk5KZ3hRMndTc01VUVJqMFhvb1RDSGYwOFJRak...

423 B
693 B

18ms
18ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=gtUyH3xZUmtCT2pIYkRIWWFyOXJQWVpmb3pBTFNOeHJqMVlJMmhRUWs0ZFlOSTEyUDhqMjQ0dXRwWmtRaWtXdHd4U2x5cGVnazdkWTJWN3pHSEJMa0NmelpOU2draWI2Uk5KZ3hRMndTc01VUVJqMFhvb1RDSGYwOFJRakhHbnRReWpSU0o0c2tJUjkrVnlNUEIvcnA3MmxtaWF1S0IwYmZ6N3JaY2c0dFM2L1dNQkdxamlxNlVteXhhcWljc2d5OWFmeFJCc0RsMTJwaGMwemF1UmRJeTJUNmtzWStUR2RtVWU4RWdsUWFqUXVZSy9KN0dMbEJQSXZGclRoTm5LQldGd3FPV2hndnE4QjU3L2ZJc3FlYXVsWUpnT0tsdWc4Mmx6bFJRZHkvZFFjd1VaOD18&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

dc532e7ed7937813d04d0debfcdd34f68778237c00256266cbb521aabd84e4ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:43:03 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1646772
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:43:03 GMT
server: Kestrel
location: https://mug.criteo.com/sid?cpp=gtUyH3xZUmtCT2pIYkRIWWFyOXJQWVpmb3pBTFNOeHJqMVlJMmhRUWs0ZFlOSTEyUDhqMjQ0dXRwWmtRaWtXdHd4U2x5cGVnazdkWTJWN3pHSEJMa0NmelpOU2draWI2Uk5KZ3hRMndTc01VUVJqMFhvb1RDSGYwOFJRakhHbnRReWpSU0o0c2tJUjkrVnlNUEIvcnA3MmxtaWF1S0IwYmZ6N3JaY2c0dFM2L1dNQkdxamlxNlVteXhhcWljc2d5OWFmeFJCc0RsMTJwaGMwemF1UmRJeTJUNmtzWStUR2RtVWU4RWdsUWFqUXVZSy9KN0dMbEJQSXZGclRoTm5LQldGd3FPV2hndnE4QjU3L2ZJc3FlYXVsWUpnT0tsdWc4Mmx6bFJRZHkvZFFjd1VaOD18&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
access-control-allow-origin: https://www.walla.co.il
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 521284
content-length: 0
expires: 0

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 500C 3 KB
2 KB 83ms
18ms Document
text/html 184.51.9.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1663632000000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.98 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-98.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1387
Content-Type: text/html; charset=UTF-8
Date: Tue, 20 Sep 2022 12:43:03 GMT
ETag: "e20015-b68-5e4a60c97afb7"
Last-Modified: Mon, 25 Jul 2022 19:18:30 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server: Apache
Vary: Accept-Encoding

GET
H2 204 /
onetag-sys.com/usync/ Frame 5197 0
0 20ms
19ms Document
text/plain 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1663677780587

Requested by

Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1663632000000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H3 200 pd Show response
u.openx.net/w/1.0/ Frame 84B6 0
35 B 43ms
25ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1663632000000
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Tue, 20 Sep 2022 12:43:03 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame DACF 52 KB
17 KB 88ms
19ms Document
text/html 184.51.9.18
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1663632000000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.18 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-18.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Tue, 20 Sep 2022 12:43:03 GMT
ETag: "623de86a-cf34"
Expires: Wed, 21 Sep 2022 12:43:05 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding

GET
H/1.1 204
No Content beacon
ap.lijit.com/ Frame 6E1B 0
0 19ms
19ms Document
text/plain 72.251.249.13
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/beacon?informer=13421168
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1663632000000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.13 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date: Tue, 20 Sep 2022 12:43:03 GMT
Expires: Fri, 20 Mar 2009 00:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Pragma: no-cache
X-Sovrn-Pod: ad_ap2ams1

GET
H2 200 / Show response
csync.smilewanted.com/ Frame CDD6 6 KB
2 KB 27ms
27ms Document
text/html 104.18.25.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1663632000000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.25.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf1775d0a91837b6d93b91469cf7a98784446fbae1a5bfb40c63d8f013061c01

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 74daa50489189225-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 20 Sep 2022 12:43:03 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 6261 15 KB
6 KB 19ms
19ms Document
text/html 184.51.9.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1663632000000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.34 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-34.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=33245
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Tue, 20 Sep 2022 12:43:03 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Tue, 20 Sep 2022 21:57:08 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 01BF 281 B
554 B 70ms
19ms Document
text/html 92.123.9.160
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1663632000000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.9.160 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-9-160.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 20 Sep 2022 12:43:03 GMT
ETag: "40014-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 3181 52 KB
17 KB 87ms
22ms Document
text/html 184.51.9.18
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1663632000000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.18 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-18.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Tue, 20 Sep 2022 12:43:03 GMT
ETag: "623de86a-cf34"
Expires: Wed, 21 Sep 2022 12:43:05 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding

GET
H2 200 sync Show response
eb2.3lift.com/ Frame 7DF7 37 B
139 B 9ms
9ms Document
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1663632000000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Tue, 20 Sep 2022 12:43:03 GMT

GET
H/1.1 200
OK prebid
b1h-euc1.zemanta.com/usersync/ 26 B
151 B 13ms
12ms Image
image/gif 213.227.153.223
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b1h-euc1.zemanta.com/usersync/prebid
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.227.153.223 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 20 Sep 2022 12:43:03 GMT
Connection: keep-alive
Content-Length: 26
Content-Type: image/gif

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame C839 0
11 B 14ms
14ms Image
text/plain 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?FJlyyw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:03 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 48ms
16ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.walla.co.il%2F&domain=www.walla.co.il&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.walla.co.il
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.walla.co.il
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Tue, 20 Sep 2022 12:43:03 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 409798
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 100ms
17ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Tue, 20 Sep 2022 12:43:03 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 537983
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 decode_consent.js Show response
static.smilewanted.com/js/decode_consent/ Frame CDD6 48 KB
12 KB 21ms
20ms Script
application/javascript 104.18.25.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.smilewanted.com/js/decode_consent/decode_consent.js

Requested by

Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.25.121 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://csync.smilewanted.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 504106
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Thu, 15 Apr 2021 17:11:55 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"607873db-c1ce"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
cache-control: public, max-age=315360000
cf-ray: 74daa50519d19225-FRA
expires: Fri, 17 Sep 2032 12:43:03 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 01BF 31 KB
10 KB 27ms
26ms Script
text/html 92.123.9.160
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.9.160 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-9-160.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: d71bfc0d1a5784aeda48917a7c7d2aa2c77d37ec0657b23a858a91d7280d881a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 20 Sep 2022 12:43:03 GMT
Content-Encoding: gzip
Last-Modified: Thu, 15 Sep 2022 22:38:47 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=32126
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9422
Expires: Tue, 20 Sep 2022 21:38:29 GMT

GET
H3 200 usermatch Show response
ssum-sec.casalemedia.com/ Frame B217 2 KB
1 KB 34ms
34ms Document
text/html 104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4bd82ce9f3896db8992ea118e1b30e43fab204e25597a33e2c39d461e16498c0

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 74daa5058dea9bd6-FRA
content-encoding: br
content-type: text/html
date: Tue, 20 Sep 2022 12:43:03 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MlYPyDqL204hyiJyGFFcgfTshTODeeo04DqVDHRa%2FZCDcZ10sZK8rZvX8AQueRtEXMrvWAm5CAHeOEMWgDJv%2B0Y6Y670roZduF%2FsQ9y2Jck593tmZpHsfr7cQ8RYenM%2FhGan6Ip4ZXDhuA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame DACF 0
740 B 15ms
14ms Script
text/html 185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Sep 2022 12:43:03 GMT
X-Proxy-Origin: 37.58.58.250; 37.58.58.250; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: efb4e394-0c1e-42a2-9bef-d506b9e046cb
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 3181 0
740 B 15ms
13ms Script
text/html 185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Sep 2022 12:43:03 GMT
X-Proxy-Origin: 37.58.58.250; 37.58.58.250; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: ad6b18f3-df61-4b6d-bfcb-bb3b62cab1a2
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 drop_cookie_sw.php Show response
csync.smilewanted.com/ Frame 96A6 0
516 B 26ms
25ms Document
text/html 104.18.25.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/drop_cookie_sw.php
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.25.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 74daa505daf59225-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 20 Sep 2022 12:43:03 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2

200

c78d34d8bca6f4128348c719eaa4f4 Show response
csync.smilewanted.com/set_partner_userid_get/freewheel/ Frame 6CFE
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
https://csync.smilewanted.com/set_partner_userid_get/freewheel/c78d34d8bca6f4128348c719eaa4f4

0
583 B

37ms
36ms

Document
text/html

104.18.25.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/freewheel/c78d34d8bca6f4128348c719eaa4f4
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.25.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 74daa5062b799225-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 20 Sep 2022 12:43:04 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
Date: Tue, 20 Sep 2022 12:43:04 GMT
Expires: Tue, 20 Sep 2022 12:43:04 GMT
Location: https://csync.smilewanted.com/set_partner_userid_get/freewheel/c78d34d8bca6f4128348c719eaa4f4
Pragma: no-cache
Server: nginx
x-sticky-vk: 1663677783894079-522

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame B217 70 B
264 B 36ms
35ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:43:04 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame B217
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yym1VcH8vwiFSBs_qsoP7wAABLsAAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yym1VcH8vwiFSBs_qsoP7wAABLsAAAIB&dcc=t

43 B
855 B

117ms
117ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yym1VcH8vwiFSBs_qsoP7wAABLsAAAIB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Sep 2022 12:43:04 GMT
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server
x-amz-rid: 1H4Z32WECESQS8G0AV7H
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 20 Sep 2022 12:43:04 GMT
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server
x-amz-rid: QCSF51NMPX8ZA7QE6PJ2
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yym1VcH8vwiFSBs_qsoP7wAABLsAAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

usermatchredir
ssum-sec.casalemedia.com/ Frame B217
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yym1VcH8vwiFSBs_qsoP7wAABLsAAAIB&gdpr_consent=&us_privacy=&gdpr=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEFfwMySZqm-WIoUnpcb-Ssc&google_cver=1

43 B
850 B

22ms
22ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEFfwMySZqm-WIoUnpcb-Ssc&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray: 74daa5062f399bd6-FRA
pragma: no-cache
date: Tue, 20 Sep 2022 12:43:04 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mQv0ltjJS9BXSTMmMXidVc9zvqOrRcgUs42%2FJ0cXawa9E2s38e%2FJ%2BcifezyA%2BlxM0hcoFZoXvvPqQSpW7U%2B2EtIiEgX3bIBAyGtL3dW5e6mk%2F3MBxCYXRVNx7Rk%2B0%2FW6y%2FVSmiK8dbmF5w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:43:04 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEFfwMySZqm-WIoUnpcb-Ssc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 342
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame B217
Redirect Chain

https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=207039819888687976

43 B
842 B

42ms
42ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=207039819888687976
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray: 74daa5064ec96987-FRA
pragma: no-cache
date: Tue, 20 Sep 2022 12:43:04 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u3VgW%2BgOT9xIMthVuw1ct8FgyJ%2FLzrY7bRpx5wTm80H%2BVdWyvzw6c2N0vqwioFXg4UbmZYneWygChOTGfPL2JAbUQvfF7tzNsL2JD5yXqfiXsRVdorNv1xXBdufP5V7OHDKV92KqhDTpkw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

Pragma: no-cache
Date: Tue, 20 Sep 2022 12:43:04 GMT
X-Proxy-Origin: 37.58.58.250; 37.58.58.250; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 3ed18972-2a57-4de2-b4b4-3be909a47a90
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=207039819888687976
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame B217
Redirect Chain

https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]

43 B
840 B

35ms
35ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray: 74daa51499f06987-FRA
pragma: no-cache
date: Tue, 20 Sep 2022 12:43:06 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xkI0ZcsJm1XsModlYWGNB%2Fky1tPvJef5tg7Ntly5JhpvZ70b8ubJHwKEO5HX6JoGJPLLLJ4qB5jy0ittQEfQm2dy9y0S%2Fb09KZpU3I1hMvs3bWxTaZH5dIWFJxzwiPjXYH8jzq7apGzhrA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]
date: Tue, 20 Sep 2022 12:43:06 GMT
access-control-allow-credentials: true
x-powered-by: Express
content-length: 0
vary: Origin
keep-alive: timeout=5

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame B217
Redirect Chain

https://p.rfihub.com/cm?in=1&pub=2079
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5144588521474576935

43 B
844 B

28ms
28ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5144588521474576935
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray: 74daa507dadd6987-FRA
pragma: no-cache
date: Tue, 20 Sep 2022 12:43:04 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DP2Qgjcc8VThtZlAvZHF8cAcLkC%2FE%2Bevn71MEANYscEl1F7EaqaRp1Bqpnq2WQQ92eZk3t9jS%2BszCC7o8dACQsAMII7G%2FZDFWZ75DugrU0txqojUNnw2lUWDrUtc%2BMC5Zf9PMR66MIyLxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5144588521474576935
Date: Tue, 20 Sep 2022 12:43:04 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 Yym1VcH8vwiFSBs_qsoP7wAABLsAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame B217 43 B
601 B 37ms
36ms Image
image/gif 2a05:d018:d29:3605:c283:2fe6:5625:9484
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/Yym1VcH8vwiFSBs_qsoP7wAABLsAAAIB?gdpr_consent=&us_privacy=&gdpr=

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3605:c283:2fe6:5625:9484 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:04 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
content-length: 43
x-content-type-options: nosniff

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame B217
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=BfyTAFIR1OACAE5

43 B
850 B

29ms
29ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=BfyTAFIR1OACAE5
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray: 74daa506cfdd6987-FRA
pragma: no-cache
date: Tue, 20 Sep 2022 12:43:04 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nO%2BYEGK9A34y5MKUE1LUbSkwNuxPSGV5OO7ijbk6ZNDTNbtzRa%2BYO39a%2B7oPO%2FaQRqnoHplMwzNb5uU%2F%2F38YBWkO5RHFxrhYcnoKMO193NGgqsGVk5BZY8vWPdqrlM6oC96N%2F%2BlYT0ujig%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

Pragma: no-cache
Date: Tue, 20 Sep 2022 12:43:03 GMT
Server: PingMatch/5cd8a5d#5cd8a5dae4649c563ed7e6eb1dd90a4f2423ff29 i-013e0f4b92ef8966c@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=BfyTAFIR1OACAE5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame B217 43 B
352 B 46ms
15ms Image
image/gif 2606:4700::6812:d4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?Yym1VcH8vwiFSBs-qsoP7wAA%261211
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray: 74daa5063f1690ee-FRA
date: Tue, 20 Sep 2022 12:43:04 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 258
etag: "761e21-2b-546dc3a097100"
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=14400
accept-ranges: bytes
content-type: image/gif
content-length: 43
expires: Tue, 20 Sep 2022 16:43:04 GMT

GET
H2 204 v1
match.sharethrough.com/universal/ Frame 3852 0
0 22ms
7ms Document
text/plain 52.29.139.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.139.35 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-139-35.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

date: Tue, 20 Sep 2022 12:43:04 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 01BF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFUnC7bmH380KyQprQsG0CA&google_cver=1

0
239 B

10ms
10ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFUnC7bmH380KyQprQsG0CA&google_cver=1
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:43:04 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFUnC7bmH380KyQprQsG0CA&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 01BF
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTliMTFlNzgwZTgxZTA3ZjEzYjgzMGZjZGExMzc3ZjNhMjA2ODVmZQ

170 B
188 B

24ms
23ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTliMTFlNzgwZTgxZTA3ZjEzYjgzMGZjZGExMzc3ZjNhMjA2ODVmZQ

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:43:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTliMTFlNzgwZTgxZTA3ZjEzYjgzMGZjZGExMzc3ZjNhMjA2ODVmZQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 01BF 70 B
264 B 38ms
35ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:43:04 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 01BF
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhBNlNNWlYtMjItRzBLTg==

170 B
188 B

28ms
27ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhBNlNNWlYtMjItRzBLTg==

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:43:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhBNlNNWlYtMjItRzBLTg==
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 01BF
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=w63W6IcmTQKloMhwGDy8Zw&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=w63W6IcmTQKloMhwGDy8Zw

43 B
479 B

42ms
42ms

Image
image/gif

52.95.122.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=w63W6IcmTQKloMhwGDy8Zw

Protocol

HTTP/1.1

Server

52.95.122.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Sep 2022 12:43:04 GMT
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server
x-amz-rid: F2AVYVCCTCB2FX2540MD
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=w63W6IcmTQKloMhwGDy8Zw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 01BF
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/b-ozZ2dRAxKw2VPWlAxkSMn5EUdSAgOZEtemQ7w0kco?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=215116136874399715

0
239 B

10ms
9ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=215116136874399715
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Content-Type: image/gif

Redirect headers

date: Tue, 20 Sep 2022 12:43:04 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=215116136874399715
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
content-length: 0
x-content-type-options: nosniff

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 01BF
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8A6SMZV-22-G0KN

0
704 B

210ms
190ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8A6SMZV-22-G0KN
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:43:04 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 02F39A8B0B9840128FF62B08504A8C7A Ref B: FRAEDGE1506 Ref C: 2022-09-20T12:43:04Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXpGytZN5OOLdhek3kh/A==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8A6SMZV-22-G0KN
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 01BF
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=WQlTgt0VSFmbqE0oHExfRQ&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=WQlTgt0VSFmbqE0oHExfRQ

43 B
479 B

105ms
105ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=WQlTgt0VSFmbqE0oHExfRQ

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Sep 2022 12:43:04 GMT
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server
x-amz-rid: 7Q7VGMB3S7AHJRPVGGB0
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=WQlTgt0VSFmbqE0oHExfRQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

setuid Show response
ib.adnxs.com/prebid/ Frame 418F
Redirect Chain

https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%...
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=6f422dd2eeeb0011dd32bcb9da9bfb2c

43 B
1 KB

13ms
13ms

Document
image/gif

185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=6f422dd2eeeb0011dd32bcb9da9bfb2c

Requested by

Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

AN-X-Request-Uuid: f5d81930-f152-4f3f-aabd-4428681b985f
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Tue, 20 Sep 2022 12:43:04 GMT
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma: no-cache
Server: nginx/1.21.3
X-Proxy-Origin: 37.58.58.250; 37.58.58.250; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 74daa5067bf39225-FRA
content-type: text/html; charset=UTF-8
date: Tue, 20 Sep 2022 12:43:04 GMT
location: https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=6f422dd2eeeb0011dd32bcb9da9bfb2c
server: cloudflare

GET
H3 200 connectmyusers.php Show response
cdn.connectad.io/ Frame ACE2 1 KB
834 B 41ms
30ms Document
text/html 2606:4700:10::6816:36ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 74daa506dfcd9bef-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 20 Sep 2022 12:43:04 GMT
server: cloudflare

GET
H2 200 3437077-46.jpeg
images.wcdn.co.il/f_auto,q_auto,w_700,t_54/3/4/3/7/ 72 KB
73 KB 9ms
9ms Image
image/avif 18.66.122.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wcdn.co.il/f_auto,q_auto,w_700,t_54/3/4/3/7/3437077-46.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-88.fra60.r.cloudfront.net
Software: cloudinary /
Resource Hash: 0748ed54da838511bade1a17bdf5b9b6dedc3260f31a1f3422cbf5963a03c6a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 04:49:05 GMT
via: 1.1 varnish, 1.1 7b314c2b827b3a655861e27775634208.cloudfront.net (CloudFront)
age: 28439
edge-cache-tag: 315967803942859320675024957509442542247,118291521066828225852529435541574966377,d2bce9e04f88d43dd8350e859c701704
cache-tag: 315967803942859320675024957509442542247,118291521066828225852529435541574966377,d2bce9e04f88d43dd8350e859c701704
status: 200 OK
x-cache: Hit from cloudfront
content-length: 73668
x-request-id: 8c40a0c368c9620574cf7d4af7ab6de5
x-served-by: cache-iad-kjyo7100155-IAD
last-modified: Tue, 20 Sep 2022 04:49:06 GMT
server: cloudinary
x-timer: S1663649345.607487,VS0,VE1087
etag: "05178c94eec65754688f87184741a8e6"
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: kobFkTaoXzE1bnFILpSM_zxCMnVBbvVNrLDUkPsf_HzvrtQRwhxbJA==
x-cache-hits: 0

GET
H/1.1

200
OK

getuid Show response
sync.smartadserver.com/ Frame 6BD6
Redirect Chain

https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]
https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1

0
75 B

17ms
17ms

Document
text/plain

185.86.139.115
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.115 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
date: Tue, 20 Sep 2022 12:43:03 GMT

Redirect headers

cache-control: no-cache,no-store
content-length: 0
date: Tue, 20 Sep 2022 12:43:03 GMT
location: https://sync.smartadserver.com:443/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
pragma: no-cache

GET
H3 204 1
sync-eu.connectad.io/syncer/ Frame 6B89 0
0 27ms
26ms Document
text/plain 2606:4700:10::6816:36ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by: Host: cdn.connectad.io
URL: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://cdn.connectad.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 74daa50738dd9bef-FRA
date: Tue, 20 Sep 2022 12:43:04 GMT
server: cloudflare
via: 1.1 google

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame C195 0
0 9ms
9ms Document
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache,no-store,must-revalidate
Content-Type: image/gif
Expires: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
X-RPHost: 704c1e4d3fcc922a3031d436b584678b

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 49ms
49ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022091501&jk=1827664075416353&bg=!trWltfHNAAZqQh0mSkI7ACkAdvg8WrJD9_Aw2ohN_qUJByfjPwzuOZr_roQw3-U_Vkqpvo6ah9aZZwIAAACrUgAAAANoAQeZApUVADuFBbHfhqdaaRMalZltZTGIJ7PzJ6fktSnpfzomLL7bNXuviZhjR7iTOuMf64RPTPNutggG7OMbRe1tlt8p8DwR5XjPgumcuIYMtkTu5scU2i4n7SW8YC657ShJlG_2XF1R-NcMAuS5c8LTC60ALEqXHMijODBUlth1YqmZwTtdSxrSrVHldiPMMd9QUGBNxZ16iNo3JX5pE2zDXLfNj5htIIOrKr57OgC1DmC3hp20WtMUBTlRSzaD10BxCC4NW8Xj2msxavyq6M4CmgugebcnmwlcM6N9-DwY1lAhF70iBho2E3spvBsy0XHZAp1_nRzMcc6gPXjPJ2x3eEktpULoUIHAsiN3jBbptLKGix3npuYz8BwnzjzQ8B9RyvgiZrBC17pltXTfdEu1l7MrpNOvBWCJ_8Gr5PN0cIuiTr6JrGD1EcMVJml7fhKuNs0QAffNxWeG_0mqYxGzlMvLtbKlW-YHjYXFAdZZEVTQEQZk5lOZbPVsA47OQRB4lhDlO8Cqgg7qDe9Esbk4zDniDg2JjHTGB07Gv4Vj8MhlXeExEsKDsb9EWHBvjWrjL8Qce20IZyZC16LCcq1r4WVjmt1mqKJyaXTby7c_JPuxjazeaCmxrHKsHPR-xJrIxt8I6Vz9iAQ-XmVKjno4xNsinxAfKhUaPo7xBa0U3rwW0VDFVeoO8nk3wqAZ9KXhXxVe1QG_h1yEvoYidqSzyZeLHVATiMMWggpc3aLSFFFHLcf9Gv31c7DzvRMK0fBLgbUSwnWncjzKRM9bUuilJDBQO5-POwC6mxTiQO1_LCCSOis1ZgDXn4x6J2d1QXIKMsBvN2Yen4dR6mGNU-3cOTTVZVOsSr-N1u2FoIBU3Hz6ZzuVj5Qf
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame A941 15 KB
6 KB 20ms
19ms Document
text/html 184.51.9.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.34 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-34.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=33244
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Tue, 20 Sep 2022 12:43:04 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Tue, 20 Sep 2022 21:57:08 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2

200

c51f40b6-38e1-11ed-8b3c-180e33a50306 Show response
csync.smilewanted.com/set_partner_userid_get/spotx/ Frame 3A19
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID&__user_check__=1&sync_id=c51f4118-38e1-11ed-8b3c-180e33a50306
https://csync.smilewanted.com/set_partner_userid_get/spotx/c51f40b6-38e1-11ed-8b3c-180e33a50306

0
602 B

30ms
30ms

Document
text/html

104.18.25.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/spotx/c51f40b6-38e1-11ed-8b3c-180e33a50306
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.25.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 74daa508df679225-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 20 Sep 2022 12:43:04 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection: keep-alive
Content-Length: 0
Content-Type: text/plain
Date: Tue, 20 Sep 2022 12:43:04 GMT
Location: https://csync.smilewanted.com/set_partner_userid_get/spotx/c51f40b6-38e1-11ed-8b3c-180e33a50306
Server: nginx
X-fe: 14

GET
H2

200

/ Show response
csync.smilewanted.com/set_partner_userid_get/outbrain/ Frame D36B
Redirect Chain

https://b1sync.zemanta.com/usersync/smilewanted?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Foutbrain%2F__ZUID__
https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0

0
103 B

33ms
33ms

Document
text/html

104.18.25.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.25.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 74daa50d3edf9225-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 20 Sep 2022 12:43:05 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 92
Content-Type: text/html; charset=utf-8
Date: Tue, 20 Sep 2022 12:43:04 GMT
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Location: https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
Pragma: no-cache

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 28CC 43 B
215 B 95ms
95ms Image
image/gif 2600:1f18:1aca:4281:10e8:8b26:ece0:cc82
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1171009&asId=cf5c56e4-e301-5005-e583-b3d2705c8f55&tv=%7Bc:oL3Onf,pingTime:1,time:2165,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:31%7D,%7Bpiv:100,vs:i,r:,t:1165%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1001,o:1164,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:31,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1157~0,0~100%5D,as:%5B1157~160.600%5D%7D%7D,%7Bsl:i,t:1164,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1000~100%5D,as:%5B1000~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:102,fm:thYGqAs+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C181%7C182%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f1%7C1g%7C1h%7C1i*.1171009-65650039%7C1i1%7C1i2%7C1i3%7C1j1%7C1j2%7C1k1%7C1k2%7C1k3%7C1l1%7C1l2%7C1l3%7C1m%7C1n%7C1o,idMap:1i*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:32,sis:237%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:10e8:8b26:ece0:cc82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:43:04 GMT
x-server-name: dt23.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 28CC 43 B
215 B 96ms
95ms Image
image/gif 2600:1f18:1aca:4281:10e8:8b26:ece0:cc82
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1171009&asId=cf5c56e4-e301-5005-e583-b3d2705c8f55&tv=%7Bc:oL3Ong,pingTime:1,time:2166,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:31%7D,%7Bpiv:100,vs:i,r:,t:1165%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1002,o:1164,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:31,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1157~0,0~100%5D,as:%5B1157~160.600%5D%7D%7D,%7Bsl:i,t:1164,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:102,fm:thYGqAs+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C181%7C182%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f1%7C1g%7C1h%7C1i*.1171009-65650039%7C1i1%7C1i2%7C1i3%7C1j1%7C1j2%7C1k1%7C1k2%7C1k3%7C1l1%7C1l2%7C1l3%7C1m%7C1n%7C1o,idMap:1i*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:32,sis:237%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:10e8:8b26:ece0:cc82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0c0142c3150d03877569b4d4dd4c2066.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Sep 2022 12:43:04 GMT
x-server-name: dt24.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2

200

73ee6fc7-942c-467a-952e-5f861e3fcef4 Show response
csync.smilewanted.com/set_partner_userid_get/loopme/ Frame 3DCE
Redirect Chain

https://csync.loopme.me/?redirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Floopme%2F%7Bdevice_id%7D&gdpr=0&gdpr_consent=
https://csync.smilewanted.com/set_partner_userid_get/loopme/73ee6fc7-942c-467a-952e-5f861e3fcef4?gdpr_consent=null&gdpr=0

0
829 B

45ms
45ms

Document
text/html

104.18.25.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/loopme/73ee6fc7-942c-467a-952e-5f861e3fcef4?gdpr_consent=null&gdpr=0
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.25.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 74daa5092fd89225-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 20 Sep 2022 12:43:04 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 74daa508de55bb80-FRA
content-length: 0
date: Tue, 20 Sep 2022 12:43:04 GMT
location: https://csync.smilewanted.com/set_partner_userid_get/loopme/73ee6fc7-942c-467a-952e-5f861e3fcef4?gdpr_consent=null&gdpr=0
server: cloudflare

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame DACF 0
740 B 20ms
20ms Script
text/html 185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Sep 2022 12:43:04 GMT
X-Proxy-Origin: 37.58.58.250; 37.58.58.250; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 0b30bb34-8e17-42b2-98cf-21284338e696
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 3181 0
740 B 14ms
14ms Script
text/html 185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS