www.walla.co.il Open in urlscan Pro
52.222.236.20 Public Scan

URL: https://mail.walla.co.il/

URL: https://mobile.walla.co.il/?utm_source=walla&utm_medium=desktop_hp_top_cpm_W&utm_campaign=Promotion_Sep&lm_supplier=39239&lm_bc=26127
Title: וואלה! mobileבמבצע השקה

URL: https://news.walla.co.il/
Title: חדשות

URL: https://sports.walla.co.il/
Title: ספורט

URL: https://finance.walla.co.il/
Title: כסף

URL: https://e.walla.co.il/
Title: תרבות

URL: https://celebs.walla.co.il/
Title: סלבס

URL: https://food.walla.co.il/
Title: אוכל

URL: https://fashion.walla.co.il/
Title: אופנה

URL: https://healthy.walla.co.il/
Title: בריאות

URL: https://travel.walla.co.il/
Title: תיירות

URL: https://tech.walla.co.il/
Title: טכנולוגיה

URL: https://cars.walla.co.il/
Title: רכב

URL: https://www.sheee.co.il/
Title: Sheee

URL: https://nadlan.walla.co.il/
Title: נדל"ן

URL: https://www.wallashops.co.il/?utm_source=wallahp1&utm_medium=walla&utm_campaign=hpnemalakniut_1
Title: קניות

URL: https://www.drushim.co.il/
Title: דרושים

URL: https://www.yad2.co.il/?utm_source=walla&utm_medium=logo

URL: https://b.walla.co.il/
Title: ברנז'ה

URL: https://marketing.walla.co.il/
Title: שיווק ודיגיטל

URL: https://mekomi.walla.co.il/
Title: מקומי

URL: https://home.walla.co.il/
Title: בית

URL: https://horoscope.walla.co.il/zodiacs
Title: הורוסקופ

URL: https://gaming.walla.co.il/
Title: גיימינג

URL: https://fun.walla.co.il/
Title: משחקים

URL: https://fantasy-sport1.walla.co.il/?utm_source=app&utm_medium=hamburger&utm_campaign=RM_WallaSport
Title: ליגת החלומות

URL: https://healthy.walla.co.il/category/594
Title: הורות וילדים

URL: https://judaism.walla.co.il/
Title: יהדות

URL: https://law.walla.co.il/
Title: משפטי

URL: https://mazaltov.walla.co.il/
Title: וואלה! מזל טוב

URL: https://now.walla.co.il/
Title: NOW

URL: https://calendar.walla.co.il/
Title: לוח שנה

URL: https://tv-guide.walla.co.il/
Title: לוח שידורים

URL: https://holidays.walla.co.il/
Title: שבתות וחגים

URL: https://www.b144.co.il/?sitecode=10&subsitecode=1406&site=walla&utm_source=walla&utm_medium=header
Title: B144

URL: https://mazaltov.walla.co.il/weddingdresses/
Title: שמלות כלה

URL: https://tld.walla.co.il/
Title: טוב לדעת

URL: https://beauty.walla.co.il/
Title: ביוטי

URL: https://perfectmatch.walla.co.il/
Title: חיבורים מושלמים

URL: https://mumlazim.walla.co.il/
Title: מומלצים

URL: https://b144.walla.co.il/
Title: עסקים קטנים

URL: https://yoram.walla.co.il/
Title: לימודים

URL: https://career.walla.co.il/
Title: חיפוש עבודה

URL: https://paisculture.walla.co.il/
Title: פיס בתרבות

URL: https://tmirecycle.walla.co.il/
Title: קיץ של מחזור

URL: https://starkist.walla.co.il/
Title: כל מה שטוב בטונה

URL: https://dogsandcats.walla.co.il/
Title: כלבים וחתולים

URL: https://galil.walla.co.il/
Title: גליל, תשאלו כל דחליל

URL: https://yarokkl.walla.co.il/
Title: שומרים על כדור הארץ

URL: https://daciatrips.walla.co.il/
Title: מבשלים מהשטח

URL: https://www.wallashops.co.il/%D7%9E%D7%91%D7%A6%D7%A2%D7%99%D7%9D-3?utm_source=WALLA&utm_medium=text_linkHP&utm_campaign=mivtzeim
Title: מבצעים

URL: https://www.wallashops.co.il/?utm_source=WALLA&utm_medium=text_linkHP&utm_campaign=wallashops
Title: וואלה! שופס

URL: https://eilat.wallashops.co.il/?utm_source=WALLA&utm_medium=text_linkHP&utm_campaign=EILAT
Title: וואלה! שופס אילת

URL: https://www.wallatours.co.il/zimmer/
Title: צימרים

URL: https://www.wallaprint.co.il/?utm_source=WALLA&utm_medium=HP&utm_campaign=PRINTtext
Title: אלבומים

URL: https://tld.walla.co.il/category/13221
Title: weshow

URL: https://vod.walla.co.il/movies
Title: סרטים

URL: https://vod.walla.co.il/tvshows
Title: סדרות

URL: https://viva.walla.co.il/
Title: ויוה

URL: https://www.facebook.com/wallanews

URL: https://twitter.com/WallaNews

URL: https://www.instagram.com/wallanews/

URL: https://www.tiktok.com/@walla.news

URL: https://help.walla.co.il/
Title: עזרה

URL: https://help.walla.co.il/section/12344
Title: כתבו לנו

URL: https://dcx.walla.co.il/walla/terms/terms.pdf
Title: תנאי שימוש

URL: https://dcx.walla.co.il/walla_news_files/a516a87cfcaef229b342c437fe2b95f7.pdf
Title: מדיניות פרטיות

URL: https://apps.walla.co.il/
Title: אפליקציות

URL: https://www.wallashops.co.il/?utm_source=WALLA&utm_medium=text_linkHP&utm_campaign=kniyot
Title: קניות

URL: https://bit.ly/3tk0q7d
Title: קניות!באילת

URL: https://bit.ly/3cy45s1
Title: וואלה!פרינט

URL: https://healthy.walla.co.il/category/13034
Title: הורים טריים

URL: https://horoscope.walla.co.il/
Title: הורוסקופ

URL: https://vod.walla.co.il/hot
Title: HOT VOD

URL: https://news.walla.co.il/breaking
Title: מבזקי חדשות

URL: https://news.walla.co.il/break/3540319
Title: 21:34מקסיקו: עשרות אלפים מחו ברחובות על תוכנית רפורמת הבחירות של הנשיא

URL: https://news.walla.co.il/break/3540311
Title: 20:17זלנסקי: חוקרים חשפו יותר מ-400 פשעי מלחמה שרוסיה ביצעה באזור חרסון

URL: https://bit.ly/3QIYsbr

URL: https://news.walla.co.il/item/3540316

URL: https://news.walla.co.il/item/3540171
Title: התוספת למשפחהאחד יהודי אחד לבנוני: החתנים של דונלד טראמפ

URL: https://e.walla.co.il/item/3540314
Title: "אהרוג אותך!""אשבור לך העצמות": ההסתבכות החדשה של נאור ציון

URL: https://sports.walla.co.il/item/3540317
Title: ריאיון חסר תקדים"יונייטד בגדה בי": רונאלדו תוקף - ולא רק את קבוצתו

URL: https://healthy.walla.co.il/item/3537830
Title: בשיתוף נוברטיס, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית."גם אנשים רזים וצעירים יחסית יכולים לעבור התקף לב"בשיתוף נוברטיס

URL: https://sports.walla.co.il/item/3540249
Title: צפו בתקצירהצגה: חמישייה למכבי חיפה מול הפועל ת"א, אצילי כיכב

URL: https://e.walla.co.il/item/3540301
Title: "גאה שאני יהודיה"נועה קירל במחאה אופנתית נגד האנטישמיות וקניה ווסט

URL: https://celebs.walla.co.il/item/3540146
Title: מתגפפיםמי צ'יקו לטינו: פבלו רוזנברג והחברה מאוהבים

URL: https://tmirecycle.walla.co.il/item/3518707
Title: בשיתוף תאגיד המיחזור תמיר, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.בלי להתבלבל: כך סימון קטן אחד צפוי לחולל שינוי גדולבשיתוף תאגיד המיחזור תמיר

URL: https://e.walla.co.il/item/3539776
Title: מרגש: צפו במשי ונועם קלינשטיין מפתיעות את אבא רמיוואלה! תרבות

URL: https://finance.walla.co.il/item/3539138
Title: הקמעונאים הבטיחו שלא יעלו מחירים - ושיקרוליאת רון

URL: https://healthy.walla.co.il/item/3538788
Title: 411 ימי גיהינום: האיש שלא החלים מקורונהמערכת וואלה! בריאות

URL: https://tld.walla.co.il/item/3477072?lm_supplier=16893&lm_bc=9701
Title: רבקה זיידה: ״השיטה שלנו לטיפול באקנה עזרה כבר ל-50 אלף איש״מוגש טעם מעבדות רבקה זיידה

URL: https://www.outbrain.com/what-is/default/he

URL: https://news.walla.co.il/item/3540241
Title: הפיגוע בטורקיה: המחבלת הניחה מטען על ספסל דקות לפני הפיצוץ

URL: https://news.walla.co.il/item/3540239
Title: סמוטריץ' נפגש עם רבני הציונות הדתית; דרעי: "זה לא תרגיל"

URL: https://news.walla.co.il/item/3540309
Title: עם קריוקי במעגלי ריקודים: צפו בבכירי הליכוד חוגגים בבת ים

URL: https://news.walla.co.il/item/3540226
Title: משפחת המתלוננת נגד הרב טאו: "יודעים על נפגעות נוספות"

URL: https://news.walla.co.il/item/3540220
Title: שבוע למונדיאל: "מהגרי העבודה בקטאר סובלים מעבדות מודרנית"

URL: https://news.walla.co.il/item/3540075
Title: שומרים על רוב בסנאט: הדמוקרטים ניצחו במושב הנכסף בנבאדה

URL: https://news.walla.co.il/category/5108
Title: אסור לפספס

URL: https://e.walla.co.il/item/3539733
Title: לאן נעלמה מי שהייתה אליזבת, החברה של רוס ב"חברים"?

URL: https://healthy.walla.co.il/item/3538713
Title: "יש לי 11 ילדים משמונה גברים ואני לא מתנצלת"

URL: https://tld.walla.co.il/item/3373407?lm_supplier=16893&lm_bc=18422
Title: מוגש מטעם "גברא", הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.המין לא מספק? כך תשפרו ביצועים בהנחה בלעדיתמוגש מטעם "גברא"

URL: https://sports.walla.co.il/item/3540038
Title: התמונות ה"מיניות" הפכו את המתעמלת למיליונרית

URL: https://sports.walla.co.il/item/3540310
Title: בכר מתמוגג וטוען: "אצילי קיבל החלטה נכונה עם הנבחרת"

URL: https://sports.walla.co.il/item/3540001
Title: צפו בדרמה הגדולה: ילד הפלא הציל את מנצ'סטר יונייטד

URL: https://sport1.maariv.co.il/square/article/988133/
Title: "בגידה"? האקסית תפסה ספורטאי ששווה 400 מיליון

URL: https://sports.walla.co.il/item/3498345
Title: לוח שידורי מונדיאל 2022 - היכן ישודרו כל המשחקים?

URL: https://sports.walla.co.il/item/3540082
Title: צפו ברגע המחלוקת: "לא ברור איך השער של זהבי לא אושר"

URL: https://tld.walla.co.il/item/3522160
Title: מוגש מטעם בי קיור לייזר, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.פחות קמטים אחרי שימוש אחד: מכשיר לטיפול ביתי רפואי-קוסמטימוגש מטעם בי קיור לייזר

URL: https://tld.walla.co.il/item/3373407?lm_supplier=16893&lm_bc=9857
Title: מוגש מטעם "גברא", הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.הסוד לשיפור חיי המין שלכם – כעת במבצע מיוחדמוגש מטעם "גברא"

URL: https://tld.walla.co.il/item/3512046
Title: מוגש מטעם בי קיור לייזר, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.מהפכה: בינה מלאכותית וטכנולוגיית RF בטיפולי הפניםמוגש מטעם בי קיור לייזר

URL: https://tld.walla.co.il/item/3538505?lm_supplier=16893&lm_bc=9857
Title: מוגש מטעם אפוסתרפיה, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.כך נראים החיים עם ובלי כאבים בברכיים (והסוד לפתרון)מוגש מטעם אפוסתרפיה

URL: https://fantasy-sport1.walla.co.il/?utm_source=WallaDesktop&utm_medium=bannerHP&utm_campaign=RM_WallaSport

URL: https://e.walla.co.il/item/3540193
Title: מה בעצם מניע את נתניהו? יש לזה יותר מתשובה אחת

URL: https://e.walla.co.il/item/3540065
Title: בעקבות מחלתה: כוכבת "נשואים פלוס" בהודעה דרמטית

URL: https://paisculture.walla.co.il/item/3523004
Title: בשיתוף מפעל הפיס, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.הראל סקעת החליט לחפש את עצמו בגוגל. אפילו הוא הופתע מהתוצאותבשיתוף מפעל הפיס

URL: https://law.walla.co.il/item/3537099
Title: בשיתוף zap משפטי, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.נפגעתם בתאונה? כל מה שחשוב לדעת לפני הגשת תביעהבשיתוף zap משפטי

URL: https://law.walla.co.il/item/3537659
Title: בשיתוף zap משפטי, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.כיצד תוכלו להתנגד לצוואה ולהביא לפסילתה? מדריךבשיתוף zap משפטי

URL: https://law.walla.co.il/item/3537929
Title: בשיתוף zap משפטי, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.ייתכן שזו ההזדמנות האחרונה שלכם לקבל אזרחות רומניתבשיתוף zap משפטי

URL: https://tmirecycle.walla.co.il/item/3437487
Title: בשיתוף תמיר, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.מנפצים מיתוסים: האם באמת כל כך קשה להתחיל להפריד אשפה?בשיתוף תמיר

URL: https://judaism.walla.co.il/item/3538791
Title: מוגש מטעם שובה ישראל, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.הילולת רחל אמנו: ההשפעה הגדולה לדורי דורותמוגש מטעם שובה ישראל

URL: https://flu.walla.co.il/item/3536814
Title: בשיתוף אסטרהזניקה, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית."את באמת ציפי שביט?": מה הוביל את הכוכבת להטריד עוברי אורח באמצע הרחוב?בשיתוף אסטרהזניקה

URL: https://friends-hist.walla.co.il/item/3536455
Title: בשיתוף FRIENDS, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.גידי גוב, חוה אלברשטיין ואדיר מילר: אירועי החורף של FRIENDSבשיתוף FRIENDS

URL: https://news.walla.co.il/item/3539926?nativeplayer=1&obOrigUrl=true
Title: הכירו את פוסידון: רוסיה ביצעה ניסוי בנשק "יום הדין" - ונכשלה חדשות

URL: https://www.golantelecom.co.il/offers?utm_source=outbrain&utm_medium=native_ad&utm_campaign=nov22&obOrigUrl=true
Title: ב-139 ₪ לחודש: חבילת 5G משפחתית ומשתלמת בגולן גולן טלקום | ממומן

URL: https://b.walla.co.il/item/3539769?obOrigUrl=true
Title: איילת שקד תחליף את ביסמוט ב"אולפן שישי"? ברנז׳ה

URL: https://subtext-academy.co.il/%d7%9e%d7%94-%d7%94%d7%a7%d7%a9%d7%a8-%d7%91%d7%99%d7%9f-%d7%a9%d7%a4%d7%aa-%d7%92%d7%95%d7%a3-%d7%9c%d7%91%d7%99%d7%98%d7%97%d7%95%d7%9f-%d7%a2%d7%a6%d7%9e%d7%99/?channelID=78862&mt=RE&ga1=1&obOrigUrl=true
Title: האם שפת הגוף יכולה לשנות את מה שאנו מרגישים כלפי עצמנו סאבטקסט - האקדמיה לשפת גוף | ממומן

URL: https://experis.co.il/kickstart/?utm_source=walla&utm_medium=circle&utm_content=hitech_career_change
Title: הסבה להייטק

URL: https://www.manpower.co.il/?utm_source=walla&utm_medium=circle&utm_content=job_search
Title: עבודה בהייטק

URL: https://jobs.experis.co.il/?utm_source=walla&utm_medium=circle&utm_content=hitech_job
Title: חיפוש עבודה

URL: https://finance.walla.co.il/item/3539802
Title: אחת ולתמיד: כמה מרוויח שליח של Wolt?

URL: https://finance.walla.co.il/item/3539616
Title: מונדיאל 2022: כמה יעלה לנו לארח את המשחקים בבית?

URL: https://finance.walla.co.il/item/3539985
Title: טירוף טוויטר: שילם 8 דולר - והפיל ערך מניה ב-13 מיליארד דולר

URL: https://finance.walla.co.il/item/3539047
Title: בשיתוף eBay, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית."השוק הישראלי - מהגדולים בשווקים המתפתחים ב-eBay"בשיתוף eBay

URL: https://nadlan.walla.co.il/item/3539920
Title: וכמה שווה הדירה שלך? עסקאות הנדל"ן של השבוע

URL: https://nadlan.walla.co.il/item/3539772
Title: מומחים ממליצים: כך הממשלה תפתור את משבר הדיור

URL: https://mekomi.walla.co.il/item/3532760
Title: בשיתוף עיריית גבעתיים, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.הופעות, אוכל רחוב והרבה יין: ביקרנו בפסטיבל הצבעוני של גבעתייםבשיתוף עיריית גבעתיים

URL: https://celebs.walla.co.il/item/3540250
Title: אייל גולן: "אני לא זוכר איך קוראים לילדים שלי"

URL: https://celebs.walla.co.il/item/3540133
Title: לפני מותו: צביקה פיק הרחיק את שירה מנור מביתו

URL: https://celebs.walla.co.il/item/3538846
Title: אסלה חגיגית וגולגולת: הרכישות המוזרות של הסלבס

URL: https://now.walla.co.il/item/3532575
Title: איך המרגש? תפוח ב...

URL: https://now.walla.co.il/item/3532570
Title: מה תאחלו לעצמכם לשנה החדשה?

URL: https://www.manpower.co.il/?utm_source=walla&utm_medium=content&utm_campaign=jobs_search_new

URL: https://healthy.walla.co.il/item/3539101
Title: מצוננים? לא תאמינו מה קצת קינמון ודבש יכולים לעשות

URL: https://healthy.walla.co.il/item/3537005
Title: איך אפשר להיפטר ממחשבות טורדניות? יש לנו תשובה

URL: https://healthy.walla.co.il/item/3538864
Title: ארוחת הבוקר הבריאה הזאת תשאיר אתכם שבעים כל היום

URL: https://healthy.walla.co.il/item/3538475
Title: למה גברים מגרבצים? מומחים מנסים לענות על השאלה

URL: https://healthy.walla.co.il/item/3536414
Title: כך תחיו עם הפער בין ההורה שרציתם לההורה שאתם באמת

URL: https://healthy.walla.co.il/item/3194322
Title: הילד מנוזל? מה באמת יכול לעזור - ומה ממש אסור לעשות

URL: https://e.walla.co.il/category/12992

URL: https://e.walla.co.il/item/3540162
Title: הסדרה החדשה והעבודה עם השחקניות הגדולות: גורי אלפי בריאיון

URL: https://e.walla.co.il/item/3540121
Title: "כשזה קורה אתה מפסיק לנשום": מה גרם למתמודדת משחקי השף להילחץ?

URL: https://e.walla.co.il/item/3540125
Title: אבודים | "למה אין אזכור לילדה בת שנתיים שאף אחד לא יודע איפה היא?"

URL: https://e.walla.co.il/item/3539564
Title: פרשת צייד הפדופילים: "כולם קיבלו תחושה במהלך החקירה שהם לא הסיפור"

URL: https://food.walla.co.il/recipe/641210
Title: מתכון לפנקייק

URL: https://food.walla.co.il/recipes
Title: מתכונים

URL: https://food.walla.co.il/item/3476843
Title: מתכוני מרקים

URL: https://food.walla.co.il/item/3538879
Title: נסיעה קצרה, ותגלו את אחד ההמבורגרים הכי כיפיים בישראל

URL: https://food.walla.co.il/item/2987393
Title: "לא עוד פעם חביתה וקוטג'!" פשטידה שילדים אוהבים

URL: https://food.walla.co.il/item/2982933
Title: מה קורה כשמפגישים בצק אנגלי פריך עם ממרח תמרים לבנטיני?

URL: https://food.walla.co.il/item/3439436
Title: הטורקי, העיראקי וזה שהכי קל להכין: 7 בורקסים מופלאים

URL: https://career.walla.co.il/item/3536808
Title: בשיתוף ManpowerGroup, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.הרשת הפרטית שלך למציאת עבודהבשיתוף ManpowerGroup

URL: https://career.walla.co.il/item/3528833
Title: בשיתוף Manpower, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.מתי צריך לשנמך את קורות החיים וכיצד לעשות את זה?בשיתוף Manpower

URL: https://career.walla.co.il/item/3528831
Title: בשיתוף Manpower, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.עד כמה היציבות התעסוקתית עדיין משחקת תפקיד בשוק העבודה?בשיתוף Manpower

URL: https://fashion.walla.co.il/item/3540245
Title: חמישה לוקים בולטים ומרשימים שתפסו לנו את העין

URL: https://fashion.walla.co.il/item/3540167
Title: בטוחות שהשאנל שלכן מקורי? יצאנו לבדוק בשבילכן

URL: https://fashion.walla.co.il/item/3539814
Title: הכוכבות עושות קאמבק לטרנד מגפי הירך

URL: https://fashion.walla.co.il/item/3539364
Title: המדריך למציאת הג'ינס המושלם

URL: https://www.sheee.co.il/item/3540183
Title: מישלן או מקריפ? זה מה שבחורה בת 23 רוצה מגבר בן 44

URL: https://www.sheee.co.il/item/3537524
Title: מחקר מדאיג: גברים רבים רואים בבובות מין "פרטנר רומנטי אידיאלי"

URL: https://travel.walla.co.il/item/3540091
Title: בעד או נגד? פתח רגליים כל הטיסה ו"פלש" למרחב של הנוסעת שלידו

URL: https://travel.walla.co.il/item/3540096
Title: בריטיש איירווייז: דיילים יוכלו להתאפר וללבוש חצאית

URL: https://travel.walla.co.il/item/3539553
Title: "אני חולמת שיביאו את אלי לקבורה לפני שאעצום את עיניי"

URL: https://travel.walla.co.il/item/3538851
Title: מספרד לישראל ברגל: תיירת הלכה לפה 6,000 ק"מ במשך שנה

URL: https://tmirecycle.walla.co.il/item/3473082
Title: בשיתוף תמיר, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.למה עודד מנשה ועדן הראל נראו על משאית אשפה?בשיתוף תמיר

URL: https://tmirecycle.walla.co.il/item/3436119
Title: בשיתוף תמיר, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.החוויה באוסטרליה שגרמה ליעל גולדמן להפוך ל"כתומה"בשיתוף תמיר

URL: https://tmirecycle.walla.co.il/item/3433567
Title: בשיתוף תמיר, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.למה מי-רן מנקס לא קונה בגדים חדשים (חוץ מהלבשה תחתונה)?בשיתוף תמיר

URL: https://tech.walla.co.il/item/3540205
Title: "היה יותר טוב לפניך": כשסטיבן קינג ייבש את מאסק

URL: https://tech.walla.co.il/item/3539968
Title: הביזיון הגדול: טוויטר יצאה משליטה, הרשת משתוללת

URL: https://tech.walla.co.il/item/3539652
Title: בדקנו אוזניות עם סוללה שלא נגמרת. ומה מצב האיכות?

URL: https://tech.walla.co.il/item/3538606
Title: נוסעת בזמן? ההסבר ל"טלפון הסלולרי" מ- 1938

URL: https://tech.walla.co.il/item/3539322
Title: חדשות טובות: החור באוזון ממשיך להתכווץ

URL: https://tech.walla.co.il/item/3538930
Title: גרים על מאדים: נמצאו אתרי מגורים אפשריים על הכוכב האדום

URL: https://marketing.walla.co.il/item/3540136
Title: האם הממשלה החדשה ערוכה לסופה דיגיטלית?

URL: https://marketing.walla.co.il/item/3539700
Title: איך למטב תקציבי שיווק שנחתכו בין לילה

URL: https://b.walla.co.il/item/3540262
Title: "מתפלל שכמה ממניחי התפילין יקשרו עצמם עם התפילין בגרון"

URL: https://b.walla.co.il/item/3540180
Title: סופ"ש של פורענות: הבחירות הסתיימו, הפייק עדיין כאן

URL: https://gaming.walla.co.il/item/3539934
Title: המדבבת שנתפסה בשקר ודפקה לעצמה את הקריירה בתעשייה

URL: https://gaming.walla.co.il/item/3539960
Title: רשמי: המשחק Control 2 בשלבי פיתוח

URL: https://gaming.walla.co.il/item/3539939
Title: מפלצת ביצועים: הביקורת ל-Asus ROG 6

URL: https://gaming.walla.co.il/item/3539780
Title: הבלאגן בטוויטר: GTA 6 ומריו עושה אצבע משולשת

URL: https://horoscope.walla.co.il/item/3540144
Title: הורוסקופ שבועי: 13-19 בנובמבר 2022

URL: https://horoscope.walla.co.il/item/3539143
Title: מגרש שדים: "השטן הרס את משפחתי וניסה להרוג אותי"

URL: https://horoscope.walla.co.il/item/3538908
Title: כך תגלו מי לעולם לא ישקר לכם - לפי המזל שלו

URL: https://home.walla.co.il/item/3539374
Title: סיפחה מחסן, דיגמה את המטבח: מהפך מטורף לדירה במרכז

URL: https://home.walla.co.il/item/3539136
Title: על חורבותיך: במקום שיפוץ של פשרות, הם הרסו ובנו מחדש

URL: https://home.walla.co.il/item/3539521
Title: טריק ניקיון הספה המדהים עם 3 פריטים שמסיר כל כתם

URL: https://home.walla.co.il/item/3539279
Title: טיפ רותח: פריט מושלם לכל סלון במחיר הכי זול שראינו

URL: https://vod.walla.co.il/tvshow/3448412
Title: VODבעלת החלומות

URL: https://vod.walla.co.il/
Title: VOD

URL: https://vod.walla.co.il/movie/3345256
Title: VODבשם הבת

URL: https://vod.walla.co.il/movie/2878828
Title: VODיקירי

URL: https://vod.walla.co.il/tvshow/3433108
Title: VODאופוריה

URL: https://vod.walla.co.il/movie/2819078
Title: VODמסי - הדוקומנטרי

URL: https://judaism.walla.co.il/item/3540264
Title: מוגש מטעם שובה ישראל, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.שידור חי • ישיר ממרוקו: שיעורו של הרב פינטומוגש מטעם שובה ישראל

URL: https://judaism.walla.co.il/item/3540199
Title: מוגש מטעם שובה ישראל, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.התמונה המרגשת של החייל שנרצח: "מסר את חייו"מוגש מטעם שובה ישראל

URL: https://judaism.walla.co.il/item/3540209
Title: בעקבות המצב הביטחוני: הדירה ברובע היהודי עזובה

URL: https://cars.walla.co.il/item/3540300
Title: צפו: הטסלה מאיצה, דוהרת, דורסת ומתרסקת

URL: https://cars.walla.co.il/item/3540269
Title: נבחר האזור בארץ שיקבל 80 מיליון שקל לבטיחות

URL: https://cars.walla.co.il/item/3540305
Title: ב.מ.וו סדרה 3 בישראל: פחות ביותר?

URL: https://cars.walla.co.il/item/3540105
Title: תפסנו את מיני-ואן העל הסיני בניסויים בישראל

URL: https://havazingboimworld.walla.co.il/
Title: חווה זינגבויים

URL: https://havazingboimworld.walla.co.il/item/3539514
Title: בשיתוף חוה זינגבוים, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.המוצר שישנה לך את שגרת הטיפול: כך תבחרי את הפילינג הנכון עבורךבשיתוף חוה זינגבוים

URL: https://havazingboimworld.walla.co.il/item/3531663
Title: בשיתוף חוה זינגבוים, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.שיקום העור אחרי הקיץ: הדרך לעור פנים בריא וקורן כל השנהבשיתוף חוה זינגבוים

URL: https://havazingboimworld.walla.co.il/item/3531431
Title: בשיתוף חוה זינגבוים, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.עור שמן, עור אקנתי או גם וגם? הטיפול המתאים ביותר לעור הפנים שלךבשיתוף חוה זינגבוים

URL: https://tld.walla.co.il/item/3532805?lm_supplier=16893&lm_bc=9857
Title: מוגש מטעם Visa to America, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.יש דרך קלה וחוקית לקבל גרין קארד או ויזה לארה"במוגש מטעם Visa to America

URL: https://tld.walla.co.il/item/3531749
Title: מוגש מטעם weshow, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.כולם מדברים עליה… אחת הנשים היותר מוערכות בעולם הביוטימוגש מטעם weshow

URL: https://tld.walla.co.il/item/3533933
Title: מוגש מטעם weshow, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.רגע לפני שעוברים קבלו טיפים מהמומחים של "עומר הובלות"מוגש מטעם weshow

URL: https://tld.walla.co.il/item/3533958
Title: מוגש מטעם weshow, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.הדרך למשכנתא בתנאים טובים למגזר הערבי, הדרוזי והצ'רקסימוגש מטעם weshow

URL: https://havazingboimworld.walla.co.il/item/3536429
Title: אקנה בגיל מבוגר? הגורמים ושגרת הטיפול שבאמת עובדתבשיתוף חוה זינגבוים

URL: https://milucca.walla.co.il/item/3533257
Title: בשיתוף MILUCCA, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.המייקאפ שאתן פשוט חייבות להכירבשיתוף MILUCCA

URL: https://sanofi.walla.co.il/item/3533935
Title: בשיתוף סאנופי, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.זו אחת החוויות הקשות עבור חולי סוכרת. איך מתמודדים איתה?בשיתוף סאנופי

URL: https://healthy.walla.co.il/item/3537244
Title: בשיתוף כללית אסתטיקה, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.הרשימה בפנים: מה שחשוב לבדוק לפני טיפול או ניתוח אסתטי?בשיתוף כללית אסתטיקה

URL: https://mazaltov.walla.co.il/article/archive/8177/?utm_source=walla_news&utm_campaign=merkaz
Title: חזר למסלול: הקאמבק של דני מזרחי

URL: https://mazaltov.walla.co.il/article/event-place/8181/#utm_source=walla_news&utm_campaign=merkaz
Title: עיצוב אירופאי, קסם ישראלי: הכירו את סיה

URL: https://mazaltov.walla.co.il/article/makeup-guide/8158/?fbclid=IwAR2x5jOxJEXJfRXFn4w4jW_l9vT2jKLXt86sI-r3F9WaZVOGBTmAhL3QdZA#utm_source=walla_news&utm_campaign=merkaz
Title: מאחורי הגלאם: ראם שרביט חושף את הסוד הגדול על חייו

URL: https://fun.walla.co.il/game/3167792
Title: באבלס הקול בראש

URL: https://fun.walla.co.il/game/3451219
Title: 8 קלף חזק

URL: https://fun.walla.co.il/game/3363397
Title: שש בש קלאסי

URL: https://fun.walla.co.il/game/3459415
Title: 10 על 10 קלאסי

URL: https://fun.walla.co.il/item/3321998
Title: פרוט נינג'ה

URL: https://fun.walla.co.il/game/3348002
Title: אליפות העולם למצוירים

URL: https://milucca.walla.co.il/item/3525105
Title: הגיע הזמן: כך תבחרי מייקאפ חדשבשיתוף מילוקה

URL: https://travel.walla.co.il/item/3537915
Title: בשיתוף פגסוס, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.אופנועי שלג, סנטה ודייג בקרח: האטרקציות שאסור לפספס בספארי חורף בלפלנדבשיתוף פגסוס

URL: https://tmirecycle.walla.co.il/item/3473255
Title: בשיתוף תמיר, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.איך גורמים לילדים להתחיל למחזר? בעזרת טיפים ורעיונות מקורייםבשיתוף תמיר

URL: https://sanofi.walla.co.il/item/3529074
Title: בשיתוף סאנופי, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.כיצד הפך האינסולין לאחת התרופות הנפוצות והמוכרות בעולם?בשיתוף סאנופי

URL: http://www.enaim.co.il/
Title: הסרת משקפיים

URL: http://dominos.walla.co.il/?utm_source=Walla&utm_medium=Cooperation&utm_campaign=ongoing&utm_content=more_online
Title: פיצה אונליין

URL: https://www.b144.co.il/%D7%A4%D7%A8%D7%97%D7%99%D7%9D/%D7%AA%D7%9C-%D7%90%D7%91%D7%99%D7%91-%D7%99%D7%A4%D7%95/?&sitecode=10&subsitecode=1400&site=walla&d=1
Title: כל חנויות הפרחים

URL: https://www.b144.co.il/%D7%97%D7%A9%D7%9E%D7%9C%D7%90%D7%99%D7%9D/%D7%97%D7%A9%D7%9E%D7%9C%D7%90%D7%99%D7%9D-24-%D7%A9%D7%A2%D7%95%D7%AA/%D7%90%D7%96%D7%95%D7%A8-%D7%AA%D7%9C-%D7%90%D7%91%D7%99%D7%91-%D7%95%D7%94%D7%9E%D7%A8%D7%9B%D7%96/?&sitecode=10&subsitecode=1402&site=walla&d=1
Title: חשמלאים

URL: https://www.kamaze.co.il/
Title: השוואת מחירים

URL: https://www.b144.co.il/%D7%A0%D7%93%D7%9C%D7%9F/%D7%AA%D7%99%D7%95%D7%95%D7%9A/%D7%90%D7%96%D7%95%D7%A8-%D7%AA%D7%9C-%D7%90%D7%91%D7%99%D7%91-%D7%95%D7%94%D7%9E%D7%A8%D7%9B%D7%96/?&sitecode=10&subsitecode=1403&site=walla&d=1
Title: תיווך

URL: https://www.wallashops.co.il/?utm_source=walla&utm_medium=wallahp2&utm_campaign=hpnemalawallashops_2
Title: וואלה שופס

URL: https://www.seolinks.co.il/
Title: קידום אתרים

URL: https://hayoetzet.co.il/
Title: מציאת רופא מומלץ

URL: https://www.wallashops.co.il/%D7%94%D7%9E%D7%95%D7%A6%D7%A8%D7%99%D7%9D-%D7%94%D7%A0%D7%9E%D7%9B%D7%A8%D7%99%D7%9D-%D7%91%D7%99%D7%95%D7%AA%D7%A8#intref=HP-DealCubes&meta=%D7%94%D7%A0%D7%9E%D7%9B%D7%A8%D7%99%D7%9D-%D7%91%D7%99%D7%95%D7%AA%D7%A8?utm_source=walla&utm_medium=wallahp2&utm_campaign=hpnemalasale_2
Title: מבצעים

URL: https://www.leumi.co.il/Campaign/loan_all_clients/47071/
Title: הלוואה לכל מטרה

URL: https://www.sugat.com/all-recipes/
Title: מתכונים מנצחים

URL: https://www.wallashops.co.il/%D7%93%D7%99%D7%9C-%D7%99%D7%95%D7%9E%D7%99?utm_source=walla&utm_mediumhp2=walla&utm_campaign=hpnemaladeal_2
Title: דיל יומי

URL: http://m.onelink.me/b3fbc033
Title: חדשות בזמן אמת

URL: https://www.wallaprint.co.il/?utm_source=WALLA&utm_medium=textSEO&utm_campaign=odBAinternet
Title: וואלה! פרינט

URL: http://pricelist.yad2.co.il/
Title: מחירון רכב

URL: http://www.yad2.co.il/Nadlan/sales.php
Title: דירות למכירה

URL: http://www.yad2.co.il/Nadlan/rent.php
Title: דירות להשכרה

URL: https://yoram.walla.co.il/mivdak?utm_source=wallacampaign
Title: המבדק של יורם

URL: http://www.oref.org.il/11093-he/Pakar.aspx
Title: פיקוד העורף

URL: https://news.walla.co.il/category/1
Title: חדשות בארץ

URL: https://bama.bio/b2b
Title: הבמה שלך באינטרנט

URL: https://www.maariv.co.il/jewishism/shabat-times
Title: כניסת שבת

URL: https://www.hamal.co.il/
Title: חמ"ל

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://walla.com/ HTTP 301
https://walla.com/ HTTP 301
https://www.walla.co.il/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 158

https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent= HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/freewheel/94b2f7f0d1ed9d1c82d85eabfe3cf3ec?gdpr_consent=&gdpr=0

Request Chain 160

https://creativecdn.com/cm-notify?pi=smilewanted HTTP 302
https://creativecdn.com/cm-notify?pi=smilewanted&tc=1 HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/Jsxj7W0eTQ1MjfxOU1NK?pi=smilewanted&tc=1

Request Chain 161

https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 302
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=71f50e5fc66713a52716e1e4731ef6bc

Request Chain 163

https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid] HTTP 302
https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1

Request Chain 165

https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010 HTTP 302
https://ice.360yield.com/ul_cb/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/%7BPUB_USER_ID%7D&partner_id=1010 HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/improve/6c66fe50-aaf9-4255-8c28-9847464f3b67&partner_id=1010

Request Chain 170

https://ssum-sec.casalemedia.com/usermatchredir?s=193216&cb=https://csync.smilewanted.com/set_partner_userid_get/indexexchange/ HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Findexexchange%2F&s=193216&C=1 HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/indexexchange/Y3F1H90V5uXLOufgSEsR6AAA%265180

Request Chain 193

https://c1.adform.net/serving/cookie/match?party=14&cid=E38BD62B-5B53-45AF-9D2C-894F68FDDC16&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=E38BD62B-5B53-45AF-9D2C-894F68FDDC16&gdpr=0&gdpr_consent=

Request Chain 194

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:5f586371-751f-4700-b071-b7376e7f8aae&gdpr=0&gdpr_consent=

Request Chain 195

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3573948873620605900

Request Chain 197

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=E38BD62B-5B53-45AF-9D2C-894F68FDDC16&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=E38BD62B-5B53-45AF-9D2C-894F68FDDC16&redir=true&gdpr=0&gdpr_consent=&dcc=t

Request Chain 198

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=9042649650226842289&gdpr=0&gdpr_consent=

Request Chain 200

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=44vWK1tTRa-dLIlPaP3cFg%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

Request Chain 201

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=dd186371-7520-4900-bc44-d252a733e65b

Request Chain 202

https://pixel.onaudience.com/?partner=214&mapped=E38BD62B-5B53-45AF-9D2C-894F68FDDC16&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?party=1242&redirect=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D68%26icm%26cver%26mapped%3D__ADFUID__%26gdpr%3D0 HTTP 302
https://pixel.onaudience.com/?partner=68&icm&cver&mapped=9079230091351378520&gdpr=0 HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=b5caa1cfaef14769/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D

Request Chain 203

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RTM4QkQ2MkItNUI1My00NUFGLTlEMkMtODk0RjY4RkREQzE2&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 204

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJ7NUzoCxN9TuYNZ5WxRHmg&google_cver=1

Request Chain 206

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=9079230091351378520

Request Chain 211

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPYIXu9_-Ard5FHUxEeQwS0&google_cver=1&google_push=ASkJ3FZCZRPf2Xso8UQnYxJr86cjcjPCSZ5ZydJZUmPicB4jryV3dA9L0tm2-hNRwX9YIs2Q9TSdvqKYRyrz-_W211JPMUy9pQO2CA HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPYIXu9_-Ard5FHUxEeQwS0&google_cver=1&google_push=ASkJ3FZCZRPf2Xso8UQnYxJr86cjcjPCSZ5ZydJZUmPicB4jryV3dA9L0tm2-hNRwX9YIs2Q9TSdvqKYRyrz-_W211JPMUy9pQO2CA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UHAyWG9uQ2ExT1VsUE41&google_gid=CAESEPYIXu9_-Ard5FHUxEeQwS0&google_cver=1&google_push=ASkJ3FZCZRPf2Xso8UQnYxJr86cjcjPCSZ5ZydJZUmPicB4jryV3dA9L0tm2-hNRwX9YIs2Q9TSdvqKYRyrz-_W211JPMUy9pQO2CA

Request Chain 212

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEG3N7DsesKou4RjzgaRgreA&google_cver=1&google_push=ASkJ3FZHX05Pm93x5bUEZ4_l_pEYWkc3_VDfMVVmrb8ayRyXbqfDn2b2iKWsTkmHRunF3llnr-IPhRW2v393OTmCPexsi9WbzOBW HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEG3N7DsesKou4RjzgaRgreA&google_push=ASkJ3FZHX05Pm93x5bUEZ4_l_pEYWkc3_VDfMVVmrb8ayRyXbqfDn2b2iKWsTkmHRunF3llnr-IPhRW2v393OTmCPexsi9WbzOBW

Request Chain 214

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBfttD2qHBHItajdJw3CBVE&google_cver=1&google_push=ASkJ3Fae9ZUHHSRGQRd7VCXHWpMTJqwO5TXAXVCva9VjEfYOPw6x0EfVcsnvZS-dWLWPUwDivKyvHB9xwnomtP5QDO4yIuMkbYYvIg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFGWUM0STAtSS1DQ1JZ&google_push=ASkJ3Fae9ZUHHSRGQRd7VCXHWpMTJqwO5TXAXVCva9VjEfYOPw6x0EfVcsnvZS-dWLWPUwDivKyvHB9xwnomtP5QDO4yIuMkbYYvIg

Request Chain 215

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEIM_yHpKEKKKPw9HlsZ_-QY&google_cver=1&google_push=ASkJ3FZJ98cRTiB2dntTaSyLc2pOHJJRd_Y1mhlOv9C0aWrvKgYMSkFXIP4tHs7RlFUFlJzpddxOUOLncrXyBpQ0rbL99ho6-rjwtQ HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=ASkJ3FZJ98cRTiB2dntTaSyLc2pOHJJRd_Y1mhlOv9C0aWrvKgYMSkFXIP4tHs7RlFUFlJzpddxOUOLncrXyBpQ0rbL99ho6-rjwtQ&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1668379935411 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-bd82da4f-54b3-4868-a331-5cef20af8294-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DASkJ3FZJ98cRTiB2dntTaSyLc2pOHJJRd_Y1mhlOv9C0aWrvKgYMSkFXIP4tHs7RlFUFlJzpddxOUOLncrXyBpQ0rbL99ho6-rjwtQ%26google_hm%3DA72C2k9Us0hoozFc7yCvgpQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ASkJ3FZJ98cRTiB2dntTaSyLc2pOHJJRd_Y1mhlOv9C0aWrvKgYMSkFXIP4tHs7RlFUFlJzpddxOUOLncrXyBpQ0rbL99ho6-rjwtQ&google_hm=A72C2k9Us0hoozFc7yCvgpQ

Request Chain 218

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEG3N7DsesKou4RjzgaRgreA&google_cver=1&google_push=ASkJ3FbPMlN3ZZDWS7dFutbd_8EXZ7VqbpDkLcd0jLmPktoaw1fhYXGYl3WPOMDPUFQCLnrtJJIV4O__dWEdYpC78bWGOqBgDubMQA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEG3N7DsesKou4RjzgaRgreA&google_push=ASkJ3FbPMlN3ZZDWS7dFutbd_8EXZ7VqbpDkLcd0jLmPktoaw1fhYXGYl3WPOMDPUFQCLnrtJJIV4O__dWEdYpC78bWGOqBgDubMQA

Request Chain 220

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEKyiIVj6CghE5io5Sber-34&google_cver=1&google_push=ASkJ3Fb2G5KEWyW-OXq0NxUQDMBBL1JdtBseaxnKuQFVrKps1GwX4sSUS9n4O1AfAPt69UvdALitnKHb3Sq6S1BVNega7ILe8Qeh HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=44vWK1tTRa-dLIlPaP3cFg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3Fb2G5KEWyW-OXq0NxUQDMBBL1JdtBseaxnKuQFVrKps1GwX4sSUS9n4O1AfAPt69UvdALitnKHb3Sq6S1BVNega7ILe8Qeh

Request Chain 221

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBfttD2qHBHItajdJw3CBVE&google_cver=1&google_push=ASkJ3FboaGm038WMNGNlgaHxtbELD91n9U7d12ujbWhXMPb9GjaNYy1RIpWqqHDEIb2LcnqWT2wT2nRepq1TVuRkTuGsT-03_mqh HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFGWUM0STAtSS1DQ1JZ&google_push=ASkJ3FboaGm038WMNGNlgaHxtbELD91n9U7d12ujbWhXMPb9GjaNYy1RIpWqqHDEIb2LcnqWT2wT2nRepq1TVuRkTuGsT-03_mqh

Request Chain 222

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFNVtrt12G7OXtd3lwKdcJI&google_cver=1&google_push=ASkJ3Fb3wllw2f1fM6qeNscsGJCGoEWZ2YiPAL9cbiOQzSV_zlqwE_RCPRevfgJ3Y3tgNDTGkr63xwYGo7GI9YDgyvgQc_BtXk37 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFNVtrt12G7OXtd3lwKdcJI&google_hm=Y3F1H90V5uXLOufgSEsR6AAAFDwAAAAB&google_nid=index&google_push=ASkJ3Fb3wllw2f1fM6qeNscsGJCGoEWZ2YiPAL9cbiOQzSV_zlqwE_RCPRevfgJ3Y3tgNDTGkr63xwYGo7GI9YDgyvgQc_BtXk37

Request Chain 223

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEBDfS_o8r--efTeHc4yeJBw&google_cver=1&google_push=ASkJ3FYyimw36bt6P4whse8XLe5lJdr81b711oKtWnrnma7jESkh8nWbJHYTMHlH1LhLeoNckfgCFkcVX7NxSrxjNwfz5kM0s5u31A HTTP 302
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEBDfS_o8r--efTeHc4yeJBw&google_cver=1&google_push=ASkJ3FYyimw36bt6P4whse8XLe5lJdr81b711oKtWnrnma7jESkh8nWbJHYTMHlH1LhLeoNckfgCFkcVX7NxSrxjNwfz5kM0s5u31A&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1hRF9pSmtwRTJ1R19NeWFQdGlOM2tkd3NmNXVCSE9lMH5B&google_push=ASkJ3FYyimw36bt6P4whse8XLe5lJdr81b711oKtWnrnma7jESkh8nWbJHYTMHlH1LhLeoNckfgCFkcVX7NxSrxjNwfz5kM0s5u31A

Request Chain 301

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDnj86ZywEQ9AMY9AMyCGN8MsJOAEwL HTTP 301
https://tpc.googlesyndication.com/simgad/4091503581208051288

Request Chain 303

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDnj86ZywEQ9AMY9AMyCGN8MsJOAEwL HTTP 301
https://tpc.googlesyndication.com/simgad/4091503581208051288

Request Chain 308

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 320

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPYIXu9_-Ard5FHUxEeQwS0&google_cver=1&google_push=ASkJ3FaNOr__zAS314CjMFOTbjDHp4VLIbmhinoX_Qkof9jwYPCu4o3oOd6p8u1KFVZURY1q0I9XJXx-z4SmZYNchZOQ1IwHqYzo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UHAyWG9uQ2ExT1VsUE41&google_gid=CAESEPYIXu9_-Ard5FHUxEeQwS0&google_cver=1&google_push=ASkJ3FaNOr__zAS314CjMFOTbjDHp4VLIbmhinoX_Qkof9jwYPCu4o3oOd6p8u1KFVZURY1q0I9XJXx-z4SmZYNchZOQ1IwHqYzo

Request Chain 321

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESELzFbXX36w9e9XDvtyntylw&google_cver=1&google_push=ASkJ3FYfXbdeEtV9cAQvnScgt2vwiFDhN7JQwzqPT8XUeVNljqw4Rowomt2o6JrU4zN4j2pcILetk4Ntw0LnOlMkO3rUgHH0B7vF HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=X1hjcXUfRwCwcbc3bn-Krg&google_push=ASkJ3FYfXbdeEtV9cAQvnScgt2vwiFDhN7JQwzqPT8XUeVNljqw4Rowomt2o6JrU4zN4j2pcILetk4Ntw0LnOlMkO3rUgHH0B7vF

Request Chain 322

https://um.simpli.fi/gp_match?google_gid=CAESEGrOe2KLv5-FCAuOn6tyA8A&google_cver=1&google_push=ASkJ3FZEGnzitqMsPxaD6xs-HAxwmRHSJYWEIMN4cN1t2hkUNeWCaP5NRNqMYFQVsMQRLSzXj--xW62haXkH0U-5pYdd1NrCR0k HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2B88845C29BB4067A8FE0B6B3053AA53&google_push=ASkJ3FZEGnzitqMsPxaD6xs-HAxwmRHSJYWEIMN4cN1t2hkUNeWCaP5NRNqMYFQVsMQRLSzXj--xW62haXkH0U-5pYdd1NrCR0k

Request Chain 324

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESECVjAJ7-fSuEtr4aq0XFYMo&google_cver=1&google_push=ASkJ3FahP7OCbJigbWY0gMX5rISX1fYM99TKXzmaOT5hndJgENl43AItygTPg7ltZ1tbXGWrCQ_J6keFWpMSFDJr_6Bg81gleiyv HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE2NTYzNzI2MjQyNTU4NTgwOA%3D%3D&google_push=ASkJ3FahP7OCbJigbWY0gMX5rISX1fYM99TKXzmaOT5hndJgENl43AItygTPg7ltZ1tbXGWrCQ_J6keFWpMSFDJr_6Bg81gleiyv

Request Chain 325

https://ads.travelaudience.com/google_pixel?google_gid=CAESECzRnN0RgSdVhD6lAfz4V6I&google_cver=1&google_push=ASkJ3FZ2r9oExEUkEq3UPdR1KZKFi50IKNIZBuhD7iiRsy-mt5lZsS6a3LTuj_TbSfq4lpjaw-GSC7l2IFDDsXWll7Y-0atVvxE HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=O9z-SUuvQcGJVNggll23Ww2&google_push=ASkJ3FZ2r9oExEUkEq3UPdR1KZKFi50IKNIZBuhD7iiRsy-mt5lZsS6a3LTuj_TbSfq4lpjaw-GSC7l2IFDDsXWll7Y-0atVvxE

Request Chain 326

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESECsch3FSuF6ONTbVNKOWMSg&google_cver=1&google_push=ASkJ3FbbHVvwgOjb6lzBP8C_HJX1X6qwK8uCRT7mtmAJxixtsyriSPECf12rwDjuR0z6tOIPTpbIQtHXMd-fovKpXchyaBcYGgh9 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTA3OTIzMDA5MTM1MTM3ODUyMA&google_push=ASkJ3FbbHVvwgOjb6lzBP8C_HJX1X6qwK8uCRT7mtmAJxixtsyriSPECf12rwDjuR0z6tOIPTpbIQtHXMd-fovKpXchyaBcYGgh9

Request Chain 328

https://um.simpli.fi/gp_match?google_gid=CAESEGrOe2KLv5-FCAuOn6tyA8A&google_cver=1&google_push=ASkJ3Fb5gzBkdQms0AwUPKm375eU5zAQB04fexrglPmjreSZrh4RdJkMxo2hjVwIUUlT5FUkoIgozpQ-ErmW1_6GLXFTqBnA1VBm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2B88845C29BB4067A8FE0B6B3053AA53&google_push=ASkJ3Fb5gzBkdQms0AwUPKm375eU5zAQB04fexrglPmjreSZrh4RdJkMxo2hjVwIUUlT5FUkoIgozpQ-ErmW1_6GLXFTqBnA1VBm

Request Chain 330

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESECVjAJ7-fSuEtr4aq0XFYMo&google_cver=1&google_push=ASkJ3FYpJyRxAyEp2UbS6eyiSe24Jzb5llVyz066xGv9v49sQGmMC4hzHD3Myf_HpmhAG3EPCZi-Ivl0ykyamDgIFQ5X72zgBIm8DA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE2NTYzNzI2MjQyNTU4NTgwOA%3D%3D&google_push=ASkJ3FYpJyRxAyEp2UbS6eyiSe24Jzb5llVyz066xGv9v49sQGmMC4hzHD3Myf_HpmhAG3EPCZi-Ivl0ykyamDgIFQ5X72zgBIm8DA

Request Chain 331

https://ads.travelaudience.com/google_pixel?google_gid=CAESECzRnN0RgSdVhD6lAfz4V6I&google_cver=1&google_push=ASkJ3Fanr9eFeNx4B9E9xs4IpYM3inbcCFzrsR9MhRAbNemAy6z9dzABrXZ1kdOx_O2bdkiminPbwpdXM-EGBXB6_SBmwYWOoFLP HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=O9z-SUuvQcGJVNggll23Ww2&google_push=ASkJ3Fanr9eFeNx4B9E9xs4IpYM3inbcCFzrsR9MhRAbNemAy6z9dzABrXZ1kdOx_O2bdkiminPbwpdXM-EGBXB6_SBmwYWOoFLP

Request Chain 332

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESELzKtMe2jTJAXTUo5Bz6z9I&google_cver=1&google_push=ASkJ3FYiwg-XTn8XF3U7hsGGUBNU8PXuUctht0aNj-loezTBxx_gMxvtHY1vsPX7W6DHcDcckW_ideuRX5O-TksRwWhnzb4uAzr6hg HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESELzKtMe2jTJAXTUo5Bz6z9I&google_cver=1&google_push=ASkJ3FYiwg-XTn8XF3U7hsGGUBNU8PXuUctht0aNj-loezTBxx_gMxvtHY1vsPX7W6DHcDcckW_ideuRX5O-TksRwWhnzb4uAzr6hg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FYiwg-XTn8XF3U7hsGGUBNU8PXuUctht0aNj-loezTBxx_gMxvtHY1vsPX7W6DHcDcckW_ideuRX5O-TksRwWhnzb4uAzr6hg&google_hm=A82S1kCfSYGxkWpqUpGxjw==

Request Chain 333

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEMJ_ejcel56pnAEILohIfNU&google_cver=1&google_push=ASkJ3FYi0ewJcNyN2OdYt9jHZJsE56DEDET0WfwhkEWHiM92VEgM9e7UVKgRb8b7jlJaCS9vmiE-njQdd8ToN8S1d4r2Kdwo2UA_Iw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FYi0ewJcNyN2OdYt9jHZJsE56DEDET0WfwhkEWHiM92VEgM9e7UVKgRb8b7jlJaCS9vmiE-njQdd8ToN8S1d4r2Kdwo2UA_Iw&google_hm=NjczODMwMDA5MDIzMzAzNTczMA%3D%3D

Request Chain 334

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESECsch3FSuF6ONTbVNKOWMSg&google_cver=1&google_push=ASkJ3Fb0uTMHdYfKsvyfdjN8QUwNDO-AG0QMUez3K9XfXYnk2eJSE8eBpvCJYSgugurfR1VdR8HYExOtV7tt52vrT1PkAzEbbLa7iw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTA3OTIzMDA5MTM1MTM3ODUyMA&google_push=ASkJ3Fb0uTMHdYfKsvyfdjN8QUwNDO-AG0QMUez3K9XfXYnk2eJSE8eBpvCJYSgugurfR1VdR8HYExOtV7tt52vrT1PkAzEbbLa7iw

Request Chain 338

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPYIXu9_-Ard5FHUxEeQwS0&google_cver=1&google_push=ASkJ3Fbeke7XfeN6F4PumBMeyrj5D7UY7a6PLvZcZGX7QY7uS_0Koi_Z6ZdiE4s2OZl0kmllM1f6LMaHnD8Mke-GHsuL8GbgEaw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UHAyWG9uQ2ExT1VsUE41&google_gid=CAESEPYIXu9_-Ard5FHUxEeQwS0&google_cver=1&google_push=ASkJ3Fbeke7XfeN6F4PumBMeyrj5D7UY7a6PLvZcZGX7QY7uS_0Koi_Z6ZdiE4s2OZl0kmllM1f6LMaHnD8Mke-GHsuL8GbgEaw

Request Chain 339

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESELzFbXX36w9e9XDvtyntylw&google_cver=1&google_push=ASkJ3FYkWQ9TiRCZZHPHbbBWd5UUaQDcj_w2XS-31D5IibStRgJG-aTtDfOjLLtHy0du79r6iYWm-gY6pWR8WQ9vTlSiwtJRCihZ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=X1hjcXUfRwCwcbc3bn-Krg&google_push=ASkJ3FYkWQ9TiRCZZHPHbbBWd5UUaQDcj_w2XS-31D5IibStRgJG-aTtDfOjLLtHy0du79r6iYWm-gY6pWR8WQ9vTlSiwtJRCihZ

Request Chain 341

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESECVjAJ7-fSuEtr4aq0XFYMo&google_cver=1&google_push=ASkJ3FZcb5LWQQqZATsdm-ehiUpFvM7NU3WWijg17Ewe7_AE-P1f90DHWUUB74k-Fa6W_B-JXN2dBe5cTIjpzxzBPrzZr_rEr-M HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE2NTYzNzI2MjQyNTU4NTgwOA%3D%3D&google_push=ASkJ3FZcb5LWQQqZATsdm-ehiUpFvM7NU3WWijg17Ewe7_AE-P1f90DHWUUB74k-Fa6W_B-JXN2dBe5cTIjpzxzBPrzZr_rEr-M

Request Chain 342

https://ads.travelaudience.com/google_pixel?google_gid=CAESECzRnN0RgSdVhD6lAfz4V6I&google_cver=1&google_push=ASkJ3FaJ0vWgOh_ejtKQSqTylHiow7r0Yd1RG9dCVzSM9tgpxN2HxA17vNRrU-FZO0lF4xXaX65-KFCc9FXiQnmBIAg2G94r3IPI HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=O9z-SUuvQcGJVNggll23Ww2&google_push=ASkJ3FaJ0vWgOh_ejtKQSqTylHiow7r0Yd1RG9dCVzSM9tgpxN2HxA17vNRrU-FZO0lF4xXaX65-KFCc9FXiQnmBIAg2G94r3IPI

Request Chain 343

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESELzKtMe2jTJAXTUo5Bz6z9I&google_cver=1&google_push=ASkJ3FaMc-7a21WmPzXrnlB76kO5CKeiYWatQV2IYraOCz4CWIL4aK_HKnEGWvnnDZ3BedjEag9oCp5efplaUsbLf2rRZtbXtnw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FaMc-7a21WmPzXrnlB76kO5CKeiYWatQV2IYraOCz4CWIL4aK_HKnEGWvnnDZ3BedjEag9oCp5efplaUsbLf2rRZtbXtnw&google_hm=

Request Chain 344

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEMJ_ejcel56pnAEILohIfNU&google_cver=1&google_push=ASkJ3FZp9ad0cz9FbiyIdtVXBgxwGvKiV9_c4s95V87r9bGOvJH4a6i7-fW4ix_h0JprlXgBEb24Khj_nC_HWwy7XL7rhNcptJg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FZp9ad0cz9FbiyIdtVXBgxwGvKiV9_c4s95V87r9bGOvJH4a6i7-fW4ix_h0JprlXgBEb24Khj_nC_HWwy7XL7rhNcptJg&google_hm=NjczODMwMDA5MDIzMzAzNTczMA%3D%3D

Request Chain 377

https://gum.criteo.com/sid/json?origin=publishertag&domain=walla.co.il&sn=ChromeSyncframe&so=0&topUrl=www.walla.co.il&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=zxwMs3xobFpaZFp0NmNYWE9lNmdkMmxMZkhGSEk5bUVKVVA3YU9EUm1NYVRnMHQ4YkYzNHZaaFdwMkl6SFhCTG85Mi91eFRIbVhtcVBmQ0NNWlFWSHZvWUxyVUticGtZemVSTWRzK2VDSVg2cXFOK3VNVThxMmJpejQ5bUtIZDkxZ1hSRkxic3pSZ1o3QkxpVzFFam4yYmVONHFoOVlXSmNkQTJWSUhzYndZVWJGQzYyd0FNekRGRWJDcEQ5M1lDYnQvUTlXSzNyd1hFdVZEZGhaOU12OU0zYXZHeGVPazhUY2lJeG83MW5iclEwR21saVVDeitNdVJkenpJL08xcXEwUnYwY2VhckptOEt5M0R5eW55aGh2eXdKUT09fA&cppv=2

Request Chain 378

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.walla.co.il%2F&domain=www.walla.co.il&cw=1&pbt=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=mmPM0HxTREJJcEIwYWZYeE1xUTZGZ1ZqSmxaeWVyMUV4TjhJYkkwMXc3Y0o4dVlpMVFPaVo1WVZXaW9xNXNXaldIVG05Vk02QzR5QjNWM2thQzRXTDBiaFlBbXl4WWJ3MFlnbEZ1VzEyVEdkdDdxb3RYSzl5ZUZzTnUyQ0NLQld4aENQR215YUdMVlUyWlRua2dLZmNYT3RGLzh1cFlxaXEva2JxdG5qWG5uM2NSY0NxOEVhTHU3UFlHS29BRTl1bGhuaHd1UUZxR2ZmQTdPQVJ2VTU5UDllTzZMaTRBckt1and5dDIxQm9WSEhKTGNsVmZnNTZGNmsrR1B4NDF2V0RFMHpOVTROc3ZYNGVkMVh6bmxCaHRkbWJ0dz09fA&cppv=2

Request Chain 397

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=r8GQrq7Hlvm0xJOur5GKqaGWlqi0y5Kur8TPJxWV

Request Chain 398

https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7165637262425585808&gdpr=0&gdpr_consent=

Request Chain 399

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDbDMwN0c0dW9BQUNCWFZVN0NTUQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1

Request Chain 400

https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=xrla2sUSRZ5DAL7wa6Qxz1D_Cs0

Request Chain 401

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=E38BD62B-5B53-45AF-9D2C-894F68FDDC16&gdpr= HTTP 302
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=E38BD62B-5B53-45AF-9D2C-894F68FDDC16&gdpr=&fbounce=1 HTTP 302
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=E38BD62B-5B53-45AF-9D2C-894F68FDDC16&addseg=19,36,42

Request Chain 402

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=E38BD62B-5B53-45AF-9D2C-894F68FDDC16&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=E38BD62B-5B53-45AF-9D2C-894F68FDDC16&sInitiator=external&gdpr=0&gdpr_consent=

Request Chain 404

https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=E38BD62B-5B53-45AF-9D2C-894F68FDDC16 HTTP 302
https://a.audrte.com/p

Request Chain 405

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic HTTP 307
https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic HTTP 302
https://x.bidswitch.net/sync?dsp_id=59&user_id=e914f2bf-ce57-4d2f-9fbf-9cb1e209ccb4&ssp=pubmatic HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=03cd92d6-409f-4981-b191-6a6a5291b18f&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 407

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=E38BD62B-5B53-45AF-9D2C-894F68FDDC16&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-wR3R1o1E2uWNnT4AQR5NmSx_gYjTg6U-~A&gdpr=0&gdpr_consent=

Request Chain 410

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8121903843134960957&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 414

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y3F1H90V5uXLOufgSEsR6AAAFDwAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEFNVtrt12G7OXtd3lwKdcJI&google_cver=1

Request Chain 415

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y3F1H90V5uXLOufgSEsR6AAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELk5tajXrITPgHpat5gIkC4&google_cver=1

Request Chain 417

https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=9079230091351378520&expiration=1669589538

Request Chain 419

https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=9042649650226842289

Request Chain 420

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y3F1H90V5uXLOufgSEsR6AAAFDwAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
https://pr-bh.ybp.yahoo.com/sync/casale/Y3F1H90V5uXLOufgSEsR6AAAFDwAAAAB

Request Chain 422

https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 302
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=71f50e5fc66713a52716e1e4731ef6bc

Request Chain 423

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=DJykAJawR9KxFC8gPfp9uA&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=DJykAJawR9KxFC8gPfp9uA

Request Chain 424

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGhRhZX-QnLCWk9Tv0K9gbE&google_cver=1

Request Chain 425

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=ikGQGP57RoqFDJM2UT_EIw&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=ikGQGP57RoqFDJM2UT_EIw

Request Chain 427

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/CQI1BX_mleh2YAqwrQdcQA?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6738300090233035730

Request Chain 428

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFGWUM0STAtSS1DQ1JZ

Request Chain 429

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LAFYC4I0-I-CCRY

Request Chain 430

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YTE3NDJmM2RkZmFkMmYzMjUwNTg1ODk3MDRhZjEwOWViZWJhYzMxYQ

Request Chain 432

https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid] HTTP 302
https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1

Request Chain 436

https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID&__user_check__=1&sync_id=d3794188-63a5-11ed-a9da-1ee5b9e10506 HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/spotx/d379414e-63a5-11ed-a9da-1ee5b9e10506

Request Chain 437

https://b1sync.zemanta.com/usersync/smilewanted?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Foutbrain%2F__ZUID__ HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0

Request Chain 439

https://ups.analytics.yahoo.com/ups/58618/occ?gdpr=0&gdpr_consent= HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/yahoo/y-V.kV1tNE2uH4VJyuLn3gMTqsg_pHgTnUEt4dLIo-~A&gdpr=0&gdpr_consent=

438 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.walla.co.il/
Redirect Chain

http://walla.com/
https://walla.com/
https://www.walla.co.il/

684 KB
326 KB

47ms
10ms

Document
text/html

52.222.236.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-20.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 6948bb52a65ca8973f6db486ac1cca61ca090f4bad6eab679e96cbcaa540ad07

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 28
cache-control: public, max-age=30
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 13 Nov 2022 22:51:44 GMT
etag: W/"ab16b-Tyilrzz3vHCfnQ2RUHBIy14Dgyw"
server: openresty/1.15.8.1
vary: Accept-Encoding
via: 1.1 7831c78db9d585e32d354900cc00dca6.cloudfront.net (CloudFront)
x-amz-cf-id: jnW_1_z-SeIKbWusvTME-d6W-00QrlG_NpSN9J04dbedT5E7Y5E0jQ==
x-amz-cf-pop: FRA56-P4
x-cache: Hit from cloudfront
x-cached: HIT

Redirect headers

age: 60016
content-length: 0
date: Sun, 13 Nov 2022 06:11:57 GMT
location: https://www.walla.co.il/
server: AmazonS3
via: 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
x-amz-cf-id: d84K74ivL6-Rl8r7JsWoTPD_5G1Z1WFNMlJPzzpFlJoGxHMRKV-2Mw==
x-amz-cf-pop: FRA50-C1
x-cache: Hit from cloudfront

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 79 KB
27 KB 59ms
16ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1efe80f50cf80a04e2fd2f8d37fd916053dc3e6484a114a58618d74757c6b73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 22:52:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27299
x-xss-protection: 0
server: sffe
etag: "1391 / 598 of 1000 / last-modified: 1668208008"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 13 Nov 2022 22:52:12 GMT

GET
H2 200 chartbeat_mab.js Show response
static.chartbeat.com/js/ 23 KB
10 KB 65ms
8ms Script
application/x-javascript 2600:9000:223c:3c00:18:1fcd:351:7bc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_mab.js
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:3c00:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 22:24:13 GMT
content-encoding: gzip
via: 1.1 985c0b2ec44bdebc7f24f26d1e427d30.cloudfront.net (CloudFront)
last-modified: Wed, 20 Jul 2022 00:57:56 GMT
server: nginx
x-amz-cf-pop: FRA56-P2
age: 1679
etag: W/"62d75314-5d6b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-id: swBjCOOEa0hQ0cA6oJzt4Qfc6jolixcLRZxLMxriL5xIxscwJ_fhOg==
expires: Mon, 14 Nov 2022 00:24:13 GMT

GET
H2 200 new-logo-mobile.svg
www.walla.co.il/public/assets/homepage2/ 1 KB
966 B 8ms
8ms Image
image/svg+xml 52.222.236.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/homepage2/new-logo-mobile.svg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-20.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: a1cb876b8d4ac161aa3960063801ce2a3e1f893863524b9132de74867fe9d16b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 14:36:55 GMT
content-encoding: gzip
via: 1.1 7831c78db9d585e32d354900cc00dca6.cloudfront.net (CloudFront)
last-modified: Fri, 11 Nov 2022 14:20:38 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA56-P4
age: 202517
etag: W/"473-184671062f0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-id: 0R3lsr5MJ9AoHIJid099nrapgl_RLyMnbxA_dAdPAY0jh6qe9_VFLw==
x-cached: MISS

GET
H2 200 icon-weather-mobile.svg
www.walla.co.il/public/assets/icons/ 2 KB
1 KB 8ms
8ms Image
image/svg+xml 52.222.236.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/icons/icon-weather-mobile.svg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-20.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: fd3121a04a4b745f71058c38f7902b207de37f86aa3a9674eda80a2baf366382

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 14:36:55 GMT
content-encoding: gzip
via: 1.1 7831c78db9d585e32d354900cc00dca6.cloudfront.net (CloudFront)
last-modified: Fri, 11 Nov 2022 14:20:38 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA56-P4
age: 202517
etag: W/"7ee-184671062f0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-id: qZjS5sMaPNpgSJTHyPnwmS6SEI-NdujU_ERVHBhQZmpOzNql4oXlhg==
x-cached: HIT

GET
H2 200 icon-mail-no-bg.svg
www.walla.co.il/public/assets/homepage2/ 464 B
823 B 8ms
8ms Image
image/svg+xml 52.222.236.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/homepage2/icon-mail-no-bg.svg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-20.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 50795dddaa17612e809ddf339489bc1fdff6f7bcc76115ba6eeb17eccb68eb47

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 14:36:55 GMT
via: 1.1 7831c78db9d585e32d354900cc00dca6.cloudfront.net (CloudFront)
last-modified: Fri, 11 Nov 2022 14:20:38 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA56-P4
age: 202517
etag: W/"1d0-184671062f0"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 464
x-cached: MISS
x-amz-cf-id: 316I1R7uJ4HyegzjvpWX6HpCETO5xA6kI91B0LgF08y_04Guzl-ibQ==

GET
H2 200 new-logo.svg
www.walla.co.il/public/assets/homepage2/ 1 KB
991 B 8ms
8ms Image
image/svg+xml 52.222.236.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/homepage2/new-logo.svg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-20.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: a0321d7f4006d1ef24eb6f33f7252ab8bcbb9237a56c49aad5abe30b085ae3fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 14:36:55 GMT
content-encoding: gzip
via: 1.1 7831c78db9d585e32d354900cc00dca6.cloudfront.net (CloudFront)
last-modified: Fri, 11 Nov 2022 14:20:38 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA56-P4
age: 202517
etag: W/"492-184671062f0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-id: 5DPX_JcFbXTtK0bqisxLmNG9_32C3SaiEcLtr54WYJLzNQHMEewKCA==
x-cached: MISS

GET
H2 200 allay-icon.svg
www.walla.co.il/public/assets/icons/ 3 KB
2 KB 9ms
8ms Image
image/svg+xml 52.222.236.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/icons/allay-icon.svg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-20.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 06629d4561f4f5300f64a9bd017f09f07617d10fe67e3c82feabd39d52aad534

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 14:36:55 GMT
content-encoding: gzip
via: 1.1 7831c78db9d585e32d354900cc00dca6.cloudfront.net (CloudFront)
last-modified: Fri, 11 Nov 2022 14:20:38 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA56-P4
age: 202517
etag: W/"c00-184671062f0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-id: bOi33DwbIfPVoK6FFVx_OguGT4qrAcCk5C_JlQGKAKeC24vGs7-wTQ==
x-cached: MISS

GET
H2 200 yad2.png
www.walla.co.il/public/assets/icons/ 1 KB
1 KB 8ms
8ms Image
image/png 52.222.236.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/icons/yad2.png
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-20.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: a374b60100f2559a33f142d53bf332d5efad58e505683bff5cf0523abacc0274

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 14:36:55 GMT
via: 1.1 7831c78db9d585e32d354900cc00dca6.cloudfront.net (CloudFront)
last-modified: Fri, 11 Nov 2022 14:20:38 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA56-P4
age: 202517
etag: W/"488-184671062f0"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 1160
x-cached: MISS
x-amz-cf-id: g-GZ5WbuFWSKCDpqH3dpgX_oBbHOUfoZaPz7ZRkQZXwdwTv78rrRWg==

GET
H2 200 3457113-46.jpeg
images.wcdn.co.il/f_auto,q_auto,w_700,t_54/3/4/5/7/ 40 KB
41 KB 37ms
10ms Image
image/avif 18.66.122.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wcdn.co.il/f_auto,q_auto,w_700,t_54/3/4/5/7/3457113-46.jpeg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-50.fra60.r.cloudfront.net
Software: cloudinary /
Resource Hash: b988e5d57e79c99a08aab713194a4677e3a81579d560bb44867feec38b54a8fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 21:14:20 GMT
via: 1.1 varnish, 1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 5872
edge-cache-tag: 120139756651817838461720619564066651241,118291521066828225852529435541574966377,d2bce9e04f88d43dd8350e859c701704
cache-tag: 120139756651817838461720619564066651241,118291521066828225852529435541574966377,d2bce9e04f88d43dd8350e859c701704
status: 200 OK
x-cache: Hit from cloudfront
content-length: 41221
x-request-id: 4114fe025b0522e6f10cbf100984a4cb
x-served-by: cache-iad-kiad7000031-IAD
last-modified: Sun, 13 Nov 2022 21:14:21 GMT
server: cloudinary
x-timer: S1668374059.399940,VS0,VE1163
etag: "b7c038cbcfe7b9d047e70e9fcfd70226"
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: 2FIX5ez0ylXsTtsqgaueqhBfw9RDz0T8pxQQIYkud8O2PWT1VijSag==
x-cache-hits: 0

GET
H2 200 invalid-name2.svg
www.walla.co.il/public/assets/shivuki/ 2 KB
1 KB 8ms
8ms Image
image/svg+xml 52.222.236.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/shivuki/invalid-name2.svg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-20.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: ce3152168290b1b92efe3a9ec4ee91acf3b91397b117aecaa158ae938bb826f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 08:58:52 GMT
content-encoding: gzip
via: 1.1 7831c78db9d585e32d354900cc00dca6.cloudfront.net (CloudFront)
last-modified: Fri, 11 Nov 2022 14:20:38 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA56-P4
age: 136400
etag: W/"834-184671062f0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-id: JX9lIhTqrvVrUDa-PBeEpgVh4RKTeXUB1GLjOdri3xz0FzP9Lqu_ew==
x-cached: MISS

GET
H2 200 103fm.png
www.walla.co.il/public/assets/homepage2/radio-stations/ 895 B
1 KB 8ms
8ms Image
image/png 52.222.236.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/homepage2/radio-stations/103fm.png
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-20.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: e28df0d1ecf0a67bfe7db32c3aafada6f839721734581e6a36cd5a5fcdf55fdb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 14:36:55 GMT
via: 1.1 7831c78db9d585e32d354900cc00dca6.cloudfront.net (CloudFront)
last-modified: Fri, 11 Nov 2022 14:20:38 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA56-P4
age: 202517
etag: W/"37f-184671062f0"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 895
x-cached: MISS
x-amz-cf-id: 9fzgwF-Mlo-2YBrGJWtfUF8PLILNUZdFonAKlB2k9T9yoODZUIaf1w==

GET
H2 200 99fm.png
www.walla.co.il/public/assets/homepage2/radio-stations/ 933 B
1 KB 7ms
7ms Image
image/png 52.222.236.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/homepage2/radio-stations/99fm.png
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-20.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 3008b4354e1b60f29f320cfa65b9725167ad632656392673a4785d836bf3f14d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 14:36:55 GMT
via: 1.1 7831c78db9d585e32d354900cc00dca6.cloudfront.net (CloudFront)
last-modified: Fri, 11 Nov 2022 14:20:38 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA56-P4
age: 202517
etag: W/"3a5-184671062f0"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 933
x-cached: MISS
x-amz-cf-id: 6_78-gO7HZXCWHMwVgeyrngtBQzwAuIrzlGDuX6EEHv1pNMfAu5jCA==

GET
H2 200 3454352-46.png
images.wcdn.co.il/f_auto,q_auto,w_300,t_100/3/4/5/4/ 10 KB
10 KB 13ms
8ms Image
image/avif 18.66.122.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wcdn.co.il/f_auto,q_auto,w_300,t_100/3/4/5/4/3454352-46.png
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-50.fra60.r.cloudfront.net
Software: cloudinary /
Resource Hash: 9600ac62d203ae4fa0511fe013885dc1d972aaa3dddd4c936f513903fb1ddd29

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 06:57:50 GMT
via: 1.1 varnish, 1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 57262
edge-cache-tag: 359267456442456505876274559858624055743,134119208106065605577453037400131398643,d2bce9e04f88d43dd8350e859c701704
cache-tag: 359267456442456505876274559858624055743,134119208106065605577453037400131398643,d2bce9e04f88d43dd8350e859c701704
status: 200 OK
x-cache: Hit from cloudfront
content-length: 9870
x-request-id: 22caa3728fbadde9a20e677ed81a1bd9
x-served-by: cache-lga21944-LGA
last-modified: Sun, 13 Nov 2022 06:57:51 GMT
server: cloudinary
x-timer: S1668322668.714713,VS0,VE2550
etag: "1c2b5617723164fd1ddddfb36869da06"
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: 7iND5pa8FfkfMoZ-ZbvNZW4wOU_exWAy1J7Z9UYe1U31NH20EeskRQ==
x-cache-hits: 0

GET
H2 200 3341171-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_100,t_53/3/3/4/1/ 4 KB
5 KB 13ms
9ms Image
image/avif 18.66.122.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wcdn.co.il/f_auto,q_auto,w_100,t_53/3/3/4/1/3341171-46.jpg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-50.fra60.r.cloudfront.net
Software: cloudinary /
Resource Hash: d77d27666cbecfe4cd9149a720ac6abe85c7cae793ae3c90fbfbb608df84d54d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 06:51:31 GMT
via: 1.1 varnish, 1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 489641
edge-cache-tag: 427256996032750856864594949422871261604,126791851644153346182560705225699570347,d2bce9e04f88d43dd8350e859c701704
cache-tag: 427256996032750856864594949422871261604,126791851644153346182560705225699570347,d2bce9e04f88d43dd8350e859c701704
x-cache: Hit from cloudfront
content-length: 4386
x-served-by: cache-iad-kiad7000149-IAD
last-modified: Tue, 20 Sep 2022 06:48:21 GMT
server: cloudinary
x-timer: S1667890291.177622,VS0,VE101
etag: "e058d4498910311c89f1e7317465267b"
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: 0D1Smgz1aErQV96K28zCqiLHinyd2FfWD_J80g9vhShbt0lbQm1fyw==
x-cache-hits: 0

GET
H2 200 3438192-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_100,t_53/3/4/3/8/ 2 KB
3 KB 14ms
9ms Image
image/avif 18.66.122.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wcdn.co.il/f_auto,q_auto,w_100,t_53/3/4/3/8/3438192-46.jpg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-50.fra60.r.cloudfront.net
Software: cloudinary /
Resource Hash: 329c00fdc7df7eb6447eef456731a9946f6454cf330e00bf84657528aaf94398

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 06:52:12 GMT
via: 1.1 varnish, 1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 489600
edge-cache-tag: 345398374971869483024922264429966639118,126791851644153346182560705225699570347,d2bce9e04f88d43dd8350e859c701704
cache-tag: 345398374971869483024922264429966639118,126791851644153346182560705225699570347,d2bce9e04f88d43dd8350e859c701704
status: 200 OK
x-cache: Hit from cloudfront
content-length: 1830
x-request-id: a23631cc2612bfbd24710f9d2cc0cefb
x-served-by: cache-iad-kiad7000098-IAD
last-modified: Tue, 08 Nov 2022 06:52:13 GMT
server: cloudinary
x-timer: S1667890330.040179,VS0,VE2523
etag: "654bb7630c694ef84d451ebddedc2c77"
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: HnqxnJYug1icQf5pP10K8oG-kTVQUgn7awPhm5XJc2eMFaDJsSWUwg==
x-cache-hits: 0

GET
H2 200 3436105-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/4/3/6/ 4 KB
5 KB 14ms
10ms Image
image/avif 18.66.122.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/4/3/6/3436105-46.jpg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-50.fra60.r.cloudfront.net
Software: cloudinary /
Resource Hash: 27a7579151180b7c5ef216637a18c1d425a0ef4e69442e41845a573ae0009757

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 10:58:14 GMT
via: 1.1 varnish, 1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 4881238
edge-cache-tag: 425424283544705428986993665865147059805,212496020108147977840311483917559093332,d2bce9e04f88d43dd8350e859c701704
cache-tag: 425424283544705428986993665865147059805,212496020108147977840311483917559093332,d2bce9e04f88d43dd8350e859c701704
status: 200 OK
x-cache: Hit from cloudfront
content-length: 4261
x-request-id: 4f01f8800fdee3ca331b1fc9131b0562
x-served-by: cache-iad-kjyo7100079-IAD
last-modified: Sun, 18 Sep 2022 10:58:15 GMT
server: cloudinary
x-timer: S1663498694.462081,VS0,VE374
etag: "40d7a1c93dc934efa7a5bde7b727f3ce"
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: 4UH_tPkUTNQFlZf-C7lCO4RHcU2-YncCWInbTHoFCQvwdA8VOvusTw==
x-cache-hits: 0

GET
H2 200 liga-banner-desktop.png
www.walla.co.il/public/assets/sport/ 294 KB
295 KB 18ms
14ms Image
image/png 52.222.236.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/sport/liga-banner-desktop.png
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-20.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 8674c690e379aa2d7f8f84624402dc41902336d4c7044a931e34e247839463a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 14:36:55 GMT
via: 1.1 7831c78db9d585e32d354900cc00dca6.cloudfront.net (CloudFront)
last-modified: Fri, 11 Nov 2022 14:20:38 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA56-P4
age: 202517
etag: W/"499a6-184671062f0"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 301478
x-cached: MISS
x-amz-cf-id: hkF_vLcF05nTC-oTSWE88aaOJdD0LDrdFe2HniV3j9Ktrk94JvIqPw==

GET
H2 200 mishpati.png
www.walla.co.il/public/assets/icons/homepage/ 4 KB
4 KB 14ms
10ms Image
image/png 52.222.236.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/icons/homepage/mishpati.png
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-20.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 03baca21d7a98bc118436bcb698ecaafefff81373d472afdf259fdfe3f5c1a03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 14:36:55 GMT
via: 1.1 7831c78db9d585e32d354900cc00dca6.cloudfront.net (CloudFront)
last-modified: Fri, 11 Nov 2022 14:20:38 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA56-P4
age: 202517
etag: W/"f8c-184671062f0"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 3980
x-cached: HIT
x-amz-cf-id: SQtb2ZFm_oNH5x89q_m3QRyIzyic0aKqWK2Mx7fh2YsVqrK5z9xiPg==

GET
H2 200 3329203-46.png
img.wcdn.co.il/f_auto,w_66/3/3/2/9/ 732 B
1 KB 42ms
7ms Image
image/png 52.222.214.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.wcdn.co.il/f_auto,w_66/3/3/2/9/3329203-46.png
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-80.fra56.r.cloudfront.net
Software: cloudinary /
Resource Hash: de6bf035e9195f0b9f69ddc8a8a0431deaa22504c56412d03dd103beb35ab2d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 23:01:24 GMT
via: 1.1 varnish, 1.1 82514a5a8cf35fb3132b0b5ab9cb724c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 4837848
edge-cache-tag: 315444705734958248972687902270172938779,275138840448101508428674266858349850681,d2bce9e04f88d43dd8350e859c701704
cache-tag: 315444705734958248972687902270172938779,275138840448101508428674266858349850681,d2bce9e04f88d43dd8350e859c701704
x-cache: Hit from cloudfront
content-length: 732
x-served-by: cache-lga21922-LGA
last-modified: Mon, 03 Jan 2022 09:47:54 GMT
server: cloudinary
x-timer: S1663542084.021609,VS0,VE26
etag: "79624ac971cffa490d9827a952393183"
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: uk7Rh9BbskYvHDOfwCBDD6Wc1lG2UQPNBc6D5OpuAf0gkCb6pvMlLQ==
x-cache-hits: 1

GET
H2 200 career.jpg
www.walla.co.il/public/assets/icons/homepage/ 3 KB
3 KB 18ms
15ms Image
image/jpeg 52.222.236.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/icons/homepage/career.jpg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-20.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: edd4d9c515c398baf420a025641816721bdc7f67945144fe15a1058f6c75e667

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 14:36:55 GMT
via: 1.1 7831c78db9d585e32d354900cc00dca6.cloudfront.net (CloudFront)
last-modified: Fri, 11 Nov 2022 14:20:38 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA56-P4
age: 202517
etag: W/"be7-184671062f0"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 3047
x-cached: HIT
x-amz-cf-id: juw9JdbQduiEky-oKb4ixNX03cZeyp9BAfaS_nT-vHZ_ib7KmGPxYg==

GET
H2 200 mazaltov-logo-new.png
www.walla.co.il/public/assets/icons/homepage/ 2 KB
3 KB 14ms
11ms Image
image/png 52.222.236.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/icons/homepage/mazaltov-logo-new.png
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-20.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 9c2fff24329f1fe904135f52256900469efd1e77ae3da4b0f528094cd2123e1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 06:23:13 GMT
via: 1.1 7831c78db9d585e32d354900cc00dca6.cloudfront.net (CloudFront)
last-modified: Fri, 11 Nov 2022 14:20:38 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA56-P4
age: 145739
etag: W/"9ce-184671062f0"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 2510
x-cached: MISS
x-amz-cf-id: RjM6RYlogvJ-7Mylb6X6JtEABL6lgxLlM1hEPhPXowkP7_VZpDhwaQ==

GET
H2 200 new-logo-walla-negativ.png
www.walla.co.il/public/assets/icons/ 636 B
991 B 18ms
15ms Image
image/png 52.222.236.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/icons/new-logo-walla-negativ.png
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-20.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: f6a69ae74374cd68efa0256c89a99d1cccbb7095e33ffb88d1ae54ee900d4741

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 14:36:56 GMT
via: 1.1 7831c78db9d585e32d354900cc00dca6.cloudfront.net (CloudFront)
last-modified: Fri, 11 Nov 2022 14:20:38 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA56-P4
age: 202516
etag: W/"27c-184671062f0"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 636
x-cached: MISS
x-amz-cf-id: 1xYkMvI3_8CVf5gRrz63dg9J7uuAuXuBD0D1OddGsk8RaKajgHpy5g==

GET
H2 200 148_b9895f2e6081dbbe3808_b9895f2e6081dbbe3808_walla.js Show response
www.walla.co.il/public/ 11 KB
4 KB 14ms
11ms Script
application/javascript 52.222.236.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.walla.co.il/public/148_b9895f2e6081dbbe3808_b9895f2e6081dbbe3808_walla.js
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-20.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: d1dc5d7ef07dd2dfa57bd99bab5e04a2eccd2b5a5a8810110d1bea166429a63a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 14:36:55 GMT
content-encoding: gzip
via: 1.1 7831c78db9d585e32d354900cc00dca6.cloudfront.net (CloudFront)
last-modified: Fri, 11 Nov 2022 14:23:00 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA56-P4
age: 202517
etag: W/"2bc4-18467128da0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=2592000
x-amz-cf-id: MmUBaDXXENsBUAiEQw08NOEc2IDJIuj7vW30Q6ClK1nofpukvyGPag==
x-cached: MISS

GET
H2 200 504_d27adc7f60512ad1070a_d27adc7f60512ad1070a_walla.js Show response
www.walla.co.il/public/ 310 KB
101 KB 14ms
11ms Script
application/javascript 52.222.236.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.walla.co.il/public/504_d27adc7f60512ad1070a_d27adc7f60512ad1070a_walla.js
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-20.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: de6ab45bdbef1c6e8c85040c7fc011b8ed4a7938ed0ecbf4e214e35e90fde88b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 14:36:54 GMT
content-encoding: gzip
via: 1.1 7831c78db9d585e32d354900cc00dca6.cloudfront.net (CloudFront)
last-modified: Fri, 11 Nov 2022 14:23:00 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA56-P4
age: 202518
etag: W/"4d6af-18467128da0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=2592000
x-amz-cf-id: Xa6TskWR3UDEq7zAfxxets2s1xqmdY68959d_69Gt2b2k7hQ1NgVqQ==
x-cached: MISS

GET
H2 200 main_51e4b430cef2fa4cd12f_51e4b430cef2fa4cd12f_walla.js Show response
www.walla.co.il/public/ 1 MB
260 KB 18ms
15ms Script
application/javascript 52.222.236.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.walla.co.il/public/main_51e4b430cef2fa4cd12f_51e4b430cef2fa4cd12f_walla.js
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-20.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 2713683f3edf1c3be898ab22a50a07b58f2c9185611548e5daff9264fe40a9fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 13:35:32 GMT
content-encoding: gzip
via: 1.1 7831c78db9d585e32d354900cc00dca6.cloudfront.net (CloudFront)
last-modified: Sun, 13 Nov 2022 13:19:59 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA56-P4
age: 33400
etag: W/"12053d-18471259418"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=2592000
x-amz-cf-id: nbiaA0P5tczAMqlNJbz2t1Y4M-D7S-eOoYIGOhHpWyFaIHL2nLzIsg==
x-cached: MISS

GET
H2 200 510_a2dcb14e332eca09140a_a2dcb14e332eca09140a_walla.js Show response
www.walla.co.il/public/ 14 KB
4 KB 16ms
13ms Script
application/javascript 52.222.236.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.walla.co.il/public/510_a2dcb14e332eca09140a_a2dcb14e332eca09140a_walla.js
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-20.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: b95f7c8b2cb9da1713e5647fc88caad59ccf9f1be673d331f98a020e12a92dc5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 14:36:55 GMT
content-encoding: gzip
via: 1.1 7831c78db9d585e32d354900cc00dca6.cloudfront.net (CloudFront)
last-modified: Fri, 11 Nov 2022 14:23:00 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA56-P4
age: 202517
etag: W/"3813-18467128da0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=2592000
x-amz-cf-id: twC15fwu9wwemeAU8kcT0PeaSsuvlj1A4ukg6se5FUvCudCim8YEBQ==
x-cached: MISS

GET
H2 200 homepage_d9417e3f7c98a24c1168_d9417e3f7c98a24c1168_walla.js Show response
www.walla.co.il/public/ 268 KB
52 KB 18ms
16ms Script
application/javascript 52.222.236.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.walla.co.il/public/homepage_d9417e3f7c98a24c1168_d9417e3f7c98a24c1168_walla.js
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-20.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 7ce6f082891e1396d72da44a14d7de0e87f35875a2088cf440dfb48f55dfc1a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 13:35:56 GMT
content-encoding: gzip
via: 1.1 7831c78db9d585e32d354900cc00dca6.cloudfront.net (CloudFront)
last-modified: Sun, 13 Nov 2022 13:19:59 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA56-P4
age: 33376
etag: W/"43089-18471259418"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=2592000
x-amz-cf-id: HwyIsw_RG20prET1YFrpXM7e2b35j2emWAHmyzqt3IhUTXvpkcHIdg==
x-cached: MISS

GET
H2 200 pubads_impl_2022110801.js Show response
securepubads.g.doubleclick.net/gpt/ 382 KB
129 KB 59ms
8ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js?cb=31070836

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

387dfc092f85b10bf8322f9f18a2b274e89eed297b9c02a336ad6b274552c1e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Fri, 11 Nov 2022 12:45:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 209224
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131898
x-xss-protection: 0
last-modified: Tue, 08 Nov 2022 09:38:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 11 Nov 2023 12:45:08 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 918 B
934 B 66ms
16ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.walla.co.il

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8123d1da6144b35d808fb5407f0f5255ff0ec2d543f2aed62502ba2fc3c92c05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 22:52:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 298
x-xss-protection: 0
expires: Sun, 13 Nov 2022 22:52:12 GMT

GET
H2 200 walla-v2-prod.js Show response
cdn.valuad.cloud/hb/ 908 KB
246 KB 129ms
75ms Script
application/javascript 205.185.216.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1668297600000

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

cdfeed9ef310a87610cc594da83f2f0c3a743acd08f819399c1eedc52c86c3f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 22:52:12 GMT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
last-modified: Sun, 13 Nov 2022 18:37:24 GMT
x-amz-request-id: tx0000000000000383b1051-0063713968-2b9ec190-fra1a
etag: "3068c0acf7919724a93372bf0bca9e3b"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1668379932.dop220.fr8.t,1668379932.cds262.fr8.hn,1668379932.cds107.fr8.c
content-type: application/javascript
x-rgw-object-type: Normal
cache-control: public, max-age=86400
accept-ranges: bytes
content-length: 251252

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 97 KB
29 KB 64ms
8ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67F3) /
Resource Hash: c02444f391e8655e79ff8d7d4cb69c3426c3bffbf8731a994fa23aed0f641d12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Sun, 13 Nov 2022 22:52:12 GMT
Content-Encoding: gzip
Age: 968
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length: 29221
x-amzn-internal-status: 304
Last-Modified: Wed, 02 Nov 2022 19:43:37 GMT
Server: ECS (frb/67F3)
Etag: "6633f9603c759c40d9b200995454f17c+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800
Vary: Accept-Encoding

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 405 KB
83 KB 48ms
16ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T728TH

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ab97567e503e761b4b25446a54c0d386a7f5befa151131b1fa99a0f0f357c1d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 22:52:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84951
x-xss-protection: 0
last-modified: Sun, 13 Nov 2022 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 13 Nov 2022 22:52:12 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 454 KB
64 KB 84ms
52ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WGMK7ZS

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a52388801fb740d0f7bb2b253645242e97b70b90f07b42989bf0e5d552d50ded

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 22:52:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65541
x-xss-protection: 0
last-modified: Sun, 13 Nov 2022 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 13 Nov 2022 22:52:12 GMT

GET
H2 200 wallawb.js Show response
cf.dxmcdn.com/dta/ 4 KB
2 KB 62ms
7ms Script
application/javascript 2600:9000:223d:4200:11:da61:a100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cf.dxmcdn.com/dta/wallawb.js
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:4200:11:da61:a100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 94c0a6a1ca27813a96c8286b7e1e6dee5b6af23babad416606784366748417b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: qZmD6iSiSNKopHEgv3XRn4Et4epkBb1Z
content-encoding: gzip
via: 1.1 8af5231b014ab5e8c35000dd4cf4b68c.cloudfront.net (CloudFront)
date: Sun, 13 Nov 2022 05:39:41 GMT
last-modified: Sun, 29 May 2022 13:46:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
age: 61953
etag: W/"c6a8b1a7ee5ce83efe089c14c99eefad"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: dbzV9MxPgyROTSqkUuexSiVmDJ0wO7HF3IwSCAAoDPpbP9qLiB8nZQ==

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 37 KB
15 KB 13ms
12ms Script
application/x-javascript 2600:9000:223c:3c00:18:1fcd:351:7bc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:3c00:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 300706e57de1a7af148bd670379c4b39bb36dda8160e42d92747a3139af37816

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 22:51:35 GMT
content-encoding: gzip
via: 1.1 985c0b2ec44bdebc7f24f26d1e427d30.cloudfront.net (CloudFront)
last-modified: Wed, 20 Jul 2022 00:50:34 GMT
server: nginx
x-amz-cf-pop: FRA56-P2
age: 37
etag: W/"62d7515a-933f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-id: qaSQbaGNuT5E9fHYgJq33bUQLtnFxA9ewPC0s0aUvBAXh9u2PiNM1A==
expires: Mon, 14 Nov 2022 00:51:35 GMT

GET
H2 200 google.gif
www.walla.co.il/public/assets/icons/ 1 KB
2 KB 28ms
27ms Image
image/gif 52.222.236.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/icons/google.gif
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-20.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: a9556451882c7b86d689ee82a86c2b360cf0acea6d92a4165c80054371e52336

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 14:36:55 GMT
via: 1.1 7831c78db9d585e32d354900cc00dca6.cloudfront.net (CloudFront)
last-modified: Fri, 11 Nov 2022 14:20:38 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA56-P4
age: 202517
etag: W/"5b6-184671062f0"
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 1462
x-cached: MISS
x-amz-cf-id: fPfWCbHYEt5xPm2RegUWxRhDnI_Vy8a-3zHCr757vSWE2lwaweDInQ==

GET
H2 200 icon-serch.svg
www.walla.co.il/public/assets/homepage2/ 743 B
1 KB 24ms
23ms Image
image/svg+xml 52.222.236.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/homepage2/icon-serch.svg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-20.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: b7ee2e2c1f36198a263d4d442d6752e78d61fecd54473cb5c1c3dbb8b6053817

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 14:36:55 GMT
via: 1.1 7831c78db9d585e32d354900cc00dca6.cloudfront.net (CloudFront)
last-modified: Fri, 11 Nov 2022 14:20:38 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA56-P4
age: 202517
etag: W/"2e7-184671062f0"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 743
x-cached: MISS
x-amz-cf-id: ANcmg4ToUQImrA7jmo_y5r6ZLyJSIAVgPgS3UJk2ueV9JHO6VGymCA==

GET
H2 200 icon-5-g.svg
www.walla.co.il/public/assets/icons/ 3 KB
1 KB 26ms
25ms Image
image/svg+xml 52.222.236.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/icons/icon-5-g.svg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-20.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 9e3035b7f5b0074bf8401e498b2160a29e3f13741f03e537ad98e9a1836a701f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 14:36:55 GMT
content-encoding: gzip
via: 1.1 7831c78db9d585e32d354900cc00dca6.cloudfront.net (CloudFront)
last-modified: Fri, 11 Nov 2022 14:20:38 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA56-P4
age: 202517
etag: W/"b30-184671062f0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-id: c1rVyYhltrkiurdQogjcHsLn_rHxA7zICQJggSYiAXNQXpEvI4u7IA==
x-cached: MISS

GET
H2 200 icon-wather.svg
www.walla.co.il/public/assets/icons/ 2 KB
1 KB 26ms
26ms Image
image/svg+xml 52.222.236.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/icons/icon-wather.svg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-20.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: c2095f6920579eb6938ef2ddecc5652d5a9557555a32b019969e329a93731897

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 01:15:56 GMT
content-encoding: gzip
via: 1.1 7831c78db9d585e32d354900cc00dca6.cloudfront.net (CloudFront)
last-modified: Fri, 11 Nov 2022 14:20:38 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA56-P4
age: 77776
etag: W/"85c-184671062f0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-id: gjY8hfmbBMkjTipVcMX-b4PaJuJD1D8ZGwTmJUNPgF86gLqql9GU_Q==
x-cached: MISS

GET
H2 200 icon-mail-empty.svg
www.walla.co.il/public/assets/homepage2/ 1 KB
1 KB 28ms
27ms Image
image/svg+xml 52.222.236.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/homepage2/icon-mail-empty.svg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-20.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 56dc3f20e9bfd5faaa6cb74b9e2b1c4f6ef120732aa1f111b56e988123800fbd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 14:36:55 GMT
content-encoding: gzip
via: 1.1 7831c78db9d585e32d354900cc00dca6.cloudfront.net (CloudFront)
last-modified: Fri, 11 Nov 2022 14:20:38 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA56-P4
age: 202517
etag: W/"5f6-184671062f0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-id: s_HHHPVErgjDD-F4C32J9lIiOs4FdYghrzEv70zO0csvTBinVp7UpQ==
x-cached: MISS

GET
H2 200 almoni-neue-aaa-600.woff
www.walla.co.il/public/font/almoni/ 58 KB
59 KB 26ms
26ms Font
font/woff 52.222.236.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.walla.co.il/public/font/almoni/almoni-neue-aaa-600.woff
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-20.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 963bd10345f70bf05d8735d5e33a7586d1c4b5e8a5b45861d36febe8be0d9af8

Request headers

Referer: https://www.walla.co.il/
Origin: https://www.walla.co.il
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 14:36:55 GMT
via: 1.1 7831c78db9d585e32d354900cc00dca6.cloudfront.net (CloudFront)
last-modified: Fri, 11 Nov 2022 14:20:38 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA56-P4
age: 202517
etag: W/"e954-184671062f0"
x-cache: Hit from cloudfront
content-type: font/woff
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 59732
x-cached: MISS
x-amz-cf-id: TIlQjnbmCoS9OSntnvQOG0PQwo83FliYHyinJxnfRlOcWDMizuJ_Vg==

GET
H2 200 / Show response
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 4 KB
1 KB 39ms
8ms XHR
application/json 2a04:4e42::714
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=walla.co.il&domain=walla.co.il&path=%2F
Requested by: Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 23c65fc4a570ae4670bd0a6c5167cb723427807653228e62c623f81bfdc6360a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-cache-hits: 1
date: Sun, 13 Nov 2022 22:52:12 GMT
content-encoding: gzip
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
age: 955
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 962
x-served-by: cache-fra-eddf8230105-FRA
x-timer: S1668379933.803649,VS0,VE1
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges: bytes
expires: Fri, 11 Nov 2022 22:36:18 GMT

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ 213 KB
74 KB 40ms
9ms Script
application/x-javascript 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/outbrain.js
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8760ff938935bf6767234332e9c41335bd2b8ccbcde75b8bfc271b99247ee790

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 22:52:12 GMT
content-encoding: gzip
last-modified: Sun, 13 Nov 2022 08:20:36 GMT
etag: "15-Pt7K4OvNMwkucm7MC7XprCH0D3g"
vary: Accept-Encoding
edge-cache-tag: widget-cheetah-stg
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET,POST
cache-control: max-age=14400
access-control-allow-credentials: false
x-traceid: 71cd64b03f885c1ae574849a8824b8f4
timing-allow-origin: *, *
content-length: 74929

GET
H2 200 arrow-forward.svg
www.walla.co.il/public/assets/homepage2/ 475 B
834 B 9ms
8ms Image
image/svg+xml 52.222.236.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/homepage2/arrow-forward.svg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-20.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 00df84c0176ae68719671b3cf670d45da854c8e4b092eb72eb0b36f6737ae111

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 14:36:55 GMT
via: 1.1 7831c78db9d585e32d354900cc00dca6.cloudfront.net (CloudFront)
last-modified: Fri, 11 Nov 2022 14:20:38 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA56-P4
age: 202517
etag: W/"1db-184671062f0"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 475
x-cached: MISS
x-amz-cf-id: LeGWH00u9J4DC6NY9r2UM4LZ5kXRQsDr1Hv_ji2YzI3K_mzln3OAWA==

GET
H2 200 walla-sprite.svg
www.walla.co.il/public/assets/icons/ 19 KB
6 KB 8ms
8ms Image
image/svg+xml 52.222.236.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/icons/walla-sprite.svg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-20.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 3241bf3866d5c2c02fd32bc792aa155f587efc0780ad197d0040d3377ff5af3f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 19:12:41 GMT
content-encoding: gzip
via: 1.1 7831c78db9d585e32d354900cc00dca6.cloudfront.net (CloudFront)
last-modified: Fri, 11 Nov 2022 14:20:38 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA56-P4
age: 99571
etag: W/"4a05-184671062f0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-id: U-azTHWEghbpt3S9TbzLMgH0KyJJeoMocLCPkhVDAhf7QysabxOWHw==
x-cached: MISS

GET
H2 200 play103fm.svg
www.walla.co.il/public/assets/homepage2/radio-stations/ 409 B
769 B 9ms
8ms Image
image/svg+xml 52.222.236.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/homepage2/radio-stations/play103fm.svg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-20.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: f20eeef8fb712ad2bf5e21dfe5944ab2b62010e44ffa8f79a3bfa354973ab517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 14:36:55 GMT
via: 1.1 7831c78db9d585e32d354900cc00dca6.cloudfront.net (CloudFront)
last-modified: Fri, 11 Nov 2022 14:20:38 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA56-P4
age: 202517
etag: W/"199-184671062f0"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 409
x-cached: MISS
x-amz-cf-id: 5rmBHlQGJwfPCSeB_TNIs5AyyNHrJDTRdDysfL0TTH8FJcPWYQIgDA==

GET
H2 200 play99fm.svg
www.walla.co.il/public/assets/homepage2/radio-stations/ 409 B
769 B 8ms
8ms Image
image/svg+xml 52.222.236.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/homepage2/radio-stations/play99fm.svg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-20.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: e5bf77a4605d9bb4c0ecfc1127ab95009dc2fa6ec763418424cf36f523db8e08

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 01:15:56 GMT
via: 1.1 7831c78db9d585e32d354900cc00dca6.cloudfront.net (CloudFront)
last-modified: Fri, 11 Nov 2022 14:20:38 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA56-P4
age: 77776
etag: W/"199-184671062f0"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 409
x-cached: MISS
x-amz-cf-id: x7XFjYznTjbgL_GPdarUwuoklmTGhP51PzN4V4TPuMIjyZ4EcgS0Yw==

GET
H2 200 icons-play-live.svg
www.walla.co.il/public/assets/icons/ 298 B
657 B 7ms
7ms Image
image/svg+xml 52.222.236.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/icons/icons-play-live.svg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-20.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: e8edb024e688dad4a4dbb15cc90e7cbcae1f1426f34ddb2c22523625f46aafde

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 14:36:55 GMT
via: 1.1 7831c78db9d585e32d354900cc00dca6.cloudfront.net (CloudFront)
last-modified: Fri, 11 Nov 2022 14:20:38 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA56-P4
age: 202517
etag: W/"12a-184671062f0"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 298
x-cached: MISS
x-amz-cf-id: DEeB0A6p4q3hZb1Kx4n2qayb6y1pd6tmKLsEj-0MkIJkQeVZm9OrqQ==

GET
H2 200 wallaicons.woff
www.walla.co.il/public/font/fonticon/ 15 KB
15 KB 8ms
8ms Font
font/woff 52.222.236.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.walla.co.il/public/font/fonticon/wallaicons.woff
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-20.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 5927b526dea517c6d58a54685beb027c35c2f7dfef38f318d487ff4275d3913a

Request headers

Referer: https://www.walla.co.il/
Origin: https://www.walla.co.il
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 01:01:34 GMT
via: 1.1 7831c78db9d585e32d354900cc00dca6.cloudfront.net (CloudFront)
last-modified: Fri, 11 Nov 2022 14:20:38 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA56-P4
age: 165038
etag: W/"3bdc-184671062f0"
x-cache: Hit from cloudfront
content-type: font/woff
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 15324
x-cached: MISS
x-amz-cf-id: ONmUxXI9z9cRZE-5lCcTChbds_YwWug4cyI3yRDJA2TvykBdVE_8Gg==

GET
H2 200 almoni-neue-aaa-500.woff
www.walla.co.il/public/font/almoni/ 58 KB
58 KB 9ms
9ms Font
font/woff 52.222.236.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.walla.co.il/public/font/almoni/almoni-neue-aaa-500.woff
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-20.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 3ce180dce4e114166047284e549a6dae0c28ec609c5539920da8fa3a0c6a9034

Request headers

Referer: https://www.walla.co.il/
Origin: https://www.walla.co.il
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 01:38:08 GMT
via: 1.1 7831c78db9d585e32d354900cc00dca6.cloudfront.net (CloudFront)
last-modified: Fri, 11 Nov 2022 14:20:38 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA56-P4
age: 76444
etag: W/"e7c0-184671062f0"
x-cache: Hit from cloudfront
content-type: font/woff
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 59328
x-cached: MISS
x-amz-cf-id: uAqYB1TEg4lVCrDCo8RgSbkYntIxoHV3Wr722bx_xCG_6LLeQVa8Ag==

GET
H2 200 almoni-neue-aaa-700.woff
www.walla.co.il/public/font/almoni/ 59 KB
59 KB 9ms
8ms Font
font/woff 52.222.236.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.walla.co.il/public/font/almoni/almoni-neue-aaa-700.woff
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-20.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: bfde7d8c3faf39da42713b587dbed55d088a5afc1664a79565a8391735c63df1

Request headers

Referer: https://www.walla.co.il/
Origin: https://www.walla.co.il
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 14:36:55 GMT
via: 1.1 7831c78db9d585e32d354900cc00dca6.cloudfront.net (CloudFront)
last-modified: Fri, 11 Nov 2022 14:20:38 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA56-P4
age: 202517
etag: W/"ea00-184671062f0"
x-cache: Hit from cloudfront
content-type: font/woff
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 59904
x-cached: MISS
x-amz-cf-id: 8fwT8LZDBgJlb1iw0x5H5KYJXVwfmwBB0oi_VxsBaCLlhOnLUpzCZA==

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 281ms
92ms Image
image/gif 44.196.76.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=walla.co.il&p=%2F&u=DuQDnwCIbcDnDAkAf_&d=walla.co.il&g=20047&g0=%D7%95%D7%95%D7%90%D7%9C%D7%94&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=10278&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=466&t=DXlRxbBdIDgHD1Sn6uCBs2clDNTSit&V=136&i=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20-%20%D7%94%D7%90%D7%AA%D7%A8%20%D7%94%D7%9E%D7%95%D7%91%D7%99%D7%9C%20%D7%91%D7%99%D7%A9%D7%A8%D7%90%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%9E%D7%A1%D7%91%D7%99%D7%91%20%D7%9C%D7%A9%D7%A2%D7%95%D7%9F&tz=0&sn=1&sv=bdmhZcUDV9DHT6Fyyik9TlD3l3&sd=1&im=067b2fff&_
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.196.76.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-76-155.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 13 Nov 2022 22:52:13 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H2 200 mab
mabping.chartbeat.net/ping/ 43 B
200 B 282ms
91ms Image
image/gif 54.86.116.177
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=DuQDnwCIbcDnDAkAf_&c=0&V=136&x=PNOKtSasrfZ76&v=C&ml=m&sl=x_BJd&e=-1
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.86.116.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-86-116-177.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 13 Nov 2022 22:52:13 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H2 200 mab
mabping.chartbeat.net/ping/ 43 B
200 B 281ms
91ms Image
image/gif 54.86.116.177
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=DuQDnwCIbcDnDAkAf_&c=0&V=136&x=1bk5UuBKy05cC&v=A&ml=m&sl=BoZuWs&e=-1
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.86.116.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-86-116-177.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 13 Nov 2022 22:52:13 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H2 200 mab
mabping.chartbeat.net/ping/ 43 B
201 B 281ms
91ms Image
image/gif 54.86.116.177
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=DuQDnwCIbcDnDAkAf_&c=0&V=136&x=GmkadiojOyiqR&v=A&ml=m&sl=DkrJa_&e=-1
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.86.116.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-86-116-177.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 13 Nov 2022 22:52:13 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H2 200 mab
mabping.chartbeat.net/ping/ 43 B
200 B 281ms
92ms Image
image/gif 54.86.116.177
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=DuQDnwCIbcDnDAkAf_&c=0&V=136&x=muiIa2JehMYYw&v=B&ml=m&sl=BF4f-R&e=-1
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.86.116.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-86-116-177.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 13 Nov 2022 22:52:13 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H2 200 391_a64a6978466e464bc4f4_a64a6978466e464bc4f4_walla.js Show response
www.walla.co.il/public/ 122 KB
36 KB 8ms
8ms Script
application/javascript 52.222.236.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.walla.co.il/public/391_a64a6978466e464bc4f4_a64a6978466e464bc4f4_walla.js
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/public/main_51e4b430cef2fa4cd12f_51e4b430cef2fa4cd12f_walla.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-20.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: e3e0c0eb7964567b3c8348d7fee5a69a923b4c4e45e196e7b4b8842cd20096ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 14:36:55 GMT
content-encoding: gzip
via: 1.1 7831c78db9d585e32d354900cc00dca6.cloudfront.net (CloudFront)
last-modified: Fri, 11 Nov 2022 14:23:00 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA56-P4
age: 202518
etag: W/"1e854-18467128da0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=2592000
x-amz-cf-id: ZlvvThZiQiJTCi2Bw3RWylioiUBiLmOP55HEC4ROYrdi48FR6tHuUw==
x-cached: MISS

GET
H2 200 PikudInner_71a2339dbca8b244a152_71a2339dbca8b244a152_walla.js Show response
www.walla.co.il/public/ 3 KB
2 KB 8ms
8ms Script
application/javascript 52.222.236.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.walla.co.il/public/PikudInner_71a2339dbca8b244a152_71a2339dbca8b244a152_walla.js
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/public/main_51e4b430cef2fa4cd12f_51e4b430cef2fa4cd12f_walla.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-20.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: acf6065a1e918d23c4252187af26e95c150ed8285fece76659e48fe50cfa06ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 14:36:55 GMT
content-encoding: gzip
via: 1.1 7831c78db9d585e32d354900cc00dca6.cloudfront.net (CloudFront)
last-modified: Fri, 11 Nov 2022 14:23:00 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA56-P4
age: 202518
etag: W/"cfc-18467128da0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=2592000
x-amz-cf-id: geAqGY2cFextMt17F-rRmCV_GkFJA3JO-tQIljGqu1FhOrr_uTy6kA==
x-cached: MISS

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 79 KB
27 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/public/504_d27adc7f60512ad1070a_d27adc7f60512ad1070a_walla.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2129ccd6aca391fa9315ee075c416a0f5d99c86c917cd750d9e8fb0c86aac5f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 22:52:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27297
x-xss-protection: 0
server: sffe
etag: "1391 / 481 of 1000 / last-modified: 1668207947"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 13 Nov 2022 22:52:13 GMT

GET
H2 200 close.png
www.walla.co.il/public/assets/ads/ 1 KB
1 KB 10ms
8ms Image
image/png 52.222.236.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/ads/close.png
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-20.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 526570790fb55c7376917efb0561bac7302c8946d3cfb0daf15e3669c6ee1ee5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 00:45:49 GMT
via: 1.1 7831c78db9d585e32d354900cc00dca6.cloudfront.net (CloudFront)
last-modified: Fri, 11 Nov 2022 14:20:38 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA56-P4
age: 79584
etag: W/"46c-184671062f0"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 1132
x-cached: MISS
x-amz-cf-id: IDf_Nx9u2nr8dEzDKuj8dpwjsq_m3Re1ii3mA9NDQ4UystFeHTOBLQ==

GET
H2 200 3421426-46.png
images.wcdn.co.il//3/4/2/1/ 6 KB
6 KB 13ms
10ms Image
image/png 18.66.122.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wcdn.co.il//3/4/2/1/3421426-46.png
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-50.fra60.r.cloudfront.net
Software: cloudinary /
Resource Hash: 738d90cda558286a59c2e9d00b43c7d2375b2e010863533804d0de180cfc5339

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 10:30:43 GMT
via: 1.1 varnish, 1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 7906890
edge-cache-tag: 145767541500621925049705680995819893788,d2bce9e04f88d43dd8350e859c701704
cache-tag: 145767541500621925049705680995819893788,d2bce9e04f88d43dd8350e859c701704
x-cache: Hit from cloudfront
content-length: 5667
x-served-by: cache-iad-kiad7000166-IAD
last-modified: Sun, 14 Aug 2022 10:29:39 GMT
server: cloudinary
x-timer: S1660473043.259951,VS0,VE1
etag: "a299b27a337fe5f8cd65385dbd30d509"
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: fvYEn7sAdDO7wjzH1du33ostokRc7i0cmsmDa5ciuZ47tz2gKCBPlw==
x-cache-hits: 1

GET
H2 200 3456574-46.png
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/4/5/6/ 6 KB
7 KB 13ms
11ms Image
image/avif 18.66.122.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/4/5/6/3456574-46.png
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-50.fra60.r.cloudfront.net
Software: cloudinary /
Resource Hash: e3d7a9a560626d865cbc87aa57a5aaeb8cd14d389961e211e297318e8e94a9ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:36:35 GMT
via: 1.1 varnish, 1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 47738
edge-cache-tag: 246487243689147402874868661066585042066,242814604961390431684696376094765483923,d2bce9e04f88d43dd8350e859c701704
cache-tag: 246487243689147402874868661066585042066,242814604961390431684696376094765483923,d2bce9e04f88d43dd8350e859c701704
status: 200 OK
x-cache: Hit from cloudfront
content-length: 6360
x-request-id: feeaa934801becc137dcd176ec38182f
x-served-by: cache-lga21920-LGA
last-modified: Sun, 13 Nov 2022 09:36:36 GMT
server: cloudinary
x-timer: S1668332195.751558,VS0,VE410
etag: "9e7ad463a4093f58a3a95d398810f6cf"
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: MrhxW8ogcM6AfpbJq7HMEfGQsj0sjRZ2Q1_g4fFOZ14TF-uA8EEeWA==
x-cache-hits: 0

GET
H2 200 3457090-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/4/5/7/ 4 KB
5 KB 13ms
12ms Image
image/avif 18.66.122.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/4/5/7/3457090-46.jpg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-50.fra60.r.cloudfront.net
Software: cloudinary /
Resource Hash: f278bdd315ee216a0b237a871cf6d88a3ae2a997e9c8cf166a37afa68b9be909

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 20:44:50 GMT
via: 1.1 varnish, 1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 7643
edge-cache-tag: 301375487623757728499730453051387396971,212496020108147977840311483917559093332,d2bce9e04f88d43dd8350e859c701704
cache-tag: 301375487623757728499730453051387396971,212496020108147977840311483917559093332,d2bce9e04f88d43dd8350e859c701704
status: 200 OK
x-cache: Hit from cloudfront
content-length: 4213
x-request-id: e528edd67863ba629d8dacf688bcb8f5
x-served-by: cache-lga21939-LGA
last-modified: Sun, 13 Nov 2022 20:44:47 GMT
server: cloudinary
x-timer: S1668372291.769341,VS0,VE1
etag: "a280f0bed131d3c10792841d1ab8c600"
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: XPnNF9lAb3NhtEX3Ig5qY58FUQJFf99EIHOF1eLACaQGXO_st8r39Q==
x-cache-hits: 1

GET
H2 200 3457111-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/4/5/7/ 6 KB
7 KB 14ms
12ms Image
image/avif 18.66.122.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/4/5/7/3457111-46.jpg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-50.fra60.r.cloudfront.net
Software: cloudinary /
Resource Hash: 05da173b55c5c3dcde1677e06fb34aec56192706adc9cc5f4d02c66184f976c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 22:17:22 GMT
via: 1.1 varnish, 1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 2091
edge-cache-tag: 176501541118530364427458212982148967742,212496020108147977840311483917559093332,d2bce9e04f88d43dd8350e859c701704
cache-tag: 176501541118530364427458212982148967742,212496020108147977840311483917559093332,d2bce9e04f88d43dd8350e859c701704
status: 200 OK
x-cache: Hit from cloudfront
content-length: 5970
x-request-id: fcb8b2e1d808e5e9ae23b670e2d3b01c
x-served-by: cache-iad-kjyo7100039-IAD
last-modified: Sun, 13 Nov 2022 22:17:23 GMT
server: cloudinary
x-timer: S1668377839.098560,VS0,VE3215
etag: "ad9c011265fef07dbd42812039b525e0"
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: T6CiWfLzu-1WgcsP9z8YzcMYFMoVzRY-8k09uKlMAA7ZPq7Oi4pvQA==
x-cache-hits: 0

GET
H2 200 3274876-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/2/7/4/ 6 KB
7 KB 14ms
12ms Image
image/avif 18.66.122.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/2/7/4/3274876-46.jpg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-50.fra60.r.cloudfront.net
Software: cloudinary /
Resource Hash: 11f429b16d419241924d3d9f64f9a35d9e8d63e7a7a896eaa25a013df0d5d560

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 12:04:58 GMT
via: 1.1 varnish, 1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 384435
edge-cache-tag: 287949026171437347413925978859460335705,212496020108147977840311483917559093332,d2bce9e04f88d43dd8350e859c701704
cache-tag: 287949026171437347413925978859460335705,212496020108147977840311483917559093332,d2bce9e04f88d43dd8350e859c701704
x-cache: Hit from cloudfront
content-length: 6248
x-served-by: cache-lga21977-LGA
last-modified: Tue, 28 Dec 2021 13:41:41 GMT
server: cloudinary
x-timer: S1667995498.425954,VS0,VE1
etag: "98cced136310ea21395e88290d4d1be3"
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: 2DuWpmtQpI63wROpIh-knh9J2IiAkH39CXbDRLr1ETssxDtiWZfpYw==
x-cache-hits: 1

GET
H2 200 3457016-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/4/5/7/ 11 KB
12 KB 14ms
13ms Image
image/avif 18.66.122.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/4/5/7/3457016-46.jpg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-50.fra60.r.cloudfront.net
Software: cloudinary /
Resource Hash: 43e1eadf4cce2822b5ba772bcb6a37f5775a5c96d4a296ec3268124ec3f79589

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 20:24:21 GMT
via: 1.1 varnish, 1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 8872
edge-cache-tag: 309295513349267603009042149264481481070,212496020108147977840311483917559093332,d2bce9e04f88d43dd8350e859c701704
cache-tag: 309295513349267603009042149264481481070,212496020108147977840311483917559093332,d2bce9e04f88d43dd8350e859c701704
status: 200 OK
x-cache: Hit from cloudfront
content-length: 11419
x-request-id: 4bb1366c06cab73667d79c8bf84668cb
x-served-by: cache-lga21971-LGA
last-modified: Sun, 13 Nov 2022 20:24:22 GMT
server: cloudinary
x-timer: S1668371059.822939,VS0,VE3019
etag: "5b435958ab685811aa21a44e2392c365"
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: doSdVg-wOHPOCc_AS1_5zQSjhT47oAAtSOVuRZR-Jvi97m9UUuEXlg==
x-cache-hits: 0

GET
H2 200 3179990-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_100,t_53/3/1/7/9/ 4 KB
5 KB 15ms
14ms Image
image/avif 18.66.122.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wcdn.co.il/f_auto,q_auto,w_100,t_53/3/1/7/9/3179990-46.jpg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-50.fra60.r.cloudfront.net
Software: cloudinary /
Resource Hash: be464c46447abd7e361d99dcdb1a0771e2f050718e5e48f357708cdce5b42f33

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 22:03:35 GMT
via: 1.1 varnish, 1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 27650918
edge-cache-tag: 229051862499332083115943838432719266201,126791851644153346182560705225699570347,d2bce9e04f88d43dd8350e859c701704
cache-tag: 229051862499332083115943838432719266201,126791851644153346182560705225699570347,d2bce9e04f88d43dd8350e859c701704
status: 200 OK
x-cache: Hit from cloudfront
content-length: 4467
x-request-id: 0436b576f028dc8ac589239439eb320d
x-served-by: cache-dca17773-DCA
last-modified: Tue, 28 Dec 2021 22:03:36 GMT
server: cloudinary
x-timer: S1640729015.230739,VS0,VE402
etag: "9ef9a00b0f373e22362ef7fd5ae1278d"
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: zIt0VdMX_4xUMXAL-3X_zqbBlU0ZEXcFNUDxXWv3V5mXTDxGiJ6gXw==
x-cache-hits: 0

GET
H2 200 3257856-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_100,t_53/3/2/5/7/ 1 KB
2 KB 14ms
14ms Image
image/avif 18.66.122.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wcdn.co.il/f_auto,q_auto,w_100,t_53/3/2/5/7/3257856-46.jpg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-50.fra60.r.cloudfront.net
Software: cloudinary /
Resource Hash: ac3ec5feaadff6b9971d045b79a2bf36d5a7afd78c0c39a6a340a8cd5175f5e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 17:01:33 GMT
via: 1.1 varnish, 1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 6587440
edge-cache-tag: 181324815173015367470310301508200870431,126791851644153346182560705225699570347,d2bce9e04f88d43dd8350e859c701704
cache-tag: 181324815173015367470310301508200870431,126791851644153346182560705225699570347,d2bce9e04f88d43dd8350e859c701704
x-cache: Hit from cloudfront
content-length: 1434
x-served-by: cache-iad-kiad7000029-IAD
last-modified: Tue, 28 Dec 2021 18:00:53 GMT
server: cloudinary
x-timer: S1661792494.700302,VS0,VE1
etag: "3f5e873602e4a3235e31ae90cabe2dea"
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: tCWEkXGijpfj_b5ll-BJMlByx4B4bY7VbH8kLx9fGIIDw8fM5TDrDg==
x-cache-hits: 1

GET
H2 403 bdbae668-c577-4545-8fc2-4ad4eab52b2c-web.js
cdn.permutive.com/ 0
0 52ms
14ms Script
text/html 104.19.149.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.permutive.com/bdbae668-c577-4545-8fc2-4ad4eab52b2c-web.js?d=2022-11-13
Requested by: Host: cf.dxmcdn.com
URL: https://cf.dxmcdn.com/dta/wallawb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.149.54 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H2 200 kahoona-idx-live.js Show response
d2r08ja41ypc0t.cloudfront.net/WALLA/ 16 KB
6 KB 35ms
8ms Script
application/javascript 2600:9000:223e:c600:4:1c73:c740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2r08ja41ypc0t.cloudfront.net/WALLA/kahoona-idx-live.js
Requested by: Host: cf.dxmcdn.com
URL: https://cf.dxmcdn.com/dta/wallawb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:c600:4:1c73:c740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7aa8178d8811eecc039f610e464f13c9c92a3e4caaf72ae7ca2af53cad5e209c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 17:07:48 GMT
x-amz-version-id: 54STJkk5Ht7xYaQXWyX.bwlRCFmmcFf7
content-encoding: br
last-modified: Sun, 13 Nov 2022 17:07:43 GMT
server: AmazonS3
via: 1.1 71c4b07776e0b6812900664940c9d7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
etag: W/"cae3263f4b79909f4da2fb2f4f0a80c0"
age: 20666
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: n5SQlixwglA4FL27r5_l5BK0kBDbSnyhqTnJtwLnU2u5o_TI57M2mA==

GET
H/1.1 200
OK widget_iframe.644279d1635fd969e87af94a98bd232b.html Show response
platform.twitter.com/widgets/ Frame A2DF 320 KB
104 KB 8ms
7ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fwww.walla.co.il
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67BD) /
Resource Hash: 8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 952283
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105445
Content-Type: text/html; charset=utf-8
Date: Sun, 13 Nov 2022 22:52:13 GMT
Etag: "50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
Last-Modified: Wed, 02 Nov 2022 19:36:59 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/67BD)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

GET
H2 200 px.gif
widget-pixels.outbrain.com/widget/detect/ 43 B
341 B 15ms
8ms Image
image/gif 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 22:52:13 GMT
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 43
expires: Tue, 13 Dec 2022 22:52:13 GMT

OPTIONS
H2 200 init
hb-dot-valuad.appspot.com/ Frame 0
0 141ms
104ms Preflight
text/html 2a00:1450:4001:828::2014
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://hb-dot-valuad.appspot.com/init?d=pubsub
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-request-id,x-vad-version
Access-Control-Request-Method: POST
Origin: https://www.walla.co.il
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-request-id,x-vad-version
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin: https://www.walla.co.il
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Sun, 13 Nov 2022 22:52:13 GMT
server: Google Frontend
x-cloud-trace-context: ac9928792eb8b431229a6b34640310e0
x-request-id: undefined

POST
H3 200 init Show response
hb-dot-valuad.appspot.com/ 38 B
87 B 119ms
103ms Fetch
application/json 2a00:1450:4001:828::2014
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://hb-dot-valuad.appspot.com/init?d=pubsub
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1668297600000
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 4fd404a3dd41ba5796289aa477fbab1ca6d8417713f348dc46088f0f304a4c86

Request headers

Content-Type: application/json
Accept: application/json
Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
x-request-id: ead05a6a-601d-4719-8dd6-bfd724ea9632
x-vad-version: 0.9.11

Response headers

date: Sun, 13 Nov 2022 22:52:13 GMT
content-encoding: gzip
server: Google Frontend
etag: W/"26-mVNvu0agnvYcPb+7WMdjUD1kmNU"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.walla.co.il
x-cloud-trace-context: 0be3530166c5499ec919c6aee6669015
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64
x-request-id: undefined

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T728TH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 13 Nov 2022 21:24:49 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 5244
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Sun, 13 Nov 2022 23:24:49 GMT

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 45 KB
17 KB 60ms
23ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T728TH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

17bcafaa9b8aa4e9a351dd1fade8e49e63ab09fc2653f5b384bb05c8660ff765

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 22:52:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16828
x-xss-protection: 0
server: cafe
etag: 8569919312416379547
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 13 Nov 2022 22:52:13 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 103 KB
28 KB 31ms
9ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f896040524443394b8b1ba4fbd1de94be74378ab901e53b3b40c1323d1735143

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 13 Nov 2022 22:52:13 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27337
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: fJ2zJDaFCLpCkrwxLxIhFIukfeimArWlZaThis7ZW+u8WaFb/6/bpnX52VjNxLhRBpmXdTRpqlbJ/I7WF+Kdig==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 223 KB
77 KB 33ms
17ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-RYD7X7E8VN&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T728TH

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8d6633512953864b17aa0cc30425d8684ff61665ab44d8319adc0b1a74e56fa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 22:52:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78678
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 13 Nov 2022 22:52:13 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame A2DF 913 B
696 B 140ms
119ms Fetch
application/json 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=844701305bf84b08d7499b6245ff68f34d2c0615

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fwww.walla.co.il

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

54ff9917daf6f89618357ef569223a5bd81eb9ef0255509aa77167cd9ee9e458

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-response-time: 111
date: Sun, 13 Nov 2022 22:52:12 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Sun, 13 Nov 2022 22:52:13 GMT
server: tsa_o
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: cb238eda35b400a9
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: a83ba3fd36257bfd45614a12294497749bc141044ec15925b67d620b7dce40bd
content-length: 374

GET
H2 200 logo.png
www.walla.co.il/public/assets/pikud/ 21 KB
22 KB 8ms
8ms Image
image/png 52.222.236.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/pikud/logo.png
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-20.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 76d0d144cab37ceb245da2686fc8b5188508a91aee42773c8caba340dd7e4309

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 14:36:55 GMT
via: 1.1 7831c78db9d585e32d354900cc00dca6.cloudfront.net (CloudFront)
last-modified: Fri, 11 Nov 2022 14:20:38 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA56-P4
age: 202518
etag: W/"558e-184671062f0"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 21902
x-cached: MISS
x-amz-cf-id: v4JKll8q8YWs1fEtqDqLRXZyaZRrmdNrHoR_QmL0tsSzsCx8MHNM_w==

GET
H3 200 1616785908557850 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 19ms
9ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1616785908557850?v=2.9.89&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5af36959c3a1a2a5c66a94de9b343ffd2b47b9496f4b185688e6eeaf1185902c

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 13 Nov 2022 22:52:13 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86446
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: pxwnZyUbZxp50hB/olwEI1Ieb9Ebr9AFHHO3PK9XnpTgGvHwdKWBIBZXxjfLRxcR4Dr4S30J0MTgnU/RSl7u+w==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/964224610/ 2 KB
2 KB 43ms
20ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/964224610/?random=1668379933712&cv=9&fst=1668379933712&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.walla.co.il%2F&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20-%20%D7%94%D7%90%D7%AA%D7%A8%20%D7%94%D7%9E%D7%95%D7%91%D7%99%D7%9C%20%D7%91%D7%99%D7%A9%D7%A8%D7%90%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%9E%D7%A1%D7%91%D7%99%D7%91%20%D7%9C%D7%A9%D7%A2%D7%95%D7%9F&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8dd51804f213899794afb3fe5dce0f730d8a72b5cd868816b689c0d8f2f8fdf1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 22:52:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 985
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 32ms
15ms XHR
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1397925997&t=pageview&_s=1&dl=https%3A%2F%2Fwww.walla.co.il%2F&ul=en-us&de=UTF-8&dt=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20-%20%D7%94%D7%90%D7%AA%D7%A8%20%D7%94%D7%9E%D7%95%D7%91%D7%99%D7%9C%20%D7%91%D7%99%D7%A9%D7%A8%D7%90%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%9E%D7%A1%D7%91%D7%99%D7%91%20%D7%9C%D7%A9%D7%A2%D7%95%D7%9F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=1266215377&gjid=858977366&cid=365311471.1668379934&tid=UA-4780630-1&_gid=1883518910.1668379934&_r=1&gtm=2wgb90T728TH&cd1=&cd2=173&cd3=&cd4=&cd6=&cd7=&cd8=&cd10=0&cd20=no&cd22=0&cd23=0&cd24=0&cd26=&cd27=&cd28=&cd29=&cd30=&cd31=&cd32=%D7%95%D7%95%D7%90%D7%9C%D7%94&cd33=not&cd34=&cd51=&cd53=&cd54=&cd55=&cd56=&cd59=&cd62=&cd63=&cd65=no&cd69=1&cd76=&cd98=&cd107=&cd108=no&cd109=no&cd110=&cd113=1&cd115=&cd116=0&z=1760348404

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 22:52:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.walla.co.il
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
347 B 40ms
16ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-RYD7X7E8VN&gtm=2oeb90&_p=1397925997&cid=365311471.1668379934&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1668379933&sct=1&seg=0&dl=https%3A%2F%2Fwww.walla.co.il%2F&dt=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20-%20%D7%94%D7%90%D7%AA%D7%A8%20%D7%94%D7%9E%D7%95%D7%91%D7%99%D7%9C%20%D7%91%D7%99%D7%A9%D7%A8%D7%90%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%9E%D7%A1%D7%91%D7%99%D7%91%20%D7%9C%D7%A9%D7%A2%D7%95%D7%9F&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RYD7X7E8VN&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 22:52:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.walla.co.il
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 handshakes Show response
khn.crowdad.io/ 0
105 B 95ms
31ms XHR
text/plain 52.208.146.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://khn.crowdad.io/handshakes
Requested by: Host: d2r08ja41ypc0t.cloudfront.net
URL: https://d2r08ja41ypc0t.cloudfront.net/WALLA/kahoona-idx-live.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.146.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-146-5.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.walla.co.il
date: Sun, 13 Nov 2022 22:52:13 GMT
access-control-allow-credentials: true
content-length: 0

OPTIONS
H2 200 handshakes
khn.crowdad.io/ Frame 0
0 112ms
29ms Preflight 52.208.146.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://khn.crowdad.io/handshakes
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.146.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-146-5.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.walla.co.il
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://www.walla.co.il
content-length: 0
date: Sun, 13 Nov 2022 22:52:13 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
442 B 72ms
19ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-4780630-1&cid=365311471.1668379934&jid=1266215377&gjid=858977366&_gid=1883518910.1668379934&_u=YEBAAEAAAAAAACAAI~&z=819380113

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 13 Nov 2022 22:52:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.walla.co.il
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/964224610/ 42 B
548 B 47ms
22ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/964224610/?random=1668379933712&cv=9&fst=1668376800000&num=1&guid=ON&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.walla.co.il%2F&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20-%20%D7%94%D7%90%D7%AA%D7%A8%20%D7%94%D7%9E%D7%95%D7%91%D7%99%D7%9C%20%D7%91%D7%99%D7%A9%D7%A8%D7%90%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%9E%D7%A1%D7%91%D7%99%D7%91%20%D7%9C%D7%A9%D7%A2%D7%95%D7%9F&fmt=3&is_vtc=1&random=4093691007&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 22:52:13 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/964224610/ 42 B
548 B 70ms
20ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/964224610/?random=1668379933712&cv=9&fst=1668376800000&num=1&guid=ON&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.walla.co.il%2F&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20-%20%D7%94%D7%90%D7%AA%D7%A8%20%D7%94%D7%9E%D7%95%D7%91%D7%99%D7%9C%20%D7%91%D7%99%D7%A9%D7%A8%D7%90%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%9E%D7%A1%D7%91%D7%99%D7%91%20%D7%9C%D7%A9%D7%A2%D7%95%D7%9F&fmt=3&is_vtc=1&random=4093691007&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 22:52:13 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 170717926997655 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 9ms
9ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/170717926997655?v=2.9.89&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f5585f819dd53a76ebba27d982a5a79b515c9baf8bac4f0b38d4540eb8d07df5

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 13 Nov 2022 22:52:13 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86217
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: Rptgvm045Kzy3Y9tDfCDhNttc9+upH3Djtt5ARBS0bgCDCrcvklLw/9DzMG2I5TUvspRpWK1+72+2V3+Qta+0w==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 28ms
9ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1616785908557850&ev=PageView&dl=https%3A%2F%2Fwww.walla.co.il%2F&rl=&if=false&ts=1668379933772&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.2.1668379933770.221115581&it=1668379933710&coo=false&rqm=GET

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 13 Nov 2022 22:52:13 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 get Show response
odb.outbrain.com/utils/ 2 KB
1 KB 140ms
111ms Script
text/javascript 146.75.118.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.walla.co.il%2F&idx=0&rand=94370&key=NANOWDGT01&widgetJSId=AR_57&va=true&et=true&format=html&adblck=false&abwl=false&px=0&py=0&vpd=0&cw=1600&activeTab=true&darkMode=false&ab=0&wl=0&settings=true&recs=true&version=2000941&sig=8oBnIw85&apv=false&false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fwww.walla.co.il%2F
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.118.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e97cebd99413254de8e3e71b55b4fa908f5aa88b8b45ec1b6c818f28ec9846b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-cache-hits: 0, 0
date: Sun, 13 Nov 2022 22:52:13 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, FRA, Europe1
x-timer: S1668379934.857692,VS0,VE100
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-served-by: cache-lga21921-LGA, cache-fra-eddf8230040-FRA
x-traceid: 38d39edc69a7dfb68de7db4c9a165410
accept-ranges: bytes
content-length: 1123
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 38ms
18ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-4780630-1&cid=365311471.1668379934&jid=1266215377&_u=YEBAAEAAAAAAACAAI~&z=384662321

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 22:52:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 38ms
20ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-4780630-1&cid=365311471.1668379934&jid=1266215377&_u=YEBAAEAAAAAAACAAI~&z=384662321

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 22:52:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 19ms
8ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=170717926997655&ev=PageView&dl=https%3A%2F%2Fwww.walla.co.il%2F&rl=&if=false&ts=1668379933835&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.2.1668379933770.221115581&it=1668379933710&coo=false&rqm=GET

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 13 Nov 2022 22:52:13 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 389ms
94ms Fetch
text/plain 70.42.32.159
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=86774186eb717983667c7bfab3227ddf_1769_1668379933911&tm=484&eT=6&wRV=2000941&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&cheq=0&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.159 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Sun, 13 Nov 2022 22:52:14 GMT
access-control-expose-headers: content-range
content-encoding: gzip
X-TraceId: 9b6b2ebde508b9f6671d386399abc6e8
Content-Length: 28
Content-Type: text/plain; charset=UTF-8

GET
H2 200 get Show response
odb.outbrain.com/utils/ 12 KB
4 KB 110ms
110ms Script
text/javascript 146.75.118.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.walla.co.il%2F&idx=1&rand=76176&key=NANOWDGT01&widgetJSId=HPP&va=true&et=true&format=html&t=ODY3NzQxODZlYjcxNzk4MzY2N2M3YmZhYjMyMjdkZGY=&adblck=false&abwl=false&px=209&py=889&vpd=0&cw=282&activeTab=true&darkMode=false&ab=0&wl=0&settings=true&recs=true&version=2000941&sig=8oBnIw85&apv=false&false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fwww.walla.co.il%2F
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.118.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 8e673155364bcaf97e319549e9b7eb08383e22f51f0fc4288d2d8faf1e209f0f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-cache-hits: 0, 0
date: Sun, 13 Nov 2022 22:52:14 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, FRA, Europe1
x-timer: S1668379934.973911,VS0,VE101
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-served-by: cache-lga21945-LGA, cache-fra-eddf8230040-FRA
x-traceid: 52f8383fa47e48d3379e437decf386c1
accept-ranges: bytes
content-length: 3787
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ 3 KB
3 KB 9ms
9ms Image
image/svg+xml 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 22:52:14 GMT
last-modified: Mon, 12 Sep 2022 07:37:47 GMT
server: AkamaiNetStorage
etag: "9d26fa4e7238ed94f1d0d92afb453b3e:1662969032.874716"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2735
expires: Tue, 13 Dec 2022 22:52:14 GMT

GET
H2 200 ob_logo_16x16.svg
widgets.outbrain.com/images/widgetIcons/ 13 KB
14 KB 8ms
8ms Image
image/svg+xml 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/ob_logo_16x16.svg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: c3c89d5295be3c6415416b83a9e4c0fc67a790e55713ddc3f2d0c07185779acf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 22:52:14 GMT
last-modified: Mon, 12 Sep 2022 07:37:47 GMT
server: AkamaiNetStorage
etag: "af7be0711fb1cf2f41bb793256c8f148:1662969048.571231"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 13687
expires: Tue, 13 Dec 2022 22:52:14 GMT

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 339ms
86ms Fetch
text/plain 70.42.32.159
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=5a5312a9a7ad77d8f45f641a0e65b82b_1769_1668379934027&tm=601&eT=0&widgetWidth=282&widgetHeight=36&widgetX=209&widgetY=898&wRV=2000941&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&rtt=111&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.159 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Sun, 13 Nov 2022 22:52:14 GMT
access-control-expose-headers: content-range
content-encoding: gzip
X-TraceId: 54dd287309eeacbd98dfd4c09f3b53d8
Content-Length: 28
Content-Type: text/plain; charset=UTF-8

GET
H2 200 streamFeed.js Show response
widgets.outbrain.com/nanoWidget/2000941/module/ 39 KB
14 KB 11ms
11ms Script
application/x-javascript 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/2000941/module/streamFeed.js?e=2
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: c54402330c0262f8190d53283059c70e353d015ce371cf88411ca73d0084f029

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 22:52:14 GMT
content-encoding: gzip
last-modified: Sun, 13 Nov 2022 08:18:49 GMT
server: AkamaiNetStorage
etag: "8a866e99b6ae575e7fbd4b845e4c0acd:1668329227.986133"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 14278
expires: Sun, 20 Nov 2022 22:52:14 GMT

GET
H2 200 get Show response
odb.outbrain.com/utils/ 31 KB
11 KB 245ms
244ms Script
text/javascript 146.75.118.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.walla.co.il%2F&idx=2&rand=9661&key=NANOWDGT01&widgetJSId=HPC_2&va=true&et=true&format=html&t=ODY3NzQxODZlYjcxNzk4MzY2N2M3YmZhYjMyMjdkZGY=&adblck=false&abwl=false&px=535&py=3744&vpd=2544&cw=865&activeTab=true&darkMode=false&ab=0&wl=0&settings=true&recs=true&version=2000941&sig=8oBnIw85&apv=false&false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fwww.walla.co.il%2F
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.118.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b0acf9cde40c08671762804c4c817176532ae3b982b076e0247c87d10cb24047

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-cache-hits: 0, 0
date: Sun, 13 Nov 2022 22:52:14 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, FRA, Europe1
x-timer: S1668379934.089248,VS0,VE237
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-served-by: cache-lga21979-LGA, cache-fra-eddf8230040-FRA
x-traceid: a6450adc83c76dfa34a49e8aef7f10bf
accept-ranges: bytes
content-length: 10915
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK widgetGlobalEvent Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 389ms
93ms Fetch
application/json 70.42.32.159
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=5a5312a9a7ad77d8f45f641a0e65b82b&pvId=86774186eb717983667c7bfab3227ddf&sid=7990615&pid=1769&idx=1&wId=132&pad=0&org=0&tm=607&eT=3&cnsnt=no_consent&wRV=2000941&pVis=0&lsd=-1&eIdx=0&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.159 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 13 Nov 2022 22:52:14 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 01b24d0611fa00714fd70679cfb9261d
Content-Length: 4
Expires: 0

GET
H2 200 get Show response
mv.outbrain.com/Multivac/api/ 18 KB
6 KB 278ms
270ms Script
text/javascript 146.75.118.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fwww.walla.co.il%2F&settings=true&recs=true&widgetJSId=HPP&key=NANOWDGT01&version=2000941&apv=false&sig=8oBnIw85&format=html&rand=13237&osLang=en-US&va=true&et=true&cmpStat=0&ccpaStat=0&scrW=1600&scrH=1200&t=ODY3NzQxODZlYjcxNzk4MzY2N2M3YmZhYjMyMjdkZGY=&winW=1600&winH=1200&adblck=false&abwl=false&secured=true&feedIdx=1&lastIdx=3&lastCardIdx=0&fAB=11731-42692&layeredTestInfo=11731-42692-&dpr=1&cw=282&darkMode=false&activeTab=true&ogn=https%3A%2F%2Fwww.walla.co.il%2F
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/2000941/module/streamFeed.js?e=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.118.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: af255455ff4ce05ffd371984ec9f37f62623e1c834f9c9767d97fe058fccb489

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-cache-hits: 0, 0
date: Sun, 13 Nov 2022 22:52:14 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, FRA, Europe1
x-timer: S1668379934.133804,VS0,VE245
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-served-by: cache-lga21976-LGA, cache-fra-eddf8230040-FRA
x-traceid: 07b60d13f66b035bf921cc8ab9423ce8
accept-ranges: bytes
content-length: 6470
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 994E 0
15 B 8ms
8ms Document
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.walla.co.il
Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.walla.co.il
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Sun, 13 Nov 2022 22:52:14 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 ob_logo_67x12.png
widgets.outbrain.com/images/widgetIcons/ 2 KB
3 KB 12ms
12ms Image
image/png 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/ob_logo_67x12.png
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 22:52:14 GMT
last-modified: Mon, 12 Sep 2022 07:37:47 GMT
server: AkamaiNetStorage
etag: "c52b07e749f7a09fa7b97b7e195e06ce:1662969049.940408"
access-control-allow-methods: GET,POST
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2326
expires: Tue, 13 Dec 2022 22:52:14 GMT

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 115ms
98ms Fetch
text/plain 70.42.32.159
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=7d492ae4b556f221d3242e6cec6a01eb_1769_1668379934276&tm=854&eT=0&widgetWidth=865&widgetHeight=259&widgetX=535&widgetY=3764&wRV=2000941&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=229&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.159 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Sun, 13 Nov 2022 22:52:14 GMT
access-control-expose-headers: content-range
content-encoding: gzip
X-TraceId: 87eb7a2224332f98aa5303c7854667f8
Content-Length: 28
Content-Type: text/plain; charset=UTF-8

GET
H2 200 get Show response
odb.outbrain.com/utils/ 17 KB
4 KB 114ms
114ms Script
text/javascript 146.75.118.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.walla.co.il%2F&idx=3&rand=82238&key=NANOWDGT01&widgetJSId=HPC&va=true&et=true&format=html&t=ODY3NzQxODZlYjcxNzk4MzY2N2M3YmZhYjMyMjdkZGY=&adblck=false&abwl=false&px=535&py=10437&vpd=9237&cw=865&activeTab=true&darkMode=false&ab=0&wl=0&settings=true&recs=true&version=2000941&sig=8oBnIw85&apv=false&false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fwww.walla.co.il%2F
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.118.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f034cc14865a8685926303db67b8de3a4b004b4dc3dcf08a33b6fa84056ad7d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-cache-hits: 0, 0
date: Sun, 13 Nov 2022 22:52:14 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, FRA, Europe1
x-timer: S1668379934.344147,VS0,VE107
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-served-by: cache-lga21974-LGA, cache-fra-eddf8230040-FRA
x-traceid: 8e477d4c92b6d7e78cea1f2631009e60
accept-ranges: bytes
content-length: 4479
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 eyJpdSI6IjM3YzIwYjU1OTY0Yjk3NmQyOTk0OGI5NTcyYmE0ZTVhMGU4MjM0OWIyZWZiNjE1NGMwNDA5NDM2MTZhNTE5MmEiLCJ3Ijo1MDAsImgiOjMyMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 40 KB
40 KB 40ms
9ms Image
image/webp 23.35.229.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjM3YzIwYjU1OTY0Yjk3NmQyOTk0OGI5NTcyYmE0ZTVhMGU4MjM0OWIyZWZiNjE1NGMwNDA5NDM2MTZhNTE5MmEiLCJ3Ijo1MDAsImgiOjMyMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-181.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 63c0a8848708e2a2b346c095e5a14a5b8a72e8e7ffc260872caf09e83021820b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 22:52:14 GMT
last-modified: Fri, 11 Nov 2022 11:06:40 GMT
access-control-allow-methods: GET,POST
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2247352
access-control-allow-credentials: false
x-traceid: b138dd5dd0b382e1fbb0a2d550ed24c1
timing-allow-origin: *, *
content-length: 41006

GET
H2 200 eyJpdSI6ImNhOWQ2OTA2OGNkMDAwYzEzNjNhZGYwNTM4NDRlYzFiMjI1OWUxZThkZWJjYmZkYzBjZWRjYjRhMzY0MTQ0NjAiLCJ3Ijo1MDAsImgiOjMyMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 52 KB
53 KB 39ms
8ms Image
image/webp 23.35.229.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImNhOWQ2OTA2OGNkMDAwYzEzNjNhZGYwNTM4NDRlYzFiMjI1OWUxZThkZWJjYmZkYzBjZWRjYjRhMzY0MTQ0NjAiLCJ3Ijo1MDAsImgiOjMyMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-181.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d6c557a8122afaef8a629ccd96c56ac477d4a7bf69e297c3e75d07d8994f66fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 22:52:14 GMT
last-modified: Thu, 10 Nov 2022 08:55:34 GMT
access-control-allow-methods: GET,POST
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2244067
access-control-allow-credentials: false
x-traceid: e1097d1631cdbec8bf5b58e0cfdbb4a4
timing-allow-origin: *, *
content-length: 53714

GET
H2 200 eyJpdSI6IjhjODQxNTM3YzQxMTEzNmFhMjNhNzQzZTgxMjU0M2Q2NDU4MjcxMjllMTgzMDk0NWY3YzdkMzU5NmViMzBiZDkiLCJ3Ijo1MDAsImgiOjMyMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 69 KB
69 KB 49ms
18ms Image
image/webp 23.35.229.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjhjODQxNTM3YzQxMTEzNmFhMjNhNzQzZTgxMjU0M2Q2NDU4MjcxMjllMTgzMDk0NWY3YzdkMzU5NmViMzBiZDkiLCJ3Ijo1MDAsImgiOjMyMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-181.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: cca0b32f84f769ebb1078ea7bf959f1b05ef05cb917f7cedb82c4fcc9c8d0b25

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 22:52:14 GMT
last-modified: Thu, 10 Nov 2022 12:21:03 GMT
access-control-allow-methods: GET,POST
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2165324
access-control-allow-credentials: false
x-traceid: b476826227039b1cd8854419959f0409
timing-allow-origin: *, *
content-length: 70654

GET
H2 200 eyJpdSI6IjE2MThiYjQ0NGNjOTc3OTdkYzhiYTJiOWMzM2I2ZjZiM2YxYzFmYWM3ZGQzZjQ4NmJlMWEwZjFkOTQzYTFiMTgiLCJ3Ijo1MDAsImgiOjMyMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 51 KB
51 KB 48ms
18ms Image
image/webp 23.35.229.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjE2MThiYjQ0NGNjOTc3OTdkYzhiYTJiOWMzM2I2ZjZiM2YxYzFmYWM3ZGQzZjQ4NmJlMWEwZjFkOTQzYTFiMTgiLCJ3Ijo1MDAsImgiOjMyMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-181.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 65bc7c810c36904efdd6d53009e016bd571c311de3fd755dd103209a87e24691

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 22:52:14 GMT
last-modified: Mon, 19 Sep 2022 13:22:00 GMT
access-control-allow-methods: GET,POST
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=1561749
access-control-allow-credentials: false
x-traceid: 180067646f5d56aeed9c8818d13dee26
timing-allow-origin: *, *
content-length: 52234

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 2EA7 0
15 B 9ms
8ms Document
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.walla.co.il
Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.walla.co.il
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Sun, 13 Nov 2022 22:52:14 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 singleAnimationOnFeed.js Show response
widgets.outbrain.com/nanoWidget/2000941/module/ 503 B
812 B 10ms
9ms Script
application/x-javascript 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/2000941/module/singleAnimationOnFeed.js?e=2
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5cb0b05799941ef3c77be2ce04ea82e647f0fccc95dd18d4df4e834a0cc7d6e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 22:52:14 GMT
last-modified: Sun, 13 Nov 2022 08:18:49 GMT
server: AkamaiNetStorage
etag: "76dffd582e22cde7ed97dd4613fc0b92:1668329224.975734"
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 503
expires: Sun, 20 Nov 2022 22:52:14 GMT

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 113ms
87ms Fetch
text/plain 70.42.32.159
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=a59e2d55270d06e41eb442b5885bb2d6_1769_1668379934324&tm=911&eT=0&widgetWidth=282&widgetHeight=204&widgetX=209&widgetY=939&wRV=2000941&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=49&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.159 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Sun, 13 Nov 2022 22:52:14 GMT
access-control-expose-headers: content-range
content-encoding: gzip
X-TraceId: 40f41e63ed46a9d33cd69313c743cb5f
Content-Length: 28
Content-Type: text/plain; charset=UTF-8

GET
H2 200 eyJpdSI6ImNhOWQ2OTA2OGNkMDAwYzEzNjNhZGYwNTM4NDRlYzFiMjI1OWUxZThkZWJjYmZkYzBjZWRjYjRhMzY0MTQ0NjAiLCJ3IjozMDAsImgiOjE1NiwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 21 KB
21 KB 7ms
7ms Image
image/webp 23.35.229.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImNhOWQ2OTA2OGNkMDAwYzEzNjNhZGYwNTM4NDRlYzFiMjI1OWUxZThkZWJjYmZkYzBjZWRjYjRhMzY0MTQ0NjAiLCJ3IjozMDAsImgiOjE1NiwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-181.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 2d0714603fbece7e53541554367c06d12df953d2c33848e7a3d06686f48a4ed7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 22:52:14 GMT
last-modified: Thu, 10 Nov 2022 08:55:34 GMT
access-control-allow-methods: GET,POST
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2244098
access-control-allow-credentials: false
x-traceid: 5eda22b1574ed93d1a966dfc1486aa63
timing-allow-origin: *, *
content-length: 21676

GET
H/1.1 200
OK widgetGlobalEvent Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 166ms
94ms Fetch
application/json 70.42.32.159
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=a59e2d55270d06e41eb442b5885bb2d6&pvId=86774186eb717983667c7bfab3227ddf&sid=7990615&pid=1769&idx=4&wId=1515&pad=1&org=0&tm=926&eT=3&cnsnt=no_consent&wRV=2000941&pVis=1&lsd=-1&eIdx=1&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.159 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 13 Nov 2022 22:52:14 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: e8b2570b344f5740e1551419b63f3b2d
Content-Length: 4
Expires: 0

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 98ms
96ms Fetch
text/plain 70.42.32.159
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=7f47e4ead37f8f22469d5f68c3287fda_1769_1668379934404&tm=978&eT=0&widgetWidth=865&widgetHeight=44&widgetX=535&widgetY=10497&wRV=2000941&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&rtt=118&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.159 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Sun, 13 Nov 2022 22:52:14 GMT
access-control-expose-headers: content-range
content-encoding: gzip
X-TraceId: fe8b0e24b0d328adf9abcd404749bb9e
Content-Length: 28
Content-Type: text/plain; charset=UTF-8

GET
H2 200 get Show response
mv.outbrain.com/Multivac/api/ 87 KB
19 KB 904ms
904ms Script
text/javascript 146.75.118.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fwww.walla.co.il%2F&settings=true&recs=true&widgetJSId=HPC&key=NANOWDGT01&version=2000941&apv=true&sig=8oBnIw85&format=html&rand=11960&osLang=en-US&va=true&et=true&cmpStat=0&ccpaStat=0&scrW=1600&scrH=1200&t=ODY3NzQxODZlYjcxNzk4MzY2N2M3YmZhYjMyMjdkZGY=&winW=1600&winH=1200&adblck=false&abwl=false&secured=true&feedIdx=3&lastIdx=4&lastCardIdx=0&fAB=11741-0&layeredTestInfo=11741-0-&dpr=1&cw=865&darkMode=false&activeTab=true&ogn=https%3A%2F%2Fwww.walla.co.il%2F
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/2000941/module/streamFeed.js?e=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.118.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4a9a7089bc074e3de575d4fa4da303c389217ee00489e790706707df75cc573e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-cache-hits: 0, 0
date: Sun, 13 Nov 2022 22:52:15 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, FRA, Europe1
x-timer: S1668379934.470214,VS0,VE897
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-served-by: cache-lga21940-LGA, cache-fra-eddf8230040-FRA
x-traceid: d1d369ea783ae0bef3042efd8acf9be8
accept-ranges: bytes
content-length: 19735
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/160447/3622/ 262 KB
81 KB 53ms
8ms Script
text/javascript 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/160447/3622/pwt.js
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1668297600000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 5112533882ea77891976997afbeaf5416df1ac1a423c8177fdfce6d5e4e3bce9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

unused62: 8096267
date: Sun, 13 Nov 2022 22:52:14 GMT
content-encoding: gzip
last-modified: Wed, 14 Jul 2021 08:22:46 GMT
server: Apache
etag: "1481c32-41771-5c7110f340cdf"
vary: Accept-Encoding
content-type: text/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=171245
accept-ranges: bytes
content-length: 82748
expires: Tue, 15 Nov 2022 22:26:19 GMT

GET
H2 200 / Show response
csync.smilewanted.com/ 6 KB
2 KB 71ms
45ms Script
application/javascript 104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1668297600000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eef3229975dcea05e62c3c6a907c2b9c50a68b07a632ce4fa232a41a0bcb1ad9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 22:52:14 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-credentials: true
cf-ray: 769b139ecf5792b4-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
2 KB 100ms
44ms XHR
application/json 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20221113

Requested by

Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1668297600000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

832ab4929dbce699020435c37ef5886d3100fb738200c0c59f3ca229d14f8e3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 13 Nov 2022 22:52:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 28275
x-jsd-version: 1.0.1523
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230021-FRA, cache-yyz4560-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"666-z0/pNGk6ymYP7pSva8i+xpul4MQ"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4kY6%2BcwkDG%2BSkFpHDUrs5713D2FtjrvreNoEXRCBngd0pmr%2FjNa4eKrmm9r5EP5HCZt9DeSF07mVg%2BHFS64MVEJrvLCQkBFqEBTheRAK9M8ZccgD5ymx5bkfAux%2BQAWG61hdZkPPq7H5EBluQd4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 769b139f1ff95b92-FRA

GET
H2 200 localstore.js Show response
script.4dex.io/ 483 B
865 B 66ms
15ms Script
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1668297600000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 22:52:14 GMT
x-amz-version-id: 1666365882701197
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx36ec54edbeb74121a0ef5-006352b9e9
age: 189031
x-amz-id-2: tx36ec54edbeb74121a0ef5-006352b9e9
last-modified: Fri, 21 Oct 2022 15:24:42 GMT
server: cloudflare
etag: W/"922cffdd75f7192f75231d92684885aa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rJ2Rl1dQK2M9uDxEPcVovzhr2FGojcrcrBro%2BGzdPSMwsfYUqmkfkcAhuBH9Kxg%2B0Npvv5ht9MIvM1xZP7eRPKq7CpJP3ZK2Xejl4uWuvX4a4DSkD6VihHEG23ZQeywKVFZJN0e61d0jxJ3q"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=1800
cf-ray: 769b139f0f529b2d-FRA

POST
H/1.1 204
No Content / Show response
b1h-euc1.zemanta.com/api/bidder/prebid/bid/ 0
145 B 69ms
13ms XHR
text/plain 213.227.153.220
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://b1h-euc1.zemanta.com/api/bidder/prebid/bid/
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1668297600000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.227.153.220 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: v182.ce13.ams-01.nl.leaseweb.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

Connection: keep-alive
Access-Control-Allow-Origin: https://www.walla.co.il
Access-Control-Allow-Credentials: true

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
36 B 77ms
46ms XHR
text/plain 104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1668297600000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 13 Nov 2022 22:52:14 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://www.walla.co.il
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 769b139f1fcf92b4-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
36 B 60ms
30ms XHR
text/plain 104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1668297600000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 13 Nov 2022 22:52:14 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://www.walla.co.il
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 769b139f1fca92b4-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
67 B 59ms
29ms XHR
text/plain 104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1668297600000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 13 Nov 2022 22:52:14 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://www.walla.co.il
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 769b139f1fcb92b4-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
36 B 66ms
37ms XHR
text/plain 104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1668297600000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 13 Nov 2022 22:52:14 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://www.walla.co.il
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 769b139f1fcd92b4-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 28 KB
9 KB 196ms
148ms XHR
application/json 185.89.210.141
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1668297600000

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

ec2-52-29-89-138.eu-central-1.compute.amazonaws.com

Software

nginx/1.21.3 /

Resource Hash

d549a0f247629fb80d8e4294de6b875c83293d6943610c8d34bee7aa5276dc75

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 13 Nov 2022 22:52:14 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 80.255.10.205; 80.255.10.205; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 0b7cc09e-580e-48f8-9124-50bd5af52c82
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.walla.co.il
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
362 B 43ms
9ms XHR
application/json 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1668297600000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://www.walla.co.il
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

GET
H2 200 arj Show response
u.openx.net/w/1.0/ 73 B
378 B 52ms
19ms XHR
application/json 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.walla.co.il%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=57b06fea-ec9f-41e8-9a83-a055a07c5236%2C0a017521-207b-4527-a48f-a030c633c5c0%2Cf57c8080-4935-4a52-bc30-d61c9a416dcd%2Cb17c397f-f5f0-43a7-b809-8322c256a117&nocache=1668379934544&ph=699eab9c-3b10-4094-afdb-80584fcca830&schain=1.0%2C1!valuad.io%2C15113%2C1%2C%2C%2C&aus=120x600%2C160x600%7C300x250%7C300x250%7C300x250&divids=adSlot-2%2CadSlot-4%2CadSlot-5%2CadSlot-7&aucs=43010785%252Fwallanews%252Fmain%252Fskyscraper_desktop%2C43010785%252Fwallanews%252Fmain%252Fyad2_rectangle_desktop%2C43010785%252Fwallanews%252Fmain%252Fshopping_rectangle%2C43010785%252Fwallanews%252Fmain%252Fsport_small_rectangle_desktop&auid=544104782%2C544104782%2C544104782%2C544104782
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1668297600000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e39a35ba36590431b11fe5b265fd38bbf4b8406e2f900466525989b0cb1eeb84

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 22:52:14 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: application/json
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.walla.co.il
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 24 B
647 B 609ms
301ms XHR
application/json 63.251.14.14
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.29.3
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1668297600000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.14.14 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: e7474d805c8999969677513acd35da220330cf836dee6589a108ab793f27f266

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 13 Nov 2022 22:52:15 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://www.walla.co.il
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1sea1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 24

GET
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 2 KB
1 KB 139ms
99ms XHR
application/json 104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=715831&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22326824f03662e2f%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.walla.co.il%2F%22%2C%22ref%22%3A%22https%3A%2F%2Fwww.walla.co.il%2F%22%2C%22domain%22%3A%22walla.co.il%22%2C%22publisher%22%3A%7B%22domain%22%3A%22walla.co.il%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A5%2C%22msi%22%3A5%2C%22mfu%22%3A0%2C%22bu%22%3A4%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A4%2C%22ren%22%3Afalse%2C%22version%22%3A%226.29.3%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fwww.walla.co.il%2F%22%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22335336bee57f9d7%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A120%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22715831%22%2C%22sid%22%3A%22120x600%22%7D%7D%2C%7B%22w%22%3A160%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22715831%22%2C%22sid%22%3A%22160x600%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%2243010785%2Fwallanews%2Fmain%2Fskyscraper_desktop%22%2C%22gpid%22%3A%2243010785%2Fwallanews%2Fmain%2Fskyscraper_desktop%22%7D%7D%2C%7B%22id%22%3A%2235fc143dc40c49a%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22715831%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%2243010785%2Fwallanews%2Fmain%2Fyad2_rectangle_desktop%22%2C%22gpid%22%3A%2243010785%2Fwallanews%2Fmain%2Fyad2_rectangle_desktop%22%7D%7D%2C%7B%22id%22%3A%2236f0587682d1761%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22715831%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%2243010785%2Fwallanews%2Fmain%2Fshopping_rectangle%22%2C%22gpid%22%3A%2243010785%2Fwallanews%2Fmain%2Fshopping_rectangle%22%7D%7D%2C%7B%22id%22%3A%2237bae24b6d5c0c6%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22715831%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%2243010785%2Fwallanews%2Fmain%2Fsport_small_rectangle_desktop%22%2C%22gpid%22%3A%2243010785%2Fwallanews%2Fmain%2Fsport_small_rectangle_desktop%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22valuad.io%22%2C%22sid%22%3A%2215113%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1668297600000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c86d50b599f6bf1f47ad7ce6e2f61b7763914637c0d6af671e8c7567c6acf021

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 22:52:14 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KsAUtFV%2FgBTGzbbOjRizYp%2BbDwPrhBndO2nVN78mEj0UmG9WDqQKvdihT0E%2BtnWjaZZZQVD7MZLuJj5BkW7hfCeyhk72wLV0AfO1ri2tElJ6fd6uCPTQJvOG6FSEfvUrJy0Ytnhb"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.walla.co.il
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 769b139f3d949b3d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 0

POST
H2 200 v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ 22 KB
7 KB 181ms
136ms XHR
application/json 185.255.84.151
IGUANE-

General

Check archive.org

Show headers Download Go to

Full URL

https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.walla.co.il%2F&CanonicalUrl=https%3A%2F%2Fwww.walla.co.il%2F&PublisherDomain=walla.co.il

Requested by

Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1668297600000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.151 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

7ddd3c1eeaeb78cdc7c0792a53beff2545207dd79f81d24e8367f7062086ec23

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 22:52:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ayl-lb-fra02
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.walla.co.il
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 118
vary: Accept-Encoding
access-control-allow-headers: Accept-Encoding, Content-Type
expires: 0

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
507 B 226ms
196ms XHR
application/json 52.29.89.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=6.29.3&referrer=https%3A%2F%2Fwww.walla.co.il%2F&tmax=3000

Requested by

Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1668297600000

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.29.89.138 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 22:52:14 GMT
accept-ch: sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.walla.co.il
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 416 B
1 KB 183ms
83ms XHR
application/json 2602:803:c003:200::31
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=9&alt_size_ids=8&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.ref=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.page=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.domain=walla.co.il&tg_i.pbadslot=43010785%2Fwallanews%2Fmain%2Fskyscraper_desktop&tk_flint=pbjs_lite_v6.29.3&x_source.tid=57b06fea-ec9f-41e8-9a83-a055a07c5236&l_pb_bid_id=5147e924c730e11&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Fmain%2Fskyscraper_desktop&slots=1&rand=0.5124571543174523
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1668297600000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: e50a7da08d0e51b7ca7e62b13b6c4884966196573962f665c2ea983656bde53e

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 13 Nov 2022 22:52:14 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://www.walla.co.il
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 416
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 402 B
1 KB 183ms
82ms XHR
application/json 2602:803:c003:200::31
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=15&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.ref=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.page=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.domain=walla.co.il&tg_i.pbadslot=43010785%2Fwallanews%2Fmain%2Fyad2_rectangle_desktop&tk_flint=pbjs_lite_v6.29.3&x_source.tid=0a017521-207b-4527-a48f-a030c633c5c0&l_pb_bid_id=5212e3d8200bd18&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Fmain%2Fyad2_rectangle_desktop&slots=1&rand=0.8122406889540994
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1668297600000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: c79c7617776a773ed63b5b5e1b5b41caf9d7181be9afbfe2afa531587addb6a6

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 13 Nov 2022 22:52:14 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://www.walla.co.il
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 402
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 398 B
1 KB 203ms
102ms XHR
application/json 2602:803:c003:200::31
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=15&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.ref=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.page=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.domain=walla.co.il&tg_i.pbadslot=43010785%2Fwallanews%2Fmain%2Fshopping_rectangle&tk_flint=pbjs_lite_v6.29.3&x_source.tid=f57c8080-4935-4a52-bc30-d61c9a416dcd&l_pb_bid_id=531c336c927375e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Fmain%2Fshopping_rectangle&slots=1&rand=0.23330789403794627
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1668297600000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 1ba00324ae3050f7ba0132a6d2d328765858747680656c22c8ecbef4e108c874

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 13 Nov 2022 22:52:14 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://www.walla.co.il
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 398
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 409 B
1 KB 183ms
82ms XHR
application/json 2602:803:c003:200::31
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=15&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.ref=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.page=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.domain=walla.co.il&tg_i.pbadslot=43010785%2Fwallanews%2Fmain%2Fsport_small_rectangle_desktop&tk_flint=pbjs_lite_v6.29.3&x_source.tid=b17c397f-f5f0-43a7-b809-8322c256a117&l_pb_bid_id=5496e0fb306091d&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Fmain%2Fsport_small_rectangle_desktop&slots=1&rand=0.37047954393134486
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1668297600000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: eaf6472a06baf5a01164d22bbac6b00a83d21a070ecfe4d7c3c48c6acecf770b

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 13 Nov 2022 22:52:14 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://www.walla.co.il
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 409
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 prebid Show response
mp.4dex.io/ 114 B
449 B 64ms
33ms XHR
application/json 2606:4700:4400::ac40:983f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1668297600000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:983f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 924dbc13a71a3538cd09dce32a4567a2c6a6e4362675287b6c722991ff3c71fa

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 22:52:14 GMT
x-err: Shapings: no adunits with size and seat and mapping
x-version: 3.0.0-gcp-ams
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.walla.co.il
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 769b139f3fc69b74-FRA
expires: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
116 B 118ms
59ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1668297600000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.walla.co.il
date: Sun, 13 Nov 2022 22:52:13 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 hb-mm-multi Show response
hb.minutemedia-prebid.com/ 105 B
406 B 291ms
94ms XHR
application/json 54.152.232.29
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1668297600000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.152.232.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-152-232-29.compute-1.amazonaws.com
Software: /
Resource Hash: 3c60beca2ac8e2be334cbbec614ac174a027753b2b45ed4058d99325b6cfc0d7

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 13 Nov 2022 22:52:14 GMT
x-reason: maxmind anonymous
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.walla.co.il
content-type: application/json
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length: 105

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
337 B 133ms
22ms XHR
application/json 185.86.137.32
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1668297600000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 22:52:14 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.walla.co.il
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
557 B 194ms
84ms XHR
application/json 185.86.137.32
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1668297600000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 22:52:14 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.walla.co.il
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
337 B 131ms
21ms XHR
application/json 185.86.137.32
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1668297600000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 22:52:14 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.walla.co.il
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 10 KB
6 KB 162ms
134ms XHR
application/json 185.89.210.141
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1668297600000

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

5c0ad5d7c205315900700ec913fd9a6d8b5509766b9a0f3f825d2035b5eefefe

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 13 Nov 2022 22:52:14 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 80.255.10.205; 80.255.10.205; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 46bf93d9-de6c-490a-9b18-8f20537976e8
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.walla.co.il
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
557 B 203ms
95ms XHR
application/json 185.86.137.32
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1668297600000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 22:52:13 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.walla.co.il
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
562 B 200ms
93ms XHR
application/json 185.86.137.32
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1668297600000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 22:52:14 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.walla.co.il
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
557 B 189ms
83ms XHR
application/json 185.86.137.32
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1668297600000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 22:52:14 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.walla.co.il
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
557 B 227ms
97ms XHR
application/json 185.86.137.32
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1668297600000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 22:52:13 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.walla.co.il
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 200 cdb Show response
bidder.criteo.com/ 18 B
313 B 73ms
26ms XHR
application/json 2a02:2638:1::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.29.3&cb=94669599421

Requested by

Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1668297600000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 13 Nov 2022 22:52:13 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.walla.co.il
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 83ms
19ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.walla.co.il

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js?cb=31070836

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 22:52:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 54ms
17ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.walla.co.il

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js?cb=31070836

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 22:52:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 60 KB
15 KB 461ms
460ms XHR
text/plain 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1973268937009361&correlator=1639077064793852&eid=31070836%2C44761478%2C44777900&output=ldjh&gdfp_req=1&vrg=2022110801&ptt=17&impl=fifs&iu_parts=43010785%2Cwallanews%2Cmain%2Cnickbar_desktop%2Ctop_desktop%2Cpremium_rectangle1_desktop%2Cdontmiss_strip_desktop%2Crm1_desktop%2Crm2_desktop%2Crm3_desktop%2Crm4_desktop%2Crm5_desktop%2Crm6_desktop%2Crm7_desktop%2Crm8_desktop%2Crm9_desktop%2Crm10_desktop%2Crm11_desktop%2Crm12_desktop&enc_prev_ius=0%2F1%2F2%2F3%2C0%2F1%2F2%2F4%2C0%2F1%2F2%2F5%2C0%2F1%2F2%2F6%2C0%2F1%2F2%2F7%2C0%2F1%2F2%2F8%2C0%2F1%2F2%2F9%2C0%2F1%2F2%2F10%2C0%2F1%2F2%2F11%2C0%2F1%2F2%2F12%2C0%2F1%2F2%2F13%2C0%2F1%2F2%2F14%2C0%2F1%2F2%2F15%2C0%2F1%2F2%2F16%2C0%2F1%2F2%2F17%2C0%2F1%2F2%2F18&prev_iu_szs=1200x40%2C1x1%7C480x1%7C480x270%7C640x753%7C640x1%7C770x430%7C728x90%7C720x300%7C970x2%7C970x1%7C970x90%7C970x130%7C970x180%7C970x250%7C970x330%7C970x350%7C970x550%7C990x160%7C1200x1%7C1200x90%7C1200x250%7C1200x330%7C1200x350%7C1200x550%2C300x200%2C320x50%7C865x190%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1&fluid=0%2C0%2C0%2Cheight%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ifi=1&adks=1750305995%2C885339185%2C2822717126%2C3185403617%2C581680297%2C3350566118%2C627877340%2C4035892786%2C2413266993%2C3423946703%2C941261747%2C3384287594%2C2655517678%2C199863102%2C41169729%2C2603141497&didk=1193244743~1193244742~1193245112~1193245117~1193245119~1193245118~2997460807~2997460804~2997460805~2997460802~2997460803~2997460800~2997460801~2997460814~2997460815~2997460812&sfv=1-0-39&ists=4095&prev_scp=slot_name%3Dnickbar_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Dtop_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Dpremium_rectangle1_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Ddontmiss_strip_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm1_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm2_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm3_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm4_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm5_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm6_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm7_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm8_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm9_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm10_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm11_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm12_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1&eri=1&cust_params=permutive%3D&sc=1&cookie_enabled=1&abxe=1&dt=1668379934598&lmt=1668379934&dlt=1668379932540&idt=188&adxs=200%2C920%2C200%2C535%2C800%2C800%2C800%2C800%2C800%2C800%2C800%2C800%2C800%2C800%2C800%2C800&adys=1200%2C20%2C874%2C2471%2C10690%2C10690%2C10690%2C10690%2C10690%2C10690%2C10690%2C10690%2C10690%2C10690%2C10690%2C10690&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1%7C0%7C0%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7C10%7C11%7C12%7C13%7C14&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf%7Cg&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.walla.co.il%2F&frm=20&vis=1&psz=0x-1%7C1200x0%7C300x0%7C865x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0&msz=1200x-1%7C480x0%7C300x0%7C865x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0&fws=644%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132&ohw=0%2C1200%2C300%2C865%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600&ga_vid=365311471.1668379934&ga_sid=1668379935&ga_hid=1397925997&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js?cb=31070836

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fea2bfcf09eb19511e76c6905da2f9eb75971352743e7ee3b9c00988678e43cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 22:52:15 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14903
x-xss-protection: 0
google-lineitem-id: -2,-1,-1,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-1,-1,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.walla.co.il
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/safeframe/1-0-39/html/ Frame C5CE 6 KB
3 KB 69ms
15ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js?cb=31070836

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 2988
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 13 Nov 2022 22:52:14 GMT
expires: Mon, 13 Nov 2023 22:52:14 GMT
last-modified: Tue, 25 Oct 2022 18:59:17 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 decode_consent.js Show response
static.smilewanted.com/js/decode_consent/ 48 KB
12 KB 31ms
22ms Script
application/javascript 104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.smilewanted.com/js/decode_consent/decode_consent.js

Requested by

Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.68.131 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 22:52:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 281791
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Thu, 15 Apr 2021 17:11:55 GMT
server: cloudflare
etag: W/"607873db-c1ce"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 769b139fa8f492b4-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 adagio.js Show response
script.4dex.io/ 74 KB
23 KB 40ms
18ms Fetch
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 22:52:14 GMT
x-amz-version-id: 1666365881812584
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: txed51dfd210c74c41b63f8-006352b9ed
age: 2014000
x-amz-id-2: txed51dfd210c74c41b63f8-006352b9ed
last-modified: Fri, 21 Oct 2022 15:24:42 GMT
server: cloudflare
etag: W/"c56b6332dacf72f135afcd153ae22448"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bWLYXSxqVhjSbHREBceQwX9uo51CSKWCABlu1b%2BBgwTEyFc4s4CylLByFcklEjWcNZpyQ7UfEhhab0TwLE2YZxG8M3%2Bl9ZgV6U8teLp0LpzfzjkVmxUx7hbuKvBzQTZ%2Fd790pmMrjqBxmUgD"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=1800
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 769b139fba5b903d-FRA
access-control-allow-headers: Authorization

GET
H2 200 drop_cookie_sw.php Show response
csync.smilewanted.com/ Frame 750F 0
337 B 35ms
31ms Document
text/html 104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/drop_cookie_sw.php
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 769b139fe97492b4-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 13 Nov 2022 22:52:14 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2

200

94b2f7f0d1ed9d1c82d85eabfe3cf3ec Show response
csync.smilewanted.com/set_partner_userid_get/freewheel/ Frame 3511
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
https://csync.smilewanted.com/set_partner_userid_get/freewheel/94b2f7f0d1ed9d1c82d85eabfe3cf3ec?gdpr_consent=&gdpr=0

0
452 B

31ms
31ms

Document
text/html

104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/freewheel/94b2f7f0d1ed9d1c82d85eabfe3cf3ec?gdpr_consent=&gdpr=0
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 769b13a1bcc292b4-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 13 Nov 2022 22:52:15 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
Date: Sun, 13 Nov 2022 22:52:14 GMT
Expires: Sun, 13 Nov 2022 22:52:14 GMT
Location: https://csync.smilewanted.com/set_partner_userid_get/freewheel/94b2f7f0d1ed9d1c82d85eabfe3cf3ec?gdpr_consent=&gdpr=0
Pragma: no-cache
Server: nginx
x-sticky-vk: 1668379934936017-517

GET
H2 204 v1
match.sharethrough.com/universal/ Frame FB72 0
0 44ms
8ms Document
text/plain 3.122.48.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.122.48.34 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-48-34.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

date: Sun, 13 Nov 2022 22:52:14 GMT

GET
H2

200

Jsxj7W0eTQ1MjfxOU1NK Show response
csync.smilewanted.com/set_partner_userid_get/rtbhouse/ Frame AD7B
Redirect Chain

https://creativecdn.com/cm-notify?pi=smilewanted
https://creativecdn.com/cm-notify?pi=smilewanted&tc=1
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/Jsxj7W0eTQ1MjfxOU1NK?pi=smilewanted&tc=1

0
387 B

26ms
26ms

Document
text/html

104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/Jsxj7W0eTQ1MjfxOU1NK?pi=smilewanted&tc=1
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 769b13a0eb8892b4-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 13 Nov 2022 22:52:14 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
date: Sun, 13 Nov 2022 22:52:14 GMT Sun, 13 Nov 2022 22:52:14 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/Jsxj7W0eTQ1MjfxOU1NK?pi=smilewanted&tc=1
pragma: no-cache

GET
H/1.1

200
OK

setuid Show response
ib.adnxs.com/prebid/ Frame C323
Redirect Chain

https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%...
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=71f50e5fc66713a52716e1e4731ef6bc

43 B
1 KB

27ms
27ms

Document
image/gif

185.89.210.141
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=71f50e5fc66713a52716e1e4731ef6bc

Requested by

Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

186.62.91.34.bc.googleusercontent.com

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

AN-X-Request-Uuid: 9702daa0-905b-47c0-94d4-815f6ae00d08
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Sun, 13 Nov 2022 22:52:14 GMT
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma: no-cache
Server: nginx/1.21.3
X-Proxy-Origin: 80.255.10.205; 80.255.10.205; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 769b13a0db6b92b4-FRA
content-type: text/html; charset=UTF-8
date: Sun, 13 Nov 2022 22:52:14 GMT
location: https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=71f50e5fc66713a52716e1e4731ef6bc
server: cloudflare

GET
H2 200 connectmyusers.php Show response
cdn.connectad.io/ Frame 610D 1 KB
824 B 61ms
32ms Document
text/html 2606:4700:10::6816:36ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 769b13a15ad791dd-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 13 Nov 2022 22:52:14 GMT
server: cloudflare

GET
H/1.1

200
OK

getuid Show response
sync.smartadserver.com/ Frame 36CD
Redirect Chain

https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]
https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1

0
75 B

21ms
20ms

Document
text/plain

185.86.137.131
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.131 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
date: Sun, 13 Nov 2022 22:52:14 GMT

Redirect headers

cache-control: no-cache,no-store
content-length: 0
date: Sun, 13 Nov 2022 22:52:14 GMT
location: https://sync.smartadserver.com:443/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
pragma: no-cache

GET
H2 204 1
sync-eu.connectad.io/syncer/ Frame C50C 0
0 41ms
32ms Document
text/plain 2606:4700:10::6816:36ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by: Host: cdn.connectad.io
URL: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://cdn.connectad.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 769b13a1ab3491dd-FRA
date: Sun, 13 Nov 2022 22:52:15 GMT
server: cloudflare
via: 1.1 google

GET
H2

200

6c66fe50-aaf9-4255-8c28-9847464f3b67&partner_id=1010 Show response
csync.smilewanted.com/set_partner_userid_get/improve/ Frame 80DC
Redirect Chain

https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010
https://ice.360yield.com/ul_cb/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/%7BPUB_USER_ID%7D&partner_id=1010
https://csync.smilewanted.com/set_partner_userid_get/improve/6c66fe50-aaf9-4255-8c28-9847464f3b67&partner_id=1010

0
690 B

26ms
26ms

Document
text/html

104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/improve/6c66fe50-aaf9-4255-8c28-9847464f3b67&partner_id=1010
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 769b13a2beb092b4-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 13 Nov 2022 22:52:15 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

access-control-allow-origin: *
content-length: 0
content-type: text/plain
date: Sun, 13 Nov 2022 22:52:15 GMT
location: https://csync.smilewanted.com/set_partner_userid_get/improve/6c66fe50-aaf9-4255-8c28-9847464f3b67&partner_id=1010
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 434F 0
0 135ms
10ms Document
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache,no-store,must-revalidate
Content-Type: image/gif
Expires: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
X-RPHost: 704c1e4d3fcc922a3031d436b584678b

GET
H3 200 container.html Show response
9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/safeframe/1-0-39/html/ Frame 3BAF 6 KB
3 KB 28ms
9ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js?cb=31070836

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 2988
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 13 Nov 2022 22:52:14 GMT
expires: Mon, 13 Nov 2023 22:52:14 GMT
last-modified: Tue, 25 Oct 2022 18:59:17 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/safeframe/1-0-39/html/ Frame ADA0 6 KB
3 KB 26ms
10ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js?cb=31070836

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 2988
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 13 Nov 2022 22:52:14 GMT
expires: Mon, 13 Nov 2023 22:52:14 GMT
last-modified: Tue, 25 Oct 2022 18:59:17 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame C92F 15 KB
6 KB 8ms
7ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=25906
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Sun, 13 Nov 2022 22:52:15 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Mon, 14 Nov 2022 06:04:01 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
unused62: 8096267
vary: Accept-Encoding

GET
H2

200

Y3F1H90V5uXLOufgSEsR6AAA%265180 Show response
csync.smilewanted.com/set_partner_userid_get/indexexchange/ Frame 9B99
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=193216&cb=https://csync.smilewanted.com/set_partner_userid_get/indexexchange/
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Findexexchange%2F&s=193216&C=1
https://csync.smilewanted.com/set_partner_userid_get/indexexchange/Y3F1H90V5uXLOufgSEsR6AAA%265180

0
563 B

30ms
26ms

Document
text/html

104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/indexexchange/Y3F1H90V5uXLOufgSEsR6AAA%265180
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 769b13a388e592b4-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 13 Nov 2022 22:52:15 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 769b13a35a5f900a-FRA
content-length: 0
date: Sun, 13 Nov 2022 22:52:15 GMT
expires: 0
location: https://csync.smilewanted.com/set_partner_userid_get/indexexchange/Y3F1H90V5uXLOufgSEsR6AAA%265180
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=enQ8RDwMiYTc%2F6aElSC8ef0zMAtnUptkoHTE%2FZgRDDJVo3mdlVXpOjxZwMqw3SKOW56cWD%2FZyzK%2Fi06NZOo%2Fr2K4UF09HbnE9Cq%2BqkZeQZyrbntInBxEgYAifJ64GkMTsDJk22fejBHlHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

OPTIONS
H3 200 analytics
hb-dot-valuad.appspot.com/ Frame 0
0 124ms
107ms Preflight
text/html 2a00:1450:4001:828::2014
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://hb-dot-valuad.appspot.com/analytics?d=pubsub
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-request-id,x-vad-version
Access-Control-Request-Method: POST
Origin: https://www.walla.co.il
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-request-id,x-vad-version
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin: https://www.walla.co.il
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Sun, 13 Nov 2022 22:52:15 GMT
server: Google Frontend
x-cloud-trace-context: d6447e0a5bfcd395763c85af846a2f52
x-request-id: undefined

POST
H3 200 analytics Show response
hb-dot-valuad.appspot.com/ 16 B
35 B 140ms
140ms Fetch
application/json 2a00:1450:4001:828::2014
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://hb-dot-valuad.appspot.com/analytics?d=pubsub
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1668297600000
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Content-Type: application/json
Accept: application/json
Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
x-request-id: f1d3217a-0dd6-4e4e-93d9-979eadd7a37b
x-vad-version: 0.9.11

Response headers

date: Sun, 13 Nov 2022 22:52:15 GMT
server: Google Frontend
etag: W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.walla.co.il
x-cloud-trace-context: ff8dbfd476ba70e5ab3ef02ea82d5cd0
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16
x-request-id: undefined

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 45ms
21ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.walla.co.il

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js?cb=31070836

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 22:52:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 44ms
20ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.walla.co.il

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js?cb=31070836

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 22:52:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 286 KB
60 KB 493ms
493ms XHR
text/plain 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1973268937009361&correlator=2602799423270630&eid=31070836%2C44761478%2C44777900&output=ldjh&gdfp_req=1&vrg=2022110801&ptt=17&impl=fifs&iu_parts=43010785%2Cwallanews%2Cmain%2Cskyscraper_desktop%2Cyad2_rectangle_desktop%2Cshopping_rectangle%2Csport_small_rectangle_desktop&enc_prev_ius=0%2F1%2F2%2F3%2C0%2F1%2F2%2F4%2C0%2F1%2F2%2F5%2C0%2F1%2F2%2F6&prev_iu_szs=120x600%7C160x600%2C320x50%7C300x400%2C320x50%7C300x250%7C300x260%2C320x50%7C300x250&fluid=0%2Cheight%2Cheight%2Cheight&ifi=17&adks=2273020712%2C1194681899%2C1073900268%2C2033830821&didk=1193245113~1193245115~1193245114~1193245116&sfv=1-0-39&prev_scp=slot_name%3Dskyscraper_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%26vad_status%3Dtrue%26vad_pb%3D0.08%26vad_adid%3D95bcf06e467ff74%7Cslot_name%3Dyad2_rectangle_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%26vad_status%3Dtrue%26vad_pb%3D0.04%26vad_adid%3D97dff18466ea64f%7Cslot_name%3Dshopping_rectangle%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Dsport_small_rectangle_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%26vad_status%3Dtrue%26vad_pb%3D0.04%26vad_adid%3D94e9a8704e8b1c3&eri=1&cust_params=permutive%3D&sc=1&cookie=ID%3Df5ac536198d72633%3AT%3D1668379934%3AS%3DALNI_MZau5Nr_Gz9LozQFgn75apGGG6edg&gpic=UID%3D00000b80cd558976%3AT%3D1668379934%3ART%3D1668379934%3AS%3DALNI_MYMUO_x2lpClsLJYHii2x2IPJyzLw&abxe=1&dt=1668379935184&lmt=1668379935&dlt=1668379932540&idt=188&adxs=1480%2C200%2C200%2C200&adys=450%2C1528%2C1543%2C2260&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C15%7C16%7C17&ucis=h%7Ci%7Cj%7Ck&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.walla.co.il%2F&frm=20&vis=1&psz=0x0%7C300x0%7C300x0%7C300x0&msz=120x0%7C300x0%7C300x0%7C300x0&fws=132%2C132%2C132%2C132&ohw=0%2C300%2C300%2C300&psts=AMjMPc1XkJAHNXt9UNW-Mep-d7_V%2CAMjMPc1XkJAHNXt9UNW-Mep-d7_V%2CAMjMPc1XkJAHNXt9UNW-Mep-d7_V%2CAMjMPc1XkJAHNXt9UNW-Mep-d7_V%2CAMjMPc1XkJAHNXt9UNW-Mep-d7_V%2CAMjMPc1XkJAHNXt9UNW-Mep-d7_V%2CAMjMPc1XkJAHNXt9UNW-Mep-d7_V%2CAMjMPc1XkJAHNXt9UNW-Mep-d7_V%2CAMjMPc1XkJAHNXt9UNW-Mep-d7_V%2CAMjMPc1XkJAHNXt9UNW-Mep-d7_V%2CAMjMPc1XkJAHNXt9UNW-Mep-d7_V%2CAMjMPc1XkJAHNXt9UNW-Mep-d7_V%2CAMjMPc1XkJAHNXt9UNW-Mep-d7_V%2CAMjMPc1XkJAHNXt9UNW-Mep-d7_V&ga_vid=365311471.1668379934&ga_sid=1668379935&ga_hid=1397925997&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js?cb=31070836

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1823d702b3a26459370129291f3c702376c2759ce09ccbf0ceb43e531dd55dcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 22:52:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61669
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.walla.co.il
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame C92F 3 KB
3 KB 61ms
13ms Script
text/html 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=41690072&p=158810&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 002e908d4e393cae7ff67548f8fa7141dcbcb9f20fd1c911f414bec43ed5e3e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Sun, 13 Nov 2022 22:52:14 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 3BAF 0
0 53ms
52ms Fetch
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CQ4vWHnVxY_6QLcW89u8PkOeLiALJntKxXNWdkfdwwI23ARABIABglYKAgLgHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAkAxu9EQXLE-4AIAqAMBqgTtAU_QATp0zQnjBDWSqCZknBnJwfNMPaTkbapRMvEIQnwQ8vuxQZULcvAQZ7CONtR3JW5ppOv8ZsSurMG2fE5AQYOLVVDFx85GYB7wdlu34RLO5f9t8S9IxLKyQJCDPS_v-s58VWZz62tUY0lU7U-lfb1ScG6zXQjd9FR6xQHpL23cwhsr5iaNF-NZF6yBy2nHkop5p4T16468wlE_yJmRMS0NEXDHHKoHI7GfOJWf5GJEvqscIguPj6CVLDk2tN7RzwnDUzhPCCQREPyXr4Io1gYw7W8DgXqIj5cyQgVP2AC6NBH90E04PZsIIuf2feAEAYAGx83PmN-e7an5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNDQ5MTY1OTQ5NjM3MjE3Mhjx5hM&sigh=Da3rZ4BNX44&uach_m=[UACH]&cid=CAQSPADq26N9B5gaUusfFEWyp0NKz-568mgBIGr6I1185TKMOfG44Ol2EqcG42EVsUuXIMXFmpc5FKaOnYhioxgBIBM
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame 3BAF 0
0 135ms
19ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=k5CTFOv_CsoH-gGdg2ICAgAAALgRra17fPHzUwfGnGMh-yoQHXVxY4b8pXlL2-pl2IIPABIAAA&wp=Y3F1HgALSH4H_Z5FAALzkLVW9GGG_loKK3Pa_Q

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 22:52:15 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 223359
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 4385 143 KB
48 KB 140ms
84ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Y3F1HgALSH4H_Z5FAALzkLVW9GGG_loKK3Pa_Q&u=%7CregeZsrT5kpMWftWzyRTVlCUcW%2FOWD5FyocImaWt%2FCM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZerJzy_6TFTHF5JbF2F7hfY38jJn1Qy5iMK1mIqGg2gyOYxfSlLeapxQMx3vCmy9UzXbjvZAPE1qkFRSbU358h2fUj6WC-tqWUSrBiNBhg4LYk1sX_DTCtCFnS6_OHLCBC_SH4NtHtiAaPIUk8aoxo7XORJBIHAVpxl_aAZ8K_0osOqwROSvsPNrBQmtpNb72Th3Gm--MGiMIp2Cn-_qTlpulcCBaN0VgL-MXd1vhJ2qoBFBP0TQe7Qd5OrYfC1bYEH2RkrpDjmJZE0SIbjFwtbhJuBsqwyo7wrbCFW2P5U2aXYIVWt_rc7m2c2h662fMg-m9r3W0H_0dYKvePInDh8fpuTnGRdpwQwlMRg-K9P6UzunIA8PFg8iM42V-V5Uszy7yuqhwEck9hXdNKldSYhHG-_MLBp3xHKUW7qAxfslK6Gc7hNu0Fx51StHO41GZwZuIwtTnYJTp1Z4paGiFb4oN4Tai-_nRLvreCtxR9RucN2HrJNzC5PkjVdeyZ_OutB21WyMxomaGdddYnNz5LcRMLsctd9mzLzys8Py46Q8YKPkl-8r2aNI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6fVYHnVxY_6QLcW89u8PkOeLiALJntKxXNWdkfdwwI23ARABIABglYKAgLgHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAkAxu9EQXLE-4AIAqAMBqgTwAU_QATp0zQnjBDWSqCZknBnJwfNMPaTkbapRMvEIQnwQ8vuxQZULcvAQZ7CONtR3JW5ppOv8ZsSurMG2fE5AQYOLVVDFx85GYB7wdlu34RLO5f9t8S9IxLKyQJCDPS_v-s58VWZz62tUY0lU7U-lfb1ScG6zXQjd9FR6xQHpL23cwhsr5iaNF-NZF6yBy2nHkop5p4T16468wlE_yJmRMS0NEXDHHKoHI7GfOJWf5GJEvqscIguPj6CVLDk2tN7RzwnDUzhPCCRTEt0FKA20xbms-czTvNxwhoM49A9hwIIO_CxbIvImEYONiGPlwuIZOuAEAYAGx83PmN-e7an5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0UKW4TJ9vdwvyBTlxGV0ivn9NW0Q%26client%3Dca-pub-4491659496372172%26adurl%3D

Requested by

Host: 9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com
URL: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

babb8e5c0ea2ed96868c5e04d523fcf0f17d3372358812e8d323c0e2d337b15a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sun, 13 Nov 2022 22:52:14 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=y59SUf7IxGoJ1inC0U2hvaWgeOvJCDulbBEYQ4_30qadlYJD273fKYZxz6l1ThOZVBqDmno-r4IwvIKOC-Ha3qlqsC-FavH3qnWqaBRlz3S29P9XNzBCHh18SJQglRXBw9MMQ79djYMfI0WAs2-BTXk6bQbdmWAHSZEcQhgz88ELRDCI8l3G9ZBY0UqNog5kOYI9dbIkxmPOG7R2nvLgqmIj0SXc-zGQlNOF2v0frC92QmRNJ2ZslA-rw-2fLx9EKXxn5w"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 69602697
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/ Frame 3BAF 3 KB
1 KB 61ms
14ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/window_focus_fy2021.js

Requested by

Host: 9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com
URL: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 20:05:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9985
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Nov 2022 20:05:50 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 3D15 1 KB
1 KB 53ms
9ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com
URL: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 30875
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 13 Nov 2022 14:17:40 GMT
etag: 48472445140208031
expires: Mon, 14 Nov 2022 14:17:40 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/ Frame 3BAF 18 KB
8 KB 51ms
6ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com
URL: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f841e16a15c87fd62a9fd964cbe0f0a42e8c4a890a8b4f706729c0cc53054dc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 23:46:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83151
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7417
x-xss-protection: 0
server: cafe
etag: 18318620284716439044
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 26 Nov 2022 23:46:24 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-39/js/ Frame 3BAF 24 KB
8 KB 53ms
8ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-39/js/ext.js

Requested by

Host: 9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com
URL: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da46105f4725a67010ca5d8c9024ad7ff521a6186267e2822a551fb4cad0e079

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 17:14:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20236
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7370
x-xss-protection: 0
last-modified: Tue, 25 Oct 2022 18:59:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 13 Nov 2023 17:14:59 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3BAF 154 KB
47 KB 41ms
22ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com
URL: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 22:52:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 13 Nov 2022 22:52:15 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame ADA0 0
0 49ms
49ms Fetch
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CuLr0HnVxY_-QLcW89u8PkOeLiALJntKxXL2Ol_dwwI23ARABIABglYKAgLgHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAkAxu9EQXLE-4AIAqAMBqgT0AU_QqysSFN8_yfsPRpnxlysj8zPHBBfhVm-R5ntxhQDDsoOxeC28FPnsmefwdAhbDtFq5Cxh12HeSt3M5Llfui7iAfQ5B1XJMzLJPFlKfl4Tf8W2ajRudFGRRsaQ05qIrCgR6-KaxxKWj7o0xIPedB-aFzBV15Gs804rxcBv9gjYfaqJ1wqhXFiJBNADnDveqqaOhandZ_YFb8axC6BPhpNpS3n0QMch633QLOzheQh8k_Omi_9aA_SzOxIirt7SnVyScqC1vQKa38gqDUjrdcspKJhlvahOOChjWclMn23vB42UYBkICrxr6vPDTYv5in4I_IDgBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTQ0OTE2NTk0OTYzNzIxNzIY8eYT&sigh=_hNJbTEyPvw&uach_m=[UACH]&cid=CAQSPADq26N9B5gaUusfFEWyp0NKz-568mgBIGr6I1185TKMOfG44Ol2EqcG42EVsUuXIMXFmpc5FKaOnYhioxgBIBM
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame ADA0 0
0 129ms
19ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=k5CTFJPxG6wCyAGdg2ICAgAAAI9v_qchM8M6UwfGnGMh-yoQHnVxY9BqtrUbaPK_xUrnABIAAA&wp=Y3F1HgALSH8H_Z5FAALzkAXFPp--r5xdP4HeWQ

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 22:52:14 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 251424
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 21F2 133 KB
45 KB 161ms
108ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Y3F1HgALSH8H_Z5FAALzkAXFPp--r5xdP4HeWQ&u=%7CregeZsrT5ko3zSaPLzIEErG%2Bfxreeatvx7jo7GsE4oc%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANXgOnAcNIJzBemkLk1nCYi0Ecdkmnmq4OdcX5tPMc1nU05fJtZRrIy_waR603vy4sEn2hsRaFUIfPwgfSzzUsXpzifFgyLlpEOvxx7TMqhy-QS_28sxbEy8W_H6XCQaw472sHJsliUr5W1cex371pl2nZc726_K8b2AuHQZ7FLkICdSU0lsg5gEbv--H8FTHByHP4qUq1zUNlhdD_f-rutoX8PuILguWFtEsnftuGyOO4TMtNOwUGj_q3KdLDm2wjjFkXA6505pIx609hn7y761q9QZC-jW2_p5T5dyEyomRmxJNZZCxpvg5uXLCQvjKLjfd9aJUayapl4Dm9tmrG5U8fflYGfhXpngm52wAo0kDggf1eAaiXRUjGxvmIiR0CQ2-OdobYi3OHx2xyDSRNvCpFBNDfRbk2G6DfMZdWbIC-FmRwDvmovmOzcmBdXTft73EJNHztRKcnAJQmyyJVEvevZnAx1pU4_jYhNT1JUMZUmVOWw-mqgdJb40qzmcSaC23HouQEy1bm_R_NrBOIyvMjAtXGgGrMue8wXtleiGVIRfki8arM_k&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzXJCHnVxY_-QLcW89u8PkOeLiALJntKxXL2Ol_dwwI23ARABIABglYKAgLgHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAkAxu9EQXLE-4AIAqAMBqgT3AU_QqysSFN8_yfsPRpnxlysj8zPHBBfhVm-R5ntxhQDDsoOxeC28FPnsmefwdAhbDtFq5Cxh12HeSt3M5Llfui7iAfQ5B1XJMzLJPFlKfl4Tf8W2ajRudFGRRsaQ05qIrCgR6-KaxxKWj7o0xIPedB-aFzBV15Gs804rxcBv9gjYfaqJ1wqhXFiJBNADnDveqqaOhandZ_YFb8axC6BPhpNpS3n0QMch633QLOzheQh8k_Omi_9aA_SzOxIirt7SnVyScqC1vQKa38gqDUjrN8kIuh_qIbvxpDzAifTqZ2T7DTueTgGKvnRWTAF8U6fhD9SM7z-M2b_gBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3pAA3KDbw5qTP0Fl8im2ng1o0AQw%26client%3Dca-pub-4491659496372172%26adurl%3D

Requested by

Host: 9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com
URL: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e6fe2332d07fc694894b13a9672ffbbf2e49cf6f6692f687ce0b038fec1f910e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sun, 13 Nov 2022 22:52:14 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=32OmF_7IxGoJ1inCKEVNA5OfjKWjkG8eIsBvXkG8pFGXImzgiCL9U804pXZTJ-yQa57RrrdC4XnFOLzJ3tnRD7v4DBioxgQxRGgFSukRf968zVpUyE8S6LhV8H3BahCfbadDnLoXPWAV2g1djaza1h6i0TnSPJ16yDdT2m9XsNfOwxmsEt6urwkBvFf8j6aq8DnLvQKMG70DyaKRv0USETlMh93iuHJCJBX8gAytEzcBUOmmJZ3Z6RIRs_4DcMFl38SqAQ"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 72659976
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/ Frame ADA0 3 KB
1 KB 57ms
15ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/window_focus_fy2021.js

Requested by

Host: 9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com
URL: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 20:05:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9985
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Nov 2022 20:05:50 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 77A6 1 KB
677 B 49ms
9ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com
URL: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 30875
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 13 Nov 2022 14:17:40 GMT
etag: 48472445140208031
expires: Mon, 14 Nov 2022 14:17:40 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/ Frame ADA0 18 KB
7 KB 53ms
13ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com
URL: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f841e16a15c87fd62a9fd964cbe0f0a42e8c4a890a8b4f706729c0cc53054dc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 23:46:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83151
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7417
x-xss-protection: 0
server: cafe
etag: 18318620284716439044
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 26 Nov 2022 23:46:24 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-39/js/ Frame ADA0 24 KB
7 KB 54ms
14ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-39/js/ext.js

Requested by

Host: 9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com
URL: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da46105f4725a67010ca5d8c9024ad7ff521a6186267e2822a551fb4cad0e079

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 17:14:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20236
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7370
x-xss-protection: 0
last-modified: Tue, 25 Oct 2022 18:59:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 13 Nov 2023 17:14:59 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame ADA0 154 KB
47 KB 41ms
26ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com
URL: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 22:52:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 13 Nov 2022 22:52:15 GMT

GET
H2

200

match Show response
c1.adform.net/serving/cookie/ Frame 4B47
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&cid=E38BD62B-5B53-45AF-9D2C-894F68FDDC16&gdpr=0&gdpr_consent=
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=E38BD62B-5B53-45AF-9D2C-894F68FDDC16&gdpr=0&gdpr_consent=

35 B
468 B

27ms
27ms

Document
image/gif

37.157.5.142
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=E38BD62B-5B53-45AF-9D2C-894F68FDDC16&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
date: Sun, 13 Nov 2022 22:52:15 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 0
date: Sun, 13 Nov 2022 22:52:15 GMT
expires: -1
location: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=E38BD62B-5B53-45AF-9D2C-894F68FDDC16&gdpr=0&gdpr_consent=
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 25F0
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:5f586371-751f-4700-b071-b7376e7f8aae&gdpr=0&gdpr_consent=

42 B
555 B

57ms
13ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:5f586371-751f-4700-b071-b7376e7f8aae&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sun, 13 Nov 2022 22:52:14 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Content-Type: image/gif
Date: Sun, 13 Nov 2022 22:52:15 GMT
Expires: Sun, 13 Nov 2022 22:52:14 GMT
Keep-Alive: timeout=360
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 4629 97bee97 master zrh-pixel-x24 config:1.0.0
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:5f586371-751f-4700-b071-b7376e7f8aae&gdpr=0&gdpr_consent=

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 04D1
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3573948873620605900

42 B
195 B

14ms
13ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3573948873620605900
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sun, 13 Nov 2022 22:52:14 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3573948873620605900
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame 5DEB 43 B
363 B 62ms
16ms Document
image/gif 178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-type: image/gif
cross-origin-resource-policy: cross-origin
date: Sun, 13 Nov 2022 22:52:14 GMT
expires: Sun, 13 Nov 2022 00:00:00 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 609490
strict-transport-security: max-age=31536000; preload;
x-errorlevel: 0

GET
H/1.1

200
OK

dcm Show response
aax-eu.amazon-adsystem.com/s/ Frame 6D9E
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=E38BD62B-5B53-45AF-9D2C-894F68FDDC16&redir=true&gdpr=0&gdpr_consent=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=E38BD62B-5B53-45AF-9D2C-894F68FDDC16&redir=true&gdpr=0&gdpr_consent=&dcc=t

43 B
855 B

192ms
191ms

Document
image/gif

67.220.228.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=E38BD62B-5B53-45AF-9D2C-894F68FDDC16&redir=true&gdpr=0&gdpr_consent=&dcc=t

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

67.220.228.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Sun, 13 Nov 2022 22:52:15 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 41SMVC4GHAV6Q636P8WH

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Sun, 13 Nov 2022 22:52:15 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=E38BD62B-5B53-45AF-9D2C-894F68FDDC16&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: N5WWQBJYJ65QHPGJZ2VY

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 2B51
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=9042649650226842289&gdpr=0&gdpr_consent=

42 B
446 B

66ms
14ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=9042649650226842289&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sun, 13 Nov 2022 22:52:14 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

AN-X-Request-Uuid: a8bb231a-7675-4884-a14d-26976c45291c
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Sun, 13 Nov 2022 22:52:15 GMT
Expires: Sat, 15 Nov 2008 16:00:00 GMT
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=9042649650226842289&gdpr=0&gdpr_consent=
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma: no-cache
Server: nginx/1.21.3
X-Proxy-Origin: 80.255.10.205; 80.255.10.205; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0

GET
H2 200 E38BD62B-5B53-45AF-9D2C-894F68FDDC16 Show response
csync.smilewanted.com/set_partner_userid_get/pubmatic/ Frame 1B0F 0
560 B 34ms
25ms Document
text/html 104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/pubmatic/E38BD62B-5B53-45AF-9D2C-894F68FDDC16
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 769b13a388e092b4-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 13 Nov 2022 22:52:15 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C92F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=44vWK1tTRa-dLIlPaP3cFg%3D%3D&gdpr=0&gdpr_consent=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

15 KB
15 KB

9ms
8ms

Image
text/html

23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol: H2
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

unused62: 8096267
date: Sun, 13 Nov 2022 22:52:15 GMT
content-encoding: gzip
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
server: Apache
etag: "1300708-3de4-5d6ef246ef4cf"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type: text/html; charset=UTF-8
cache-control: max-age=25906
accept-ranges: bytes
content-length: 5549
expires: Mon, 14 Nov 2022 06:04:01 GMT

Redirect headers

pragma: no-cache
date: Sun, 13 Nov 2022 22:52:15 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame C92F
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=dd186371-7520-4900-bc44-d252a733e65b

0
260 B

78ms
19ms

Image
text/plain

185.64.190.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=dd186371-7520-4900-bc44-d252a733e65b
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol: H2
Server: 185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 22:52:15 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Sun, 13 Nov 2022 22:52:15 GMT
Server: MT3 4629 97bee97 master zrh-pixel-x7 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=dd186371-7520-4900-bc44-d252a733e65b
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 13 Nov 2022 22:52:14 GMT

GET
H2

404

gdpr_consent=
sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=b5caa1cfaef14769/gdpr=0/ Frame C92F
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=E38BD62B-5B53-45AF-9D2C-894F68FDDC16&gdpr=0&gdpr_consent=
https://c1.adform.net/serving/cookie/match?party=1242&redirect=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D68%26icm%26cver%26mapped%3D__ADFUID__%26gdpr%3D0
https://pixel.onaudience.com/?partner=68&icm&cver&mapped=9079230091351378520&gdpr=0
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=b5caa1cfaef14769/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...

49 B
266 B

106ms
31ms

Image
image/gif

3.248.128.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=b5caa1cfaef14769/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol: H2
Server: 3.248.128.187 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-248-128-187.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 22:52:15 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.12.102
content-length: 49
expires: 0

Redirect headers

location: https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=b5caa1cfaef14769/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D
content-length: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame C92F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RTM4QkQ2MkItNUI1My00NUFGLTlEMkMtODk0RjY4RkREQzE2&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
95 B

15ms
13ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sun, 13 Nov 2022 22:52:14 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sun, 13 Nov 2022 22:52:15 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame C92F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJ7NUzoCxN9TuYNZ5WxRHmg&google_cver=1

42 B
301 B

13ms
13ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJ7NUzoCxN9TuYNZ5WxRHmg&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sun, 13 Nov 2022 22:52:14 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sun, 13 Nov 2022 22:52:15 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJ7NUzoCxN9TuYNZ5WxRHmg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame C92F 43 B
610 B 66ms
17ms Image
image/gif 34.91.62.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 22:52:15 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Sat, 12 Nov 2022 22:52:15 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame C92F
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=9079230091351378520

42 B
218 B

13ms
13ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=9079230091351378520
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sun, 13 Nov 2022 22:52:14 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sun, 13 Nov 2022 22:52:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=9079230091351378520
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame C92F 70 B
265 B 117ms
35ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 13 Nov 2022 22:52:15 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
DATA 200
OK truncated
/ Frame 3BAF 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb9588e56e10d532987e61048412b7352d945b5d226ff370fe5003ab7e735941

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame 3D15 35 B
464 B 47ms
9ms Image
image/gif 2620:116:800d:21:7eb1:3826:be7e:d981
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEI4dIWqt9yXi1PP8OpdCnSg&google_cver=1&google_push=ASkJ3FZI5Wwiuv_-Uw2gpigySw6WbLLyZwtRY_WrIK7oZLDuxakx1FFPIAyac2OS-elY0I1bFOVLiz85fewNIDBVFSf61G95SL2-

Requested by

Host: 9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com
URL: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 22:52:15 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 3D15 0
104 B 103ms
24ms Image
text/plain 2a02:fa8:8806:12::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEN9UmsE98Xpsnp0w0GTdxMM&google_cver=1&google_push=ASkJ3FahpzsDqq1NfjMJOC6BsiRGS8VdEq-Pl4PJlW7Iw80uBH37vBpzBVEITasXcabiXtOqmp2i8D6KrDeRJ_Inf7ty_d-NiYcI3w
Requested by: Host: 9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com
URL: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 22:52:15 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3D15
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPYIXu9_-Ard5FHUxEeQwS0&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPYIXu9_-Ard5FHUxEeQwS0&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UHAyWG9uQ2ExT1VsUE41&google_gid=CAESEPYIXu9_-Ard5FHUxEeQwS0&google_cver=1&google_push=ASkJ3FZCZRPf2Xso8UQnYxJr86cjcjPCSZ5ZydJZUmPicB4...

170 B
188 B

18ms
18ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UHAyWG9uQ2ExT1VsUE41&google_gid=CAESEPYIXu9_-Ard5FHUxEeQwS0&google_cver=1&google_push=ASkJ3FZCZRPf2Xso8UQnYxJr86cjcjPCSZ5ZydJZUmPicB4jryV3dA9L0tm2-hNRwX9YIs2Q9TSdvqKYRyrz-_W211JPMUy9pQO2CA

Requested by

Host: 9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com
URL: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 22:52:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 13 Nov 2022 22:52:15 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/5502e06#5502e06d7dbe3c52c9a5559e1550ac262fba6e07 i-0cc766d172cabf844@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UHAyWG9uQ2ExT1VsUE41&google_gid=CAESEPYIXu9_-Ard5FHUxEeQwS0&google_cver=1&google_push=ASkJ3FZCZRPf2Xso8UQnYxJr86cjcjPCSZ5ZydJZUmPicB4jryV3dA9L0tm2-hNRwX9YIs2Q9TSdvqKYRyrz-_W211JPMUy9pQO2CA
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3D15
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEG3N7DsesKou4RjzgaRgreA&google_push=ASkJ3FZHX05Pm93x5bUEZ4_l_pEYWkc3_VDfMVVmrb8ayRyXbqfDn2b2iK...

170 B
188 B

20ms
19ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEG3N7DsesKou4RjzgaRgreA&google_push=ASkJ3FZHX05Pm93x5bUEZ4_l_pEYWkc3_VDfMVVmrb8ayRyXbqfDn2b2iKWsTkmHRunF3llnr-IPhRW2v393OTmCPexsi9WbzOBW

Requested by

Host: 9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com
URL: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 22:52:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-hhn4064-HHN
pragma: no-cache
date: Sun, 13 Nov 2022 22:52:15 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1668379935.418890,VS0,VE89
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEG3N7DsesKou4RjzgaRgreA&google_push=ASkJ3FZHX05Pm93x5bUEZ4_l_pEYWkc3_VDfMVVmrb8ayRyXbqfDn2b2iKWsTkmHRunF3llnr-IPhRW2v393OTmCPexsi9WbzOBW
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 3D15 0
191 B 93ms
21ms Image
text/plain 66.155.71.25
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEK5m17sqRqo4R3ViEjbT1WI&google_cver=1&google_push=ASkJ3Favlj9vUyT7KRcJEUZC8-Tmf0rTg1niY8y0wEgWu6RI6GaaB87zQf0gxVjHzwbT7_gsSaWyoXSNn3fblSkX_MDgLNEF5scFXw
Requested by: Host: 9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com
URL: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Sun, 13 Nov 2022 22:52:15 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3D15
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBfttD2qHBHItajdJw3CBVE&google_cver=1&google_push=ASkJ3Fae9ZUHHSRGQRd7VCXHWpMTJqwO5TXAXVCva9VjEfYOPw6x0EfVcsnvZS-dWLWPUwDivKy...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFGWUM0STAtSS1DQ1JZ&google_push=ASkJ3Fae9ZUHHSRGQRd7VCXHWpMTJqwO5TXAXVCva9VjEfYOPw6x0EfVcsnvZS-dWLWPUwDivKyvHB9xwnomtP5QDO4yIuMkbYYvIg

170 B
188 B

19ms
19ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFGWUM0STAtSS1DQ1JZ&google_push=ASkJ3Fae9ZUHHSRGQRd7VCXHWpMTJqwO5TXAXVCva9VjEfYOPw6x0EfVcsnvZS-dWLWPUwDivKyvHB9xwnomtP5QDO4yIuMkbYYvIg

Requested by

Host: 9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com
URL: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 22:52:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFGWUM0STAtSS1DQ1JZ&google_push=ASkJ3Fae9ZUHHSRGQRd7VCXHWpMTJqwO5TXAXVCva9VjEfYOPw6x0EfVcsnvZS-dWLWPUwDivKyvHB9xwnomtP5QDO4yIuMkbYYvIg
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3D15
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEI...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=ASkJ3FZJ98cRTiB2dntTaSyLc2pOHJJRd_Y1mhlOv9C0aWrvKgYMSkFXIP4tHs7RlFUFlJzpddxOUOLncrXyBpQ0rbL99ho6-rjwtQ&redir=https%3A%2F%2Fcm.g.dou...
https://sync.targeting.unrulymedia.com/csync/RX-bd82da4f-54b3-4868-a331-5cef20af8294-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DASkJ3FZJ98cRTiB2dntTaSyLc...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ASkJ3FZJ98cRTiB2dntTaSyLc2pOHJJRd_Y1mhlOv9C0aWrvKgYMSkFXIP4tHs7RlFUFlJzpddxOUOLncrXyBpQ0rbL99ho6-rjwtQ&google_hm=A72C2k9Us0hoozFc7yCvgpQ

170 B
188 B

18ms
18ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ASkJ3FZJ98cRTiB2dntTaSyLc2pOHJJRd_Y1mhlOv9C0aWrvKgYMSkFXIP4tHs7RlFUFlJzpddxOUOLncrXyBpQ0rbL99ho6-rjwtQ&google_hm=A72C2k9Us0hoozFc7yCvgpQ

Requested by

Host: 9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com
URL: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 22:52:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ASkJ3FZJ98cRTiB2dntTaSyLc2pOHJJRd_Y1mhlOv9C0aWrvKgYMSkFXIP4tHs7RlFUFlJzpddxOUOLncrXyBpQ0rbL99ho6-rjwtQ&google_hm=A72C2k9Us0hoozFc7yCvgpQ
date: Sun, 13 Nov 2022 22:52:15 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RXbd82da4f54b34868a3315cef20af8294003
content-type: text/html

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 3D15 0
12 B 35ms
17ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LZUxD0zH0_o3kdlhFp1voVTJX-KAInodhHnRff2huJdBh3JY8pL7qe84-PNsFhsnV5xygh

Requested by

Host: 9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com
URL: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 22:52:15 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 77A6 0
103 B 97ms
24ms Image
text/plain 2a02:fa8:8806:12::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEN9UmsE98Xpsnp0w0GTdxMM&google_cver=1&google_push=ASkJ3FZcUd-FoKT-uLpPw7D9Hgl19rM-2iDzSPC9IUHVYEi-FPV8NtPjYh0qhCFtNqVxjRDOpkN7RPb458SLZglCWhYLUvs7KuFQgA
Requested by: Host: 9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com
URL: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 22:52:15 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 77A6
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEG3N7DsesKou4RjzgaRgreA&google_push=ASkJ3FbPMlN3ZZDWS7dFutbd_8EXZ7VqbpDkLcd0jLmPktoaw1fhYXGYl3...

170 B
188 B

21ms
21ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEG3N7DsesKou4RjzgaRgreA&google_push=ASkJ3FbPMlN3ZZDWS7dFutbd_8EXZ7VqbpDkLcd0jLmPktoaw1fhYXGYl3WPOMDPUFQCLnrtJJIV4O__dWEdYpC78bWGOqBgDubMQA

Requested by

Host: 9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com
URL: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 22:52:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-hhn4064-HHN
pragma: no-cache
date: Sun, 13 Nov 2022 22:52:15 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1668379935.419024,VS0,VE89
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEG3N7DsesKou4RjzgaRgreA&google_push=ASkJ3FbPMlN3ZZDWS7dFutbd_8EXZ7VqbpDkLcd0jLmPktoaw1fhYXGYl3WPOMDPUFQCLnrtJJIV4O__dWEdYpC78bWGOqBgDubMQA
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 77A6 70 B
264 B 37ms
34ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEMsXX5sAchFnlW20GXwC4BA&google_cver=1&google_push=ASkJ3FZw-6J9Ek3q97Cigx0Y_GBE5OoxH3ivZiIE-td0De6iiVQn3STHv409wt8NYBZG5h4XvsJ1J3VMcP8_EhRqtJ5cP0XMXgtAog
Requested by: Host: 9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com
URL: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 13 Nov 2022 22:52:15 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 77A6
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=44vWK1tTRa-dLIlPaP3cFg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

18ms
18ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=44vWK1tTRa-dLIlPaP3cFg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3Fb2G5KEWyW-OXq0NxUQDMBBL1JdtBseaxnKuQFVrKps1GwX4sSUS9n4O1AfAPt69UvdALitnKHb3Sq6S1BVNega7ILe8Qeh

Requested by

Host: 9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com
URL: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 22:52:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=44vWK1tTRa-dLIlPaP3cFg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3Fb2G5KEWyW-OXq0NxUQDMBBL1JdtBseaxnKuQFVrKps1GwX4sSUS9n4O1AfAPt69UvdALitnKHb3Sq6S1BVNega7ILe8Qeh
date: Sun, 13 Nov 2022 22:52:14 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 77A6
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBfttD2qHBHItajdJw3CBVE&google_cver=1&google_push=ASkJ3FboaGm038WMNGNlgaHxtbELD91n9U7d12ujbWhXMPb9GjaNYy1RIpWqqHDEIb2LcnqWT2w...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFGWUM0STAtSS1DQ1JZ&google_push=ASkJ3FboaGm038WMNGNlgaHxtbELD91n9U7d12ujbWhXMPb9GjaNYy1RIpWqqHDEIb2LcnqWT2wT2nRepq1TVuRkTuGsT-03_mqh

170 B
188 B

18ms
18ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFGWUM0STAtSS1DQ1JZ&google_push=ASkJ3FboaGm038WMNGNlgaHxtbELD91n9U7d12ujbWhXMPb9GjaNYy1RIpWqqHDEIb2LcnqWT2wT2nRepq1TVuRkTuGsT-03_mqh

Requested by

Host: 9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com
URL: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 22:52:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFGWUM0STAtSS1DQ1JZ&google_push=ASkJ3FboaGm038WMNGNlgaHxtbELD91n9U7d12ujbWhXMPb9GjaNYy1RIpWqqHDEIb2LcnqWT2wT2nRepq1TVuRkTuGsT-03_mqh
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 77A6
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFNVtrt12G7OXtd3lwKdcJI&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFNVtrt12G7OXtd3lwKdcJI&google_hm=Y3F1H90V5uXLOufgSEsR6AAAFDwAAAAB&google_nid=index&google_push=ASkJ3Fb3wllw2f1fM6qeNscsGJCGoEWZ2YiPA...

170 B
188 B

20ms
19ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFNVtrt12G7OXtd3lwKdcJI&google_hm=Y3F1H90V5uXLOufgSEsR6AAAFDwAAAAB&google_nid=index&google_push=ASkJ3Fb3wllw2f1fM6qeNscsGJCGoEWZ2YiPAL9cbiOQzSV_zlqwE_RCPRevfgJ3Y3tgNDTGkr63xwYGo7GI9YDgyvgQc_BtXk37

Requested by

Host: 9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com
URL: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 22:52:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 13 Nov 2022 22:52:15 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=arNcFjqV0TP0NEtLfdndhx0cdFQfqIT9FgVa3XFhJ5ipizchohvNTpZKLgHYpqOjYmBA6fNmEGUrcQ94chpU6BrNzGrUta3q2b12LDyjZ8KuuLiLJKOaaUEN98%2BXacYdUHjeCOTKcwzV1A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFNVtrt12G7OXtd3lwKdcJI&google_hm=Y3F1H90V5uXLOufgSEsR6AAAFDwAAAAB&google_nid=index&google_push=ASkJ3Fb3wllw2f1fM6qeNscsGJCGoEWZ2YiPAL9cbiOQzSV_zlqwE_RCPRevfgJ3Y3tgNDTGkr63xwYGo7GI9YDgyvgQc_BtXk37
cache-control: no-cache
cf-ray: 769b13a41b3c900a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 77A6
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEBDfS_o8r--efTeHc4yeJBw&google_cver=1&google_push=ASkJ3FYyimw36bt6P4whse8XLe5lJdr81b711oKtWnrnma7jESkh8nWbJHYTMHlH1LhLeoNckf...
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEBDfS_o8r--efTeHc4yeJBw&google_cver=1&google_push=ASkJ3FYyimw36bt6P4whse8XLe5lJdr81b711oKtWnrnma7jESkh8nWbJHYTMHlH1LhLeoNckf...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1hRF9pSmtwRTJ1R19NeWFQdGlOM2tkd3NmNXVCSE9lMH5B&google_push=ASkJ3FYyimw36bt6P4whse8XLe5lJdr81b711oKtWnrnma7jESkh8nWbJ...

170 B
188 B

20ms
20ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1hRF9pSmtwRTJ1R19NeWFQdGlOM2tkd3NmNXVCSE9lMH5B&google_push=ASkJ3FYyimw36bt6P4whse8XLe5lJdr81b711oKtWnrnma7jESkh8nWbJHYTMHlH1LhLeoNckfgCFkcVX7NxSrxjNwfz5kM0s5u31A

Requested by

Host: 9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com
URL: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 22:52:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1hRF9pSmtwRTJ1R19NeWFQdGlOM2tkd3NmNXVCSE9lMH5B&google_push=ASkJ3FYyimw36bt6P4whse8XLe5lJdr81b711oKtWnrnma7jESkh8nWbJHYTMHlH1LhLeoNckfgCFkcVX7NxSrxjNwfz5kM0s5u31A
date: Sun, 13 Nov 2022 22:52:15 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 77A6 0
12 B 26ms
15ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LgAzCt96SitvpPvbY1y7fzcs6Jep3Fnvl4w90jrNuYff3_49i_cUhUNXkFmSI_wC7iM-8qsQ

Requested by

Host: 9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com
URL: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 22:52:15 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame ADA0 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d726b83bfad9726abc08408a70f18abcb84f508c4aa14f8d19747b4ee0fabebc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 4385 2 KB
1 KB 77ms
16ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y3F1HgALSH4H_Z5FAALzkLVW9GGG_loKK3Pa_Q&u=%7CregeZsrT5kpMWftWzyRTVlCUcW%2FOWD5FyocImaWt%2FCM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZerJzy_6TFTHF5JbF2F7hfY38jJn1Qy5iMK1mIqGg2gyOYxfSlLeapxQMx3vCmy9UzXbjvZAPE1qkFRSbU358h2fUj6WC-tqWUSrBiNBhg4LYk1sX_DTCtCFnS6_OHLCBC_SH4NtHtiAaPIUk8aoxo7XORJBIHAVpxl_aAZ8K_0osOqwROSvsPNrBQmtpNb72Th3Gm--MGiMIp2Cn-_qTlpulcCBaN0VgL-MXd1vhJ2qoBFBP0TQe7Qd5OrYfC1bYEH2RkrpDjmJZE0SIbjFwtbhJuBsqwyo7wrbCFW2P5U2aXYIVWt_rc7m2c2h662fMg-m9r3W0H_0dYKvePInDh8fpuTnGRdpwQwlMRg-K9P6UzunIA8PFg8iM42V-V5Uszy7yuqhwEck9hXdNKldSYhHG-_MLBp3xHKUW7qAxfslK6Gc7hNu0Fx51StHO41GZwZuIwtTnYJTp1Z4paGiFb4oN4Tai-_nRLvreCtxR9RucN2HrJNzC5PkjVdeyZ_OutB21WyMxomaGdddYnNz5LcRMLsctd9mzLzys8Py46Q8YKPkl-8r2aNI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6fVYHnVxY_6QLcW89u8PkOeLiALJntKxXNWdkfdwwI23ARABIABglYKAgLgHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAkAxu9EQXLE-4AIAqAMBqgTwAU_QATp0zQnjBDWSqCZknBnJwfNMPaTkbapRMvEIQnwQ8vuxQZULcvAQZ7CONtR3JW5ppOv8ZsSurMG2fE5AQYOLVVDFx85GYB7wdlu34RLO5f9t8S9IxLKyQJCDPS_v-s58VWZz62tUY0lU7U-lfb1ScG6zXQjd9FR6xQHpL23cwhsr5iaNF-NZF6yBy2nHkop5p4T16468wlE_yJmRMS0NEXDHHKoHI7GfOJWf5GJEvqscIguPj6CVLDk2tN7RzwnDUzhPCCRTEt0FKA20xbms-czTvNxwhoM49A9hwIIO_CxbIvImEYONiGPlwuIZOuAEAYAGx83PmN-e7an5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0UKW4TJ9vdwvyBTlxGV0ivn9NW0Q%26client%3Dca-pub-4491659496372172%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 22:52:15 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 08 Nov 2023 22:52:15 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 4385 2 KB
1 KB 78ms
18ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 22:52:15 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 08 Nov 2023 22:52:15 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 4385 308 B
636 B 38ms
19ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 22:52:15 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Wed, 08 Nov 2023 22:52:15 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 4385 293 B
621 B 38ms
18ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 22:52:15 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Wed, 08 Nov 2023 22:52:15 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame 4385 43 B
347 B 64ms
15ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=df6KFqakDsbZ4BraU9MWJoTlYqCaSRoW-b-ccSGK0NP8_Xo5Mo1dNCF_bI7IiHOE52usLWbE8E-NiiF55H_l3qwPg6S01kvAIeXwkqOqaO-Bu_HbjQ-QLOy_9ExCPKHwn81dYmLNzAVpwWZivdTLX2t2A-L988L1hHyIJhW31R878Kr_N_Wq0_zEZ6kZ-lDQb45G2WHoOcrSV_4J61wVCkoupcdjxCIRlKQynHBPU0lHNnalyMf5yvhN7veCSA9vq3S-w8t9BviaQKZXpkuBJjdlFqfnzNQWZ2naygkOCfU0sJL7bp8vOT5CIqh1GuZ9M66lOlQmNAQDpa-JLxIB1Nd3EkBGLQsAwimKZ7_keHOL0qJmSiJuCABwJduZcS4nGNHJ6NjddCVpjXkkC1lic23b_g6j3DqHrF-FzgU1c8RrU-ri

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 22:52:15 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2222284
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 m
secure-gl.imrworldwide.com/cgi-bin/ Frame 4385 44 B
753 B 142ms
101ms Image
image/gif 2600:9000:223c:5800:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1668379934
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y3F1HgALSH4H_Z5FAALzkLVW9GGG_loKK3Pa_Q&u=%7CregeZsrT5kpMWftWzyRTVlCUcW%2FOWD5FyocImaWt%2FCM%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZerJzy_6TFTHF5JbF2F7hfY38jJn1Qy5iMK1mIqGg2gyOYxfSlLeapxQMx3vCmy9UzXbjvZAPE1qkFRSbU358h2fUj6WC-tqWUSrBiNBhg4LYk1sX_DTCtCFnS6_OHLCBC_SH4NtHtiAaPIUk8aoxo7XORJBIHAVpxl_aAZ8K_0osOqwROSvsPNrBQmtpNb72Th3Gm--MGiMIp2Cn-_qTlpulcCBaN0VgL-MXd1vhJ2qoBFBP0TQe7Qd5OrYfC1bYEH2RkrpDjmJZE0SIbjFwtbhJuBsqwyo7wrbCFW2P5U2aXYIVWt_rc7m2c2h662fMg-m9r3W0H_0dYKvePInDh8fpuTnGRdpwQwlMRg-K9P6UzunIA8PFg8iM42V-V5Uszy7yuqhwEck9hXdNKldSYhHG-_MLBp3xHKUW7qAxfslK6Gc7hNu0Fx51StHO41GZwZuIwtTnYJTp1Z4paGiFb4oN4Tai-_nRLvreCtxR9RucN2HrJNzC5PkjVdeyZ_OutB21WyMxomaGdddYnNz5LcRMLsctd9mzLzys8Py46Q8YKPkl-8r2aNI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6fVYHnVxY_6QLcW89u8PkOeLiALJntKxXNWdkfdwwI23ARABIABglYKAgLgHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAkAxu9EQXLE-4AIAqAMBqgTwAU_QATp0zQnjBDWSqCZknBnJwfNMPaTkbapRMvEIQnwQ8vuxQZULcvAQZ7CONtR3JW5ppOv8ZsSurMG2fE5AQYOLVVDFx85GYB7wdlu34RLO5f9t8S9IxLKyQJCDPS_v-s58VWZz62tUY0lU7U-lfb1ScG6zXQjd9FR6xQHpL23cwhsr5iaNF-NZF6yBy2nHkop5p4T16468wlE_yJmRMS0NEXDHHKoHI7GfOJWf5GJEvqscIguPj6CVLDk2tN7RzwnDUzhPCCRTEt0FKA20xbms-czTvNxwhoM49A9hwIIO_CxbIvImEYONiGPlwuIZOuAEAYAGx83PmN-e7an5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0UKW4TJ9vdwvyBTlxGV0ivn9NW0Q%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:5800:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 22:52:15 GMT
via: 1.1 1f0db25765b79d244ad1fa2184395c12.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
x-cache: Miss from cloudfront
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
cross-origin-resource-policy: cross-origin
content-length: 44
pragma: no-cache
server: nginx
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods: POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
x-amz-cf-id: NpN1hVTW4U78H95b2VR_zSX-EWL1qcw_iZrhqrK8o4Ah_jdtCB4h7A==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 21F2 2 KB
1 KB 58ms
17ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y3F1HgALSH8H_Z5FAALzkAXFPp--r5xdP4HeWQ&u=%7CregeZsrT5ko3zSaPLzIEErG%2Bfxreeatvx7jo7GsE4oc%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANXgOnAcNIJzBemkLk1nCYi0Ecdkmnmq4OdcX5tPMc1nU05fJtZRrIy_waR603vy4sEn2hsRaFUIfPwgfSzzUsXpzifFgyLlpEOvxx7TMqhy-QS_28sxbEy8W_H6XCQaw472sHJsliUr5W1cex371pl2nZc726_K8b2AuHQZ7FLkICdSU0lsg5gEbv--H8FTHByHP4qUq1zUNlhdD_f-rutoX8PuILguWFtEsnftuGyOO4TMtNOwUGj_q3KdLDm2wjjFkXA6505pIx609hn7y761q9QZC-jW2_p5T5dyEyomRmxJNZZCxpvg5uXLCQvjKLjfd9aJUayapl4Dm9tmrG5U8fflYGfhXpngm52wAo0kDggf1eAaiXRUjGxvmIiR0CQ2-OdobYi3OHx2xyDSRNvCpFBNDfRbk2G6DfMZdWbIC-FmRwDvmovmOzcmBdXTft73EJNHztRKcnAJQmyyJVEvevZnAx1pU4_jYhNT1JUMZUmVOWw-mqgdJb40qzmcSaC23HouQEy1bm_R_NrBOIyvMjAtXGgGrMue8wXtleiGVIRfki8arM_k&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzXJCHnVxY_-QLcW89u8PkOeLiALJntKxXL2Ol_dwwI23ARABIABglYKAgLgHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAkAxu9EQXLE-4AIAqAMBqgT3AU_QqysSFN8_yfsPRpnxlysj8zPHBBfhVm-R5ntxhQDDsoOxeC28FPnsmefwdAhbDtFq5Cxh12HeSt3M5Llfui7iAfQ5B1XJMzLJPFlKfl4Tf8W2ajRudFGRRsaQ05qIrCgR6-KaxxKWj7o0xIPedB-aFzBV15Gs804rxcBv9gjYfaqJ1wqhXFiJBNADnDveqqaOhandZ_YFb8axC6BPhpNpS3n0QMch633QLOzheQh8k_Omi_9aA_SzOxIirt7SnVyScqC1vQKa38gqDUjrN8kIuh_qIbvxpDzAifTqZ2T7DTueTgGKvnRWTAF8U6fhD9SM7z-M2b_gBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3pAA3KDbw5qTP0Fl8im2ng1o0AQw%26client%3Dca-pub-4491659496372172%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 22:52:15 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 08 Nov 2023 22:52:15 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 21F2 2 KB
1 KB 65ms
24ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 22:52:15 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 08 Nov 2023 22:52:15 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 21F2 308 B
636 B 36ms
21ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 22:52:15 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Wed, 08 Nov 2023 22:52:15 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 21F2 293 B
621 B 32ms
17ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 22:52:15 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Wed, 08 Nov 2023 22:52:15 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame 21F2 43 B
348 B 59ms
15ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=3N8MWiF2bVG4jTuYXFWpuO2vew54D0xc2tVgoKZI-2ZHdbtdnSPu8-37KVeeKlCOPjb19_aMiHDomOUvKMUwO_61CdBDpTCz9hAU8DTEreKxv_fjMCzwMuVrCLhqyUueZOp9Hh1ifumzp-xVzWcAa9wDIDY-M3ofkhREzw2XEj8xX_SdqkvRU2oVCMYOFIy3E9QTO1524kNl608u8KmqBixvSDSuzifVv6RlD0NH76-F8SkwLRg8QDr8AVC_s9k1ZM7OpmtsY2B81AKxckXZDPDzEN1cuEgvrP6CuTlzxWHhdknUCHNKeEEE_x5__ADlnJo9Iua37sMZKBYYHhBTslvFGtziuSl-smpzHVWgsaZKqjF8ouv2DBhoFbi8vwrmMmOB6ErMwR6k0Zm1xfmPe6a-CvooCvLL5tg3XH1zcrc-82uE

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 22:52:15 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1935232
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 m
secure-gl.imrworldwide.com/cgi-bin/ Frame 21F2 44 B
752 B 138ms
101ms Image
image/gif 2600:9000:223c:5800:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1668379934
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y3F1HgALSH8H_Z5FAALzkAXFPp--r5xdP4HeWQ&u=%7CregeZsrT5ko3zSaPLzIEErG%2Bfxreeatvx7jo7GsE4oc%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANXgOnAcNIJzBemkLk1nCYi0Ecdkmnmq4OdcX5tPMc1nU05fJtZRrIy_waR603vy4sEn2hsRaFUIfPwgfSzzUsXpzifFgyLlpEOvxx7TMqhy-QS_28sxbEy8W_H6XCQaw472sHJsliUr5W1cex371pl2nZc726_K8b2AuHQZ7FLkICdSU0lsg5gEbv--H8FTHByHP4qUq1zUNlhdD_f-rutoX8PuILguWFtEsnftuGyOO4TMtNOwUGj_q3KdLDm2wjjFkXA6505pIx609hn7y761q9QZC-jW2_p5T5dyEyomRmxJNZZCxpvg5uXLCQvjKLjfd9aJUayapl4Dm9tmrG5U8fflYGfhXpngm52wAo0kDggf1eAaiXRUjGxvmIiR0CQ2-OdobYi3OHx2xyDSRNvCpFBNDfRbk2G6DfMZdWbIC-FmRwDvmovmOzcmBdXTft73EJNHztRKcnAJQmyyJVEvevZnAx1pU4_jYhNT1JUMZUmVOWw-mqgdJb40qzmcSaC23HouQEy1bm_R_NrBOIyvMjAtXGgGrMue8wXtleiGVIRfki8arM_k&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzXJCHnVxY_-QLcW89u8PkOeLiALJntKxXL2Ol_dwwI23ARABIABglYKAgLgHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAkAxu9EQXLE-4AIAqAMBqgT3AU_QqysSFN8_yfsPRpnxlysj8zPHBBfhVm-R5ntxhQDDsoOxeC28FPnsmefwdAhbDtFq5Cxh12HeSt3M5Llfui7iAfQ5B1XJMzLJPFlKfl4Tf8W2ajRudFGRRsaQ05qIrCgR6-KaxxKWj7o0xIPedB-aFzBV15Gs804rxcBv9gjYfaqJ1wqhXFiJBNADnDveqqaOhandZ_YFb8axC6BPhpNpS3n0QMch633QLOzheQh8k_Omi_9aA_SzOxIirt7SnVyScqC1vQKa38gqDUjrN8kIuh_qIbvxpDzAifTqZ2T7DTueTgGKvnRWTAF8U6fhD9SM7z-M2b_gBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3pAA3KDbw5qTP0Fl8im2ng1o0AQw%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:5800:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 22:52:15 GMT
via: 1.1 1f0db25765b79d244ad1fa2184395c12.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
x-cache: Miss from cloudfront
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
cross-origin-resource-policy: cross-origin
content-length: 44
pragma: no-cache
server: nginx
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods: POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
x-amz-cf-id: YqvSOhb4e4LWvKDYt84LqLZU2SOg1fNaqdiLW2deK6UuKIW5yEcXPg==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 97ms
97ms Fetch
text/plain 70.42.32.159
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=97257b769f8f61d4547830db45217541_1769_1668379934755&tm=2015&eT=0&widgetWidth=865&widgetHeight=99&widgetX=535&widgetY=10706&wRV=2000941&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=1027&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.159 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Sun, 13 Nov 2022 22:52:15 GMT
access-control-expose-headers: content-range
content-encoding: gzip
X-TraceId: b121d3917dd7d22b2c45d79816a2ca41
Content-Length: 28
Content-Type: text/plain; charset=UTF-8

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 87ms
87ms Fetch
text/plain 70.42.32.159
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=6a694d0a10a187dfff987a1ea6a62ed8_1769_1668379935012&tm=2044&eT=0&widgetWidth=865&widgetHeight=143&widgetX=535&widgetY=10828&wRV=2000941&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=1027&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.159 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Sun, 13 Nov 2022 22:52:15 GMT
access-control-expose-headers: content-range
content-encoding: gzip
X-TraceId: f239daf3106df9a3367ad72137cc77e7
Content-Length: 28
Content-Type: text/plain; charset=UTF-8

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 87ms
87ms Fetch
text/plain 70.42.32.159
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=10d403b65d821a10983669423425dd31_1769_1668379935259&tm=2045&eT=0&widgetWidth=865&widgetHeight=99&widgetX=535&widgetY=10995&wRV=2000941&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=1027&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.159 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Sun, 13 Nov 2022 22:52:15 GMT
access-control-expose-headers: content-range
content-encoding: gzip
X-TraceId: 18e63199b4348055c4232d6a0a483990
Content-Length: 28
Content-Type: text/plain; charset=UTF-8

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 86ms
86ms Fetch
text/plain 70.42.32.159
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=f71a4caf317fdaec73174697d11a1092_1769_1668379935311&tm=2046&eT=0&widgetWidth=865&widgetHeight=97&widgetX=535&widgetY=11117&wRV=2000941&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&rtt=1027&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.159 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Sun, 13 Nov 2022 22:52:15 GMT
access-control-expose-headers: content-range
content-encoding: gzip
X-TraceId: 06c309301672fabe19b834e399aa77e9
Content-Length: 28
Content-Type: text/plain; charset=UTF-8

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 4385 12 KB
6 KB 19ms
19ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 22:52:15 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 08 Nov 2023 22:52:15 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 4385 15 KB
15 KB 88ms
29ms Image
image/png 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=496&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F79f2c646e3f74b54931cff1f39d769d0_blue.png&v=3&w=356&s=asWaolQOjjDK27LiybcVbk63

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

22c8728d566763a64d50a672a2c504875bc39ebba29713ecd97332ca6bf163bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 22:52:15 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=30883146
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 14940
expires: Mon, 06 Nov 2023 09:31:21 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 4385 2 KB
2 KB 92ms
34ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FD%2FlogoAmazon-Workforce-Staffing-245849DE-2005201401.gif%3Feb%3D1&v=3&w=400&s=S8H46qf3EvuvyZds2gfujwsz&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

d530eb650281c426cb8d0c8d602cffe1a63b732b9b4d93e33aaf0340896e3024

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 22:52:14 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=54408
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1902
expires: Mon, 14 Nov 2022 13:59:03 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 4385 2 KB
2 KB 92ms
33ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F6%2FlogoBosch-Gruppe-2804DE-1909091413.gif%3Feb%3D1&v=3&w=400&s=mpSaavc37cTAcDERDSmhZdBJ&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

490319aff00a55cfc00d9e24f71f39fc0801858055c62c07bec8fabf2f6e24ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 22:52:14 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=432777
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1584
expires: Fri, 18 Nov 2022 23:05:13 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 4385 2 KB
2 KB 100ms
42ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F0%2FlogoAKKA-GmbH-Co-KGaA-59067DE.gif%3Feb%3D1&v=3&w=400&s=i2ni9rTRSIHCfm6b7UIKmRV_&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

57549ec703978f56ade3a8f4892ab24cdd4c9e65ae886de5e70e3551fb2e1051

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 22:52:14 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=2277094
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1956
expires: Sat, 10 Dec 2022 07:23:50 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 4385 3 KB
3 KB 91ms
33ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F8%2FlogoSopra-Steria-3313DE-2001021046.gif%3Feb%3D1&v=3&w=400&s=QbRhpElh7l4tC5hI8yeB5Vuq&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

f5c7d13b481be5ce3e8bff9dc5793440e504497d27883889e07a6415de645a92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 22:52:15 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=2158239
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2828
expires: Thu, 08 Dec 2022 22:22:54 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 4385 0
128 B 63ms
13ms Ping
text/plain 2a02:2638:1::17
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=y59SUf7IxGoJ1inC0U2hvaWgeOvJCDulbBEYQ4_30qadlYJD273fKYZxz6l1ThOZVBqDmno-r4IwvIKOC-Ha3qlqsC-FavH3qnWqaBRlz3S29P9XNzBCHh18SJQglRXBw9MMQ79djYMfI0WAs2-BTXk6bQbdmWAHSZEcQhgz88ELRDCI8l3G9ZBY0UqNog5kOYI9dbIkxmPOG7R2nvLgqmIj0SXc-zGQlNOF2v0frC92QmRNJ2ZslA-rw-2fLx9EKXxn5w&sds=2&rev=83376.1&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 13 Nov 2022 22:52:15 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 4385 2 KB
1 KB 16ms
16ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 22:52:15 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 08 Nov 2023 22:52:15 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 4385 2 KB
1 KB 18ms
18ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 22:52:15 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 08 Nov 2023 22:52:15 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 21F2 12 KB
6 KB 27ms
27ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 22:52:15 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 08 Nov 2023 22:52:15 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 21F2 19 KB
20 KB 73ms
35ms Image
image/png 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=96&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F79f2c646e3f74b54931cff1f39d769d0_blue.png&v=3&w=596&s=45clepS8yrkQyPzlt9DilbEt

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

077deca4d6403481d09410f5975dba17e496fc18fb1af7eb875c53c404a757ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 22:52:14 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=30883146
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 19853
expires: Mon, 06 Nov 2023 09:31:21 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 21F2 0
127 B 42ms
13ms Ping
text/plain 2a02:2638:1::17
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=32OmF_7IxGoJ1inCKEVNA5OfjKWjkG8eIsBvXkG8pFGXImzgiCL9U804pXZTJ-yQa57RrrdC4XnFOLzJ3tnRD7v4DBioxgQxRGgFSukRf968zVpUyE8S6LhV8H3BahCfbadDnLoXPWAV2g1djaza1h6i0TnSPJ16yDdT2m9XsNfOwxmsEt6urwkBvFf8j6aq8DnLvQKMG70DyaKRv0USETlMh93iuHJCJBX8gAytEzcBUOmmJZ3Z6RIRs_4DcMFl38SqAQ&sds=2&rev=83376.1&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 13 Nov 2022 22:52:15 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 21F2 2 KB
1 KB 16ms
15ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 22:52:15 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 08 Nov 2023 22:52:15 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 21F2 2 KB
1 KB 20ms
20ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 22:52:15 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 08 Nov 2023 22:52:15 GMT

GET
H3 200 container.html Show response
9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/safeframe/1-0-39/html/ Frame 12EC 6 KB
3 KB 8ms
8ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js?cb=31070836

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 2988
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 13 Nov 2022 22:52:14 GMT
expires: Mon, 13 Nov 2023 22:52:14 GMT
last-modified: Tue, 25 Oct 2022 18:59:17 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/safeframe/1-0-39/html/ Frame 4B05 6 KB
3 KB 8ms
7ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js?cb=31070836

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 2988
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 13 Nov 2022 22:52:14 GMT
expires: Mon, 13 Nov 2023 22:52:14 GMT
last-modified: Tue, 25 Oct 2022 18:59:17 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/safeframe/1-0-39/html/ Frame 1EB1 6 KB
3 KB 8ms
8ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js?cb=31070836

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 2988
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 13 Nov 2022 22:52:14 GMT
expires: Mon, 13 Nov 2023 22:52:14 GMT
last-modified: Tue, 25 Oct 2022 18:59:17 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012210191347000/ Frame 2272 221 KB
61 KB 65ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012210191347000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js?cb=31070836

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a79519048901b32cc426ca69b2e305b5644bcd0373f21995c27d19997e627c04

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 08 Nov 2022 20:01:27 GMT
age: 442248
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61564
x-xss-protection: 0
server: sffe
etag: "84cdcac007f64412"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 08 Nov 2023 20:01:27 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012210191347000/v0/ Frame 2272 14 KB
5 KB 80ms
23ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012210191347000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js?cb=31070836

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f453198755f824befcfa757be6d917efd740f6c19270fbe4f8d98353517f8dc8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 07 Nov 2022 17:11:32 GMT
age: 538843
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5198
x-xss-protection: 0
server: sffe
etag: "aeb1502543fb438c"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 07 Nov 2023 17:11:32 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012210191347000/v0/ Frame 2272 94 KB
28 KB 81ms
23ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012210191347000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js?cb=31070836

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ffc33071954215c38304ae191ecb45e2c03e1e7f40e758dd2f944889b92e5f76

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 08 Nov 2022 19:14:37 GMT
age: 445058
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28845
x-xss-protection: 0
server: sffe
etag: "fdb7364f8f067758"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 08 Nov 2023 19:14:37 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012210191347000/v0/ Frame 2272 5 KB
2 KB 82ms
25ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012210191347000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js?cb=31070836

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bfdcc3eaa2c1649211030b5caa1e03a40a1299dc5fac7ca8d57144d56fb9afc5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 11 Nov 2022 00:34:20 GMT
age: 253075
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1912
x-xss-protection: 0
server: sffe
etag: "9f4a70ec77acc0d1"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 11 Nov 2023 00:34:20 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012210191347000/v0/ Frame 2272 40 KB
13 KB 82ms
25ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012210191347000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js?cb=31070836

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e9ab8899832043bf5aa1f2c07cc6222bbf3dd450c4311bbbae045c37e8eb420

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 10 Nov 2022 08:14:54 GMT
age: 311841
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12946
x-xss-protection: 0
server: sffe
etag: "2923b90bb7365105"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 10 Nov 2023 08:14:54 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 2272 6 KB
1 KB 47ms
16ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=de

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js?cb=31070836

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

48abbbb87d8a3a1f97940449fd42b27a75079b449e844fad811e1231cdc57836

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 13 Nov 2022 22:52:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 13 Nov 2022 21:57:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 13 Nov 2022 22:52:15 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 2272 0
0 53ms
53ms Image
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CUgC4H3VxY5XoEN2H9u8PoKWSwAzY2eyebamKta_qEPrgv6DUARABINGTwypglYKAgLgHoAG0m5vBAsgBBqkCQDG70RBcsT7gAgCoAwHIAwqqBOkBT9Cou56XIyD1XeVBwfMRcWSrGO1lpF58tvhQ7k0d0xGJo2p_Wuh7tfO72KbnpekVSpcig5rO1qcSFosXMz3RIXsmfyb3RQRx3RNWMp3lhjRFY43CPuRCgqya-5DjjtRum5LggO8BMBHyDVkNV7Yt5Wc0iEVnqnurn_hmMC-_4rtUL39teFJm8bMZTM9tH7XkbpGw8L3ET0Lk-O75HSfIoP8pWDzyGZVxVg_Og8NR-lh6vtADBUZwU5CSQQDKWVDYVJFD5PuM6X12y_g8SVf92R3N1KwQpmJyFfDAmCl6XTjFRk1rSqgM32vABM3ezJv1A-AEAZIFBAgEGAGSBQQIBRgEoAY3gAfm54g3qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ0-UG0ggRCIDhgBAQARgdMgKqAjoCgECACgPICwHYEwvQFQGAFwGyFx4KHAgAEhRwdWItNDQ5MTY1OTQ5NjM3MjE3Mhjx5hM&sigh=0CH8N5RE0KI&uach_m=[UACH]&cid=CAQSPADq26N9sAK5otwGSRVHI6E0BcZPCZpimb6livMl-zB3fKISo7FGc4mdibWUhq0qeSYSwcijnBTTg8qe5RgBIBM&template_id=492
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H3 204 l
www.google.com/ads/measurement/ Frame 2272 0
0 17ms
15ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTUugjFDc_T8cF4Vs6B3DxMRA7uyhmkPbf7SnZyPcqO2MK49fxlNtQFCit2YCCSdbudobhzybSBHr5KNsheTQlDlbp9Qw
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H3 200 iw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 2272 3 KB
3 KB 37ms
10ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/iw.png

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

19b49a74b4e17a37abe04b94bd3a67665f92b8368004c73a1112cf142fb9da1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 21:41:50 GMT
x-content-type-options: nosniff
server: cafe
age: 4225
etag: 415739381108731362
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2712
x-xss-protection: 0
expires: Mon, 14 Nov 2022 21:41:50 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 2272 344 B
368 B 35ms
9ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 10:22:22 GMT
x-content-type-options: nosniff
server: cafe
age: 44993
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Mon, 14 Nov 2022 10:22:22 GMT

GET
DATA 200
OK truncated
/ Frame 2272 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6f7476cd169fda507ff9fd478b4870f63b07560036b16d712b4915e8cab70768

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 events Show response
khn.crowdad.io/ 0
104 B 30ms
30ms XHR
text/plain 52.208.146.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://khn.crowdad.io/events
Requested by: Host: d2r08ja41ypc0t.cloudfront.net
URL: https://d2r08ja41ypc0t.cloudfront.net/WALLA/kahoona-idx-live.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.146.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-146-5.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.walla.co.il
date: Sun, 13 Nov 2022 22:52:15 GMT
access-control-allow-credentials: true
content-length: 0

OPTIONS
H2 200 events
khn.crowdad.io/ Frame 0
0 36ms
29ms Preflight 52.208.146.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://khn.crowdad.io/events
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.146.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-146-5.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.walla.co.il
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://www.walla.co.il
content-length: 0
date: Sun, 13 Nov 2022 22:52:15 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 12EC 3 KB
601 B 59ms
30ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Requested by

Host: 9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com
URL: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fb7989597f1a10a56bd83de6a26eefec44a0c704979fb5e06f02195bc9cebfce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 13 Nov 2022 22:52:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 13 Nov 2022 21:08:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 13 Nov 2022 22:52:15 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/ Frame 12EC 2 KB
765 B 30ms
7ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: 9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com
URL: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:42:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47403
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Nov 2022 09:42:12 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 12EC 0
0 86ms
63ms Fetch
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C-ujTH3VxY5PoEN2H9u8PoKWSwAzcxbaDaa6_xbemDabgz820EBABINGTwypglYKAgLgHoAGwuqHXA8gBCakCQDG70RBcsT7gAgCoAwHIA8sEqgTjAU_Qveece5OrJonE2x7tDv3VBUKd3IEIvKtuIsgS-Kotb2mOMSAmGo-WR_PpPLdfY3RZWhPSdJEQDDgurEtgC05zaSOid0q6SHVKWxlhVsdAw3bk-cEWFjpXMc1oZCwfQhoYOQG2jh7Luv5ISC8wt_rxdMUpRbtfEg2wzBNJwGe-RiJwuHmzrYCR0YRKAPG-0Rmpoxb1NWfb6LyVjdm44AeaRH4G59nsA8OJ5sLxlde3ZfS-bW9qfn1Gk3GO6rm-EuHXxfPQSynO6csLNfZ0bM2ACLCp366kZVPczFian2frE8kmwATxqf3kogPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHv9m9YKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHBBCDsAvSCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAdgTDNAVAYAXAbIXHgocCAASFHB1Yi00NDkxNjU5NDk2MzcyMTcyGPHmEw&sigh=LKEimHXOSQo&uach_m=[UACH]&cid=CAQSPADq26N9sAK5otwGSRVHI6E0BcZPCZpimb6livMl-zB3fKISo7FGc4mdibWUhq0qeSYSwcijnBTTg8qe5RgBIBM&template_id=494
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221109/r20110914/ Frame 12EC 23 KB
9 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221109/r20110914/abg_lite_fy2021.js

Requested by

Host: 9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com
URL: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d68d67ff212cb063ef0647e22d2b5102c344b7e88e0fb7c882e89c9bfc6c32e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 17:15:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20235
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9405
x-xss-protection: 0
server: cafe
etag: 9394538439156335931
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Nov 2022 17:15:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/ Frame 12EC 3 KB
1 KB 31ms
9ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/window_focus_fy2021.js

Requested by

Host: 9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com
URL: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 20:05:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9985
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Nov 2022 20:05:50 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/ Frame 12EC 18 KB
7 KB 31ms
9ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com
URL: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f841e16a15c87fd62a9fd964cbe0f0a42e8c4a890a8b4f706729c0cc53054dc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 23:46:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83151
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7417
x-xss-protection: 0
server: cafe
etag: 18318620284716439044
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 26 Nov 2022 23:46:24 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 12EC 0
0 38ms
16ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQlrB5MYMrgU0uDQbTb8gQAFE3txloiKgiFuTaGn9NB3gdVdk6iJ3QCcR3WiSwCPZi9Fpa0tm_Oeff91yXLAdjeo41DSQ
Requested by: Host: 9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com
URL: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 12EC 154 KB
47 KB 57ms
36ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com
URL: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 22:52:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 13 Nov 2022 22:52:15 GMT

GET
H2 200 0d3fd3b530a886383bd6b91513e5ed38.js Show response
www.gstatic.com/mysidia/ Frame 12EC 34 KB
14 KB 65ms
6ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/0d3fd3b530a886383bd6b91513e5ed38.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com
URL: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29a24baf918a3b9bbda58c98de4ba638f939c8b46fe292000cb833a50e4c303d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 20:20:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 181923
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14033
x-xss-protection: 0
last-modified: Wed, 02 Nov 2022 20:40:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 09 Feb 2023 20:20:12 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 4B05 0
0 77ms
62ms Fetch
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CzCzSH3VxY5ToEN2H9u8PoKWSwAzJntKxXI3w4taTAcCNtwEQASAAYJWCgIC4B4IBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQJAMbvREFyxPuACAKgDAaoE9gFP0CE2KakjfGilvBtAcfmOEKr9qmBC9rf2mj1JSDEXFGgtfXBg9f0d2FskXydJS5pi1mp8g7QMiNCyMhNfjICRqiAQDUq96EiD9m98bn3CYW4khVR2PvweixhT6g63-HGa45RbGqXC9vtaxx_oTq4V7eUIfGLyBRZBPiu5jFG2sQKRGr5MHJPQtKbBfiy9UThfI1UQSYY84aD3pp6giGNeCArx0JXu1AWETyKJRO_pQ_wUmgorbcFvkqo6woXJ0JFi1f07Pr5_ycHJVM-xWdvj5b5N2P5Raklk17PejjWMmRJtYomtsHYi3GjEfl6QSnSzFek90DHgBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTQ0OTE2NTk0OTYzNzIxNzIY8eYT&sigh=e6gAHsr6EuM&uach_m=[UACH]&cid=CAQSPADq26N9sAK5otwGSRVHI6E0BcZPCZpimb6livMl-zB3fKISo7FGc4mdibWUhq0qeSYSwcijnBTTg8qe5RgBIBM
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame 4B05 0
0 103ms
10ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=k5CTFLr5RKwCkAOdg2ICAgAAAI9v_qchM8M6UwfGnGMh-yoQHnVxY1znORkaQQ7U3sbYABIAAA&wp=Y3F1HwAENBQH_YPdAASSoNboJ_9sDn1pxDhqnw

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 22:52:15 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 431253
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame C2B3 164 KB
51 KB 106ms
88ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Y3F1HwAENBQH_YPdAASSoNboJ_9sDn1pxDhqnw&u=%7C3vrEEgWMN1D0hfkP9qZUembz1nI8k5a0JvEjX540iUs%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T1Hl_UF-u9tNI4lIsnTDgg1ZRHPrvLN9-iyaovhTne2v1w80ecoBnMoeTA5d0vOoPJ1vrt91mt5f1C5-nRsylZHohtiOByBwJoYFYFDAhSfIIN6F8BTAKPegJbR4T1ElPrYXLQIMcZb2SrVbBukENMSEWMSn0uamxGoScNSLNMN0Mb0UHNjyDoi7jxOnT6R3v5xayUIeMjVeO6SLtABPsyAfzSHVB4aggru7Pp0I-FjaVngiCqrtNqfgs9z4hosMwq8T-tb6l5n0GXR2b-yNsY9ISDzJ1XgJu0bSHZv8ENdJbVd93EKyfysc-3EsHYuWmUs_chQjvGMB1aMHtuZwojVSkdX1UANomwW_rr6xp-uLoAW5WfbqFx7rjgm8nqD0JPzU59VLRxRe0fPT33YRIpFVWnCnWP2aV17pHgcQeScdJhS2ziwo2dJye1nMr6w7eTzJyKadDQB0PuxTLfOtcehD06Rrs7_3aEv62qKfPmzKNr2K72y9rsKRDgin6xnYSFVcE48APc9PmE6DH3YEErUmW7ps8NHyQuF3-WNoJDcT&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_lyyH3VxY5ToEN2H9u8PoKWSwAzJntKxXI3w4taTAcCNtwEQASAAYJWCgIC4B4IBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQJAMbvREFyxPuACAKgDAaoE-QFP0CE2KakjfGilvBtAcfmOEKr9qmBC9rf2mj1JSDEXFGgtfXBg9f0d2FskXydJS5pi1mp8g7QMiNCyMhNfjICRqiAQDUq96EiD9m98bn3CYW4khVR2PvweixhT6g63-HGa45RbGqXC9vtaxx_oTq4V7eUIfGLyBRZBPiu5jFG2sQKRGr5MHJPQtKbBfiy9UThfI1UQSYY84aD3pp6giGNeCArx0JXu1AWETyKJRO_pQ_wUmgorbcFvkqo6woXJ0JFi1f07Pr5_ycHJVM-xWdvjp7xsSnne9lrbS6d9XggqYRt5aD-nnm6gaKD52KwvVFirkEO5w46may_gBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2bwPVMkAdWowXcZKAHb-SLe9t_qw%26client%3Dca-pub-4491659496372172%26adurl%3D

Requested by

Host: 9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com
URL: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

81337dc63b2528d3fc0e00698446b27a55c35eb27c3ad0cee0109815a4984ac0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sun, 13 Nov 2022 22:52:15 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=8JcLBv7IxGoJ1inC5tEyvHUQ6Mh4Okmo9lswOEgskCEmRqPkNqhnah-xtCjETBCSKWelHpKRLQch_dQ9nTLBZnfEPVQKPr1wbd2hgyQL78xqZD__WkBBIhlYJV-CdJpXqjD3enZ6Po82wocUWWhg-KPf27AB-7FOfPGLJUh-O_xZWqJ54QZ69FU0ByArEPRcZIEU5bt8mmdmENkS0MYoFD6-ui4G180bItmX6YA0kQv0B1AmvuwQZicRyauPNIYhby_eKA"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 74778723
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/ Frame 4B05 3 KB
1 KB 29ms
15ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/window_focus_fy2021.js

Requested by

Host: 9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com
URL: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 20:05:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9985
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Nov 2022 20:05:50 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 1ACA 1 KB
643 B 45ms
18ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com
URL: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 30875
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 13 Nov 2022 14:17:40 GMT
etag: 48472445140208031
expires: Mon, 14 Nov 2022 14:17:40 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/ Frame 4B05 18 KB
7 KB 23ms
10ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com
URL: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f841e16a15c87fd62a9fd964cbe0f0a42e8c4a890a8b4f706729c0cc53054dc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 23:46:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83151
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7417
x-xss-protection: 0
server: cafe
etag: 18318620284716439044
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 26 Nov 2022 23:46:24 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 4B05 0
0 39ms
26ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQv07uc10FosSVMST4eYmSM3hmAJdDNlbE3lSNSjeOKnh0KrAS26_f8AZs7gelZJCkit1FsNq9UUswM_-tt5zCva-5AkA
Requested by: Host: 9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com
URL: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-39/js/ Frame 4B05 24 KB
7 KB 23ms
10ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-39/js/ext.js

Requested by

Host: 9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com
URL: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da46105f4725a67010ca5d8c9024ad7ff521a6186267e2822a551fb4cad0e079

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 17:14:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20236
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7370
x-xss-protection: 0
last-modified: Tue, 25 Oct 2022 18:59:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 13 Nov 2023 17:14:59 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4B05 154 KB
47 KB 68ms
55ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com
URL: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 22:52:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 13 Nov 2022 22:52:15 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 1EB1 4 KB
621 B 43ms
30ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: 9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com
URL: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 13 Nov 2022 22:52:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 13 Nov 2022 21:04:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 13 Nov 2022 22:52:15 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/ Frame 1EB1 2 KB
765 B 28ms
15ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: 9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com
URL: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 09:42:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47403
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Nov 2022 09:42:12 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 1EB1 0
0 75ms
63ms Fetch
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CEK4AH3VxY5boEN2H9u8PoKWSwAzcxbaDaa6_xbemDabgz820EBABINGTwypglYKAgLgHoAGwuqHXA8gBCakCQDG70RBcsT7gAgCoAwHIA8sEqgTpAU_Qo16DFrBPk4e6sOfbyOJdanzokzW1IRo8l11_1HOTEoTTWsqYUXe365wO8ql2x_FKDM8stbTkWUT3RSJDIBwNsoRYq-ngykYoNpF2IYsI4lYPaSwSCEv0NM96x0QuNPWnaMpY3CSsSZP1FRh49V5-7YjSEmpI04kWsy-Q2Ly1TuHTxPi6FfXtIDwipVoUlx0qHfCG7xhkFtBN0qICX86laDpep_Y70sMLfutyYGyfi1a2KAmvqmlCpOQK99aHtcbSBfyTRmjti6h_-lgZ89fo2aYdvJWZnHdu6axANNFCRkLV8XZ9Xww_wATxqf3kogPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHv9m9YKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHBBDukwPSCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAdgTDNAVAYAXAbIXHgocCAASFHB1Yi00NDkxNjU5NDk2MzcyMTcyGPHmEw&sigh=EtGkLsw1VAI&uach_m=[UACH]&cid=CAQSPADq26N9sAK5otwGSRVHI6E0BcZPCZpimb6livMl-zB3fKISo7FGc4mdibWUhq0qeSYSwcijnBTTg8qe5RgBIBM&template_id=494
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221109/r20110914/ Frame 1EB1 23 KB
9 KB 22ms
10ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221109/r20110914/abg_lite_fy2021.js

Requested by

Host: 9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com
URL: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d68d67ff212cb063ef0647e22d2b5102c344b7e88e0fb7c882e89c9bfc6c32e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 17:15:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20235
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9405
x-xss-protection: 0
server: cafe
etag: 9394538439156335931
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Nov 2022 17:15:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/ Frame 1EB1 3 KB
1 KB 27ms
15ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/window_focus_fy2021.js

Requested by

Host: 9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com
URL: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 20:05:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9985
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Nov 2022 20:05:50 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/ Frame 1EB1 18 KB
7 KB 23ms
11ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com
URL: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f841e16a15c87fd62a9fd964cbe0f0a42e8c4a890a8b4f706729c0cc53054dc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 23:46:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83151
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7417
x-xss-protection: 0
server: cafe
etag: 18318620284716439044
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 26 Nov 2022 23:46:24 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1EB1 154 KB
47 KB 72ms
61ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com
URL: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 22:52:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 13 Nov 2022 22:52:15 GMT

GET
H2 200 0d3fd3b530a886383bd6b91513e5ed38.js Show response
www.gstatic.com/mysidia/ Frame 1EB1 34 KB
14 KB 56ms
9ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/0d3fd3b530a886383bd6b91513e5ed38.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com
URL: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29a24baf918a3b9bbda58c98de4ba638f939c8b46fe292000cb833a50e4c303d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 20:20:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 181923
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14033
x-xss-protection: 0
last-modified: Wed, 02 Nov 2022 20:40:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 09 Feb 2023 20:20:12 GMT

GET
H2 200 15064600547253909311_4918554488364016110.jpeg
static.doubleclick.net/dynamic/5/179058610/ Frame 12EC 82 KB
83 KB 52ms
5ms Image
image/jpeg 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/179058610/15064600547253909311_4918554488364016110.jpeg

Requested by

Host: 9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com
URL: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a2e21398d24271b851e1c603a471d43d2f7a1dde989c397b059591b04b1d46c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 16:53:16 GMT
x-content-type-options: nosniff
age: 194339
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 83891
x-xss-protection: 0
last-modified: Fri, 11 Nov 2022 08:27:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Nov 2023 16:53:16 GMT

GET
H2 200 6544257731051800051_9186565913604646649.jpeg
static.doubleclick.net/dynamic/5/179058610/ Frame 12EC 89 KB
89 KB 69ms
22ms Image
image/jpeg 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/179058610/6544257731051800051_9186565913604646649.jpeg

Requested by

Host: 9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com
URL: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68eaf8ac60d0942a6bcee0b4538d7d50ebe41bd26e332550d05d8b9d37fa16e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 15:57:39 GMT
x-content-type-options: nosniff
age: 197676
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91035
x-xss-protection: 0
last-modified: Fri, 11 Nov 2022 08:26:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Nov 2023 15:57:39 GMT

GET
H2 200 15452483416403387477_9146618617033836075.jpeg
static.doubleclick.net/dynamic/5/179058610/ Frame 12EC 71 KB
71 KB 68ms
23ms Image
image/jpeg 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/179058610/15452483416403387477_9146618617033836075.jpeg

Requested by

Host: 9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com
URL: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd4166a69eaa2d6cf37f33cb021cda0767429283b038db80e64e4fdd7adac908

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 15:31:18 GMT
x-content-type-options: nosniff
age: 199257
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72725
x-xss-protection: 0
last-modified: Fri, 11 Nov 2022 08:27:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Nov 2023 15:31:18 GMT

GET
H3

200

4091503581208051288
tpc.googlesyndication.com/simgad/ Frame 12EC
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDnj86ZywEQ9AMY9AMyCGN8MsJOAEwL
https://tpc.googlesyndication.com/simgad/4091503581208051288

107 KB
107 KB

23ms
14ms

Image
image/png

2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4091503581208051288

Requested by

Host: 9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com
URL: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fcab803c6d01082f69e5510655ca566241f3a4fd3ee7aa1506b1308e2d069ccb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 16:38:04 GMT
x-content-type-options: nosniff
age: 454451
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 109931
x-xss-protection: 0
last-modified: Wed, 23 Oct 2019 12:45:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 08 Nov 2023 16:38:04 GMT

Redirect headers

date: Sun, 13 Nov 2022 19:03:05 GMT
x-content-type-options: nosniff
server: cafe
age: 13750
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/4091503581208051288
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 13 Dec 2022 19:03:05 GMT

GET
DATA 200
OK truncated
/ Frame 1EB1 287 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce

Request headers

Referer
Origin: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3

200

4091503581208051288
tpc.googlesyndication.com/simgad/ Frame 1EB1
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDnj86ZywEQ9AMY9AMyCGN8MsJOAEwL
https://tpc.googlesyndication.com/simgad/4091503581208051288

107 KB
107 KB

25ms
15ms

Image
image/png

2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4091503581208051288

Requested by

Host: 9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com
URL: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fcab803c6d01082f69e5510655ca566241f3a4fd3ee7aa1506b1308e2d069ccb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 16:38:04 GMT
x-content-type-options: nosniff
age: 454451
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 109931
x-xss-protection: 0
last-modified: Wed, 23 Oct 2019 12:45:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 08 Nov 2023 16:38:04 GMT

Redirect headers

date: Sun, 13 Nov 2022 19:03:05 GMT
x-content-type-options: nosniff
server: cafe
age: 13750
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/4091503581208051288
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 13 Dec 2022 19:03:05 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2272 16 KB
16 KB 49ms
7ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.walla.co.il
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 11:59:40 GMT
x-content-type-options: nosniff
age: 298355
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Nov 2023 11:59:40 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2272 15 KB
16 KB 46ms
6ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.walla.co.il
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 19:42:15 GMT
x-content-type-options: nosniff
age: 270600
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Nov 2023 19:42:15 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame BB52 1 KB
643 B 27ms
12ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com
URL: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 30875
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 13 Nov 2022 14:17:40 GMT
etag: 48472445140208031
expires: Mon, 14 Nov 2022 14:17:40 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 12EC 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 468e8e45cce52e9e9f3ff45e23a4eab3eba28752c5361ac7d65e091f62c8707b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 2272
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

25ms
25ms

Image
text/html

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H3
Server: 142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Redirect headers

date: Sun, 13 Nov 2022 22:52:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 49C5 1 KB
643 B 13ms
11ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com
URL: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 30875
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 13 Nov 2022 14:17:40 GMT
etag: 48472445140208031
expires: Mon, 14 Nov 2022 14:17:40 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 iw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 2272 3 KB
3 KB 9ms
8ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/iw.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012210191347000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

19b49a74b4e17a37abe04b94bd3a67665f92b8368004c73a1112cf142fb9da1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 21:41:50 GMT
x-content-type-options: nosniff
server: cafe
age: 4225
etag: 415739381108731362
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2712
x-xss-protection: 0
expires: Mon, 14 Nov 2022 21:41:50 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 2272 344 B
368 B 9ms
9ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012210191347000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 10:22:22 GMT
x-content-type-options: nosniff
server: cafe
age: 44993
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Mon, 14 Nov 2022 10:22:22 GMT

GET
DATA 200
OK truncated
/ Frame 4B05 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3656fa43aa04e3e4854c4b10c9a17d73d9ddff8d9b31d48d34abb9180b574ab6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 1EB1 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 480d7c049c884365a3cd82abbbefbe047d243d4185c52aae0825b4f541e0f31f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame C2B3 2 KB
1 KB 49ms
48ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y3F1HwAENBQH_YPdAASSoNboJ_9sDn1pxDhqnw&u=%7C3vrEEgWMN1D0hfkP9qZUembz1nI8k5a0JvEjX540iUs%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T1Hl_UF-u9tNI4lIsnTDgg1ZRHPrvLN9-iyaovhTne2v1w80ecoBnMoeTA5d0vOoPJ1vrt91mt5f1C5-nRsylZHohtiOByBwJoYFYFDAhSfIIN6F8BTAKPegJbR4T1ElPrYXLQIMcZb2SrVbBukENMSEWMSn0uamxGoScNSLNMN0Mb0UHNjyDoi7jxOnT6R3v5xayUIeMjVeO6SLtABPsyAfzSHVB4aggru7Pp0I-FjaVngiCqrtNqfgs9z4hosMwq8T-tb6l5n0GXR2b-yNsY9ISDzJ1XgJu0bSHZv8ENdJbVd93EKyfysc-3EsHYuWmUs_chQjvGMB1aMHtuZwojVSkdX1UANomwW_rr6xp-uLoAW5WfbqFx7rjgm8nqD0JPzU59VLRxRe0fPT33YRIpFVWnCnWP2aV17pHgcQeScdJhS2ziwo2dJye1nMr6w7eTzJyKadDQB0PuxTLfOtcehD06Rrs7_3aEv62qKfPmzKNr2K72y9rsKRDgin6xnYSFVcE48APc9PmE6DH3YEErUmW7ps8NHyQuF3-WNoJDcT&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_lyyH3VxY5ToEN2H9u8PoKWSwAzJntKxXI3w4taTAcCNtwEQASAAYJWCgIC4B4IBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQJAMbvREFyxPuACAKgDAaoE-QFP0CE2KakjfGilvBtAcfmOEKr9qmBC9rf2mj1JSDEXFGgtfXBg9f0d2FskXydJS5pi1mp8g7QMiNCyMhNfjICRqiAQDUq96EiD9m98bn3CYW4khVR2PvweixhT6g63-HGa45RbGqXC9vtaxx_oTq4V7eUIfGLyBRZBPiu5jFG2sQKRGr5MHJPQtKbBfiy9UThfI1UQSYY84aD3pp6giGNeCArx0JXu1AWETyKJRO_pQ_wUmgorbcFvkqo6woXJ0JFi1f07Pr5_ycHJVM-xWdvjp7xsSnne9lrbS6d9XggqYRt5aD-nnm6gaKD52KwvVFirkEO5w46may_gBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2bwPVMkAdWowXcZKAHb-SLe9t_qw%26client%3Dca-pub-4491659496372172%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 22:52:16 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 08 Nov 2023 22:52:16 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame C2B3 2 KB
1 KB 25ms
24ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 22:52:16 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 08 Nov 2023 22:52:16 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame C2B3 308 B
636 B 19ms
15ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 22:52:16 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Wed, 08 Nov 2023 22:52:16 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame C2B3 293 B
621 B 21ms
18ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 22:52:16 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Wed, 08 Nov 2023 22:52:16 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame C2B3 43 B
347 B 21ms
17ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=Tb4bxgJ6N5xdH3oldp0yrA2cxHUpWfPm5AFT3tg6ejHoZVGdf_6VAQL9jOaRtu85dxvhV4_xuT7sw2yH2dM-rmn5mOPPYv4oqHZYUMZazVtTLCfDNq7oJKudviiocMMTaPSasnvfGxfvS8YbENYJoPdi9X7WLGnsNxgqy3Vm0_mzWi5stn5wYgQb1mF-vB4AwX39xDGE0P-iU5bKxbgaasUGZ17XsFYJs8ZH5Wrg7tQcK30jSE6873XaEDHrZ1deuJcjIyrOtDn0FmM3XYuHmddoma7M0SJ71VUJpkAhK2Hmk2ACSMzO24V_jF_pcq-EqdguTmUeF0dP9V30UxQ8zUaiLCrpszjljYsr7w2iFCEE7Wg2WNCJbGFZWqzLUEuDxQx5O37OGcnuAkuzLcBcT9ebucLGDWfbZAgOqAtdHjJSwcu8

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 22:52:15 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3179623
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 m
secure-gl.imrworldwide.com/cgi-bin/ Frame C2B3 44 B
752 B 107ms
104ms Image
image/gif 2600:9000:223c:5800:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1668379935
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y3F1HwAENBQH_YPdAASSoNboJ_9sDn1pxDhqnw&u=%7C3vrEEgWMN1D0hfkP9qZUembz1nI8k5a0JvEjX540iUs%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T1Hl_UF-u9tNI4lIsnTDgg1ZRHPrvLN9-iyaovhTne2v1w80ecoBnMoeTA5d0vOoPJ1vrt91mt5f1C5-nRsylZHohtiOByBwJoYFYFDAhSfIIN6F8BTAKPegJbR4T1ElPrYXLQIMcZb2SrVbBukENMSEWMSn0uamxGoScNSLNMN0Mb0UHNjyDoi7jxOnT6R3v5xayUIeMjVeO6SLtABPsyAfzSHVB4aggru7Pp0I-FjaVngiCqrtNqfgs9z4hosMwq8T-tb6l5n0GXR2b-yNsY9ISDzJ1XgJu0bSHZv8ENdJbVd93EKyfysc-3EsHYuWmUs_chQjvGMB1aMHtuZwojVSkdX1UANomwW_rr6xp-uLoAW5WfbqFx7rjgm8nqD0JPzU59VLRxRe0fPT33YRIpFVWnCnWP2aV17pHgcQeScdJhS2ziwo2dJye1nMr6w7eTzJyKadDQB0PuxTLfOtcehD06Rrs7_3aEv62qKfPmzKNr2K72y9rsKRDgin6xnYSFVcE48APc9PmE6DH3YEErUmW7ps8NHyQuF3-WNoJDcT&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_lyyH3VxY5ToEN2H9u8PoKWSwAzJntKxXI3w4taTAcCNtwEQASAAYJWCgIC4B4IBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyyAEJqQJAMbvREFyxPuACAKgDAaoE-QFP0CE2KakjfGilvBtAcfmOEKr9qmBC9rf2mj1JSDEXFGgtfXBg9f0d2FskXydJS5pi1mp8g7QMiNCyMhNfjICRqiAQDUq96EiD9m98bn3CYW4khVR2PvweixhT6g63-HGa45RbGqXC9vtaxx_oTq4V7eUIfGLyBRZBPiu5jFG2sQKRGr5MHJPQtKbBfiy9UThfI1UQSYY84aD3pp6giGNeCArx0JXu1AWETyKJRO_pQ_wUmgorbcFvkqo6woXJ0JFi1f07Pr5_ycHJVM-xWdvjp7xsSnne9lrbS6d9XggqYRt5aD-nnm6gaKD52KwvVFirkEO5w46may_gBAGABsfNz5jfnu2p-QGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2bwPVMkAdWowXcZKAHb-SLe9t_qw%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:5800:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 22:52:16 GMT
via: 1.1 1f0db25765b79d244ad1fa2184395c12.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
x-cache: Miss from cloudfront
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
cross-origin-resource-policy: cross-origin
content-length: 44
pragma: no-cache
server: nginx
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods: POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
x-amz-cf-id: 5n5lWAnD7JvBTflyRIytsVPbUcQyzZPmmtvLuarWcFVZ1y4paRXCBg==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1ACA
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPYIXu9_-Ard5FHUxEeQwS0&google_cve...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UHAyWG9uQ2ExT1VsUE41&google_gid=CAESEPYIXu9_-Ard5FHUxEeQwS0&google_cver=1&google_push=ASkJ3FaNOr__zAS314CjMFOTbjDHp4VLIbmhinoX_Qkof9j...

170 B
188 B

22ms
20ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UHAyWG9uQ2ExT1VsUE41&google_gid=CAESEPYIXu9_-Ard5FHUxEeQwS0&google_cver=1&google_push=ASkJ3FaNOr__zAS314CjMFOTbjDHp4VLIbmhinoX_Qkof9jwYPCu4o3oOd6p8u1KFVZURY1q0I9XJXx-z4SmZYNchZOQ1IwHqYzo

Requested by

Host: 9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com
URL: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 22:52:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 13 Nov 2022 22:52:15 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/5502e06#5502e06d7dbe3c52c9a5559e1550ac262fba6e07 i-0365872a60f729e92@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UHAyWG9uQ2ExT1VsUE41&google_gid=CAESEPYIXu9_-Ard5FHUxEeQwS0&google_cver=1&google_push=ASkJ3FaNOr__zAS314CjMFOTbjDHp4VLIbmhinoX_Qkof9jwYPCu4o3oOd6p8u1KFVZURY1q0I9XJXx-z4SmZYNchZOQ1IwHqYzo
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1ACA
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESELzFbXX36w9e9XDvtyntylw&google_cver=1&google_push=ASkJ3FYfXbdeEtV9cAQvnScgt2vwiFDhN7JQwzqPT8XUeVNljqw4Rowomt2o6JrU4zN4j2pcILetk4Ntw0LnOlMk...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=X1hjcXUfRwCwcbc3bn-Krg&google_push=ASkJ3FYfXbdeEtV9cAQvnScgt2vwiFDhN7JQwzqPT8XUeVNljqw4Rowomt2o6JrU4zN4j2pcILetk4Ntw0LnOlMkO3rUgHH0...

170 B
188 B

26ms
24ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=X1hjcXUfRwCwcbc3bn-Krg&google_push=ASkJ3FYfXbdeEtV9cAQvnScgt2vwiFDhN7JQwzqPT8XUeVNljqw4Rowomt2o6JrU4zN4j2pcILetk4Ntw0LnOlMkO3rUgHH0B7vF

Requested by

Host: 9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com
URL: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 22:52:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 13 Nov 2022 22:52:16 GMT
Server: MT3 4629 97bee97 master zrh-pixel-x12 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=X1hjcXUfRwCwcbc3bn-Krg&google_push=ASkJ3FYfXbdeEtV9cAQvnScgt2vwiFDhN7JQwzqPT8XUeVNljqw4Rowomt2o6JrU4zN4j2pcILetk4Ntw0LnOlMkO3rUgHH0B7vF
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 13 Nov 2022 22:52:15 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1ACA
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEGrOe2KLv5-FCAuOn6tyA8A&google_cver=1&google_push=ASkJ3FZEGnzitqMsPxaD6xs-HAxwmRHSJYWEIMN4cN1t2hkUNeWCaP5NRNqMYFQVsMQRLSzXj--xW62haXkH0U-5pYdd1NrCR0k
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2B88845C29BB4067A8FE0B6B3053AA53&google_push=ASkJ3FZEGnzitqMsPxaD6xs-HAxwmRHSJYWEIMN4cN1t2hkUNeWCaP5NRNqMYFQVsMQRLSzXj--xW62haXkH0U-...

170 B
188 B

20ms
17ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2B88845C29BB4067A8FE0B6B3053AA53&google_push=ASkJ3FZEGnzitqMsPxaD6xs-HAxwmRHSJYWEIMN4cN1t2hkUNeWCaP5NRNqMYFQVsMQRLSzXj--xW62haXkH0U-5pYdd1NrCR0k

Requested by

Host: 9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com
URL: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 22:52:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 13 Nov 2022 22:52:16 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2B88845C29BB4067A8FE0B6B3053AA53&google_push=ASkJ3FZEGnzitqMsPxaD6xs-HAxwmRHSJYWEIMN4cN1t2hkUNeWCaP5NRNqMYFQVsMQRLSzXj--xW62haXkH0U-5pYdd1NrCR0k
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 12 Nov 2022 22:52:16 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 1ACA 70 B
264 B 41ms
35ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEMsXX5sAchFnlW20GXwC4BA&google_cver=1&google_push=ASkJ3FY8ASUqcL6shb4kSDkEcNS6oJdBpC4Q4L2dDUnooV06auxN7F7bSJIp7TCpStsr1Km42D5Eel3W8u9VgpXEDtAgM3IK7TY
Requested by: Host: 9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com
URL: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 13 Nov 2022 22:52:16 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1ACA
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESECVjAJ7-fSuEtr4aq0XFYMo&google_cver=1&google_push=ASkJ3FahP7OCbJigbWY0gMX5rISX1fYM99TKXzmaOT5hndJgENl43AItygTPg7ltZ1tbXGWrCQ_J6keFWpMSFD...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE2NTYzNzI2MjQyNTU4NTgwOA%3D%3D&google_push=ASkJ3FahP7OCbJigbWY0gMX5rISX1fYM99TKXzmaOT5hndJgENl43AItygTPg7ltZ1tbXGWrCQ_J6keFWpMSFDJr_6...

170 B
188 B

19ms
18ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE2NTYzNzI2MjQyNTU4NTgwOA%3D%3D&google_push=ASkJ3FahP7OCbJigbWY0gMX5rISX1fYM99TKXzmaOT5hndJgENl43AItygTPg7ltZ1tbXGWrCQ_J6keFWpMSFDJr_6Bg81gleiyv

Requested by

Host: 9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com
URL: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 22:52:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE2NTYzNzI2MjQyNTU4NTgwOA%3D%3D&google_push=ASkJ3FahP7OCbJigbWY0gMX5rISX1fYM99TKXzmaOT5hndJgENl43AItygTPg7ltZ1tbXGWrCQ_J6keFWpMSFDJr_6Bg81gleiyv
Date: Sun, 13 Nov 2022 22:52:16 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1ACA
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESECzRnN0RgSdVhD6lAfz4V6I&google_cver=1&google_push=ASkJ3FZ2r9oExEUkEq3UPdR1KZKFi50IKNIZBuhD7iiRsy-mt5lZsS6a3LTuj_TbSfq4lpjaw-GSC7l2IFDDsXWl...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=O9z-SUuvQcGJVNggll23Ww2&google_push=ASkJ3FZ2r9oExEUkEq3UPdR1KZKFi50IKNIZBuhD7iiRsy-mt5lZsS6a3LTuj_TbSfq4lpjaw-GSC7l2IFDDsXWll7Y-0atVvxE

170 B
188 B

19ms
18ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=O9z-SUuvQcGJVNggll23Ww2&google_push=ASkJ3FZ2r9oExEUkEq3UPdR1KZKFi50IKNIZBuhD7iiRsy-mt5lZsS6a3LTuj_TbSfq4lpjaw-GSC7l2IFDDsXWll7Y-0atVvxE

Requested by

Host: 9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com
URL: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 22:52:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 13 Nov 2022 22:52:16 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=O9z-SUuvQcGJVNggll23Ww2&google_push=ASkJ3FZ2r9oExEUkEq3UPdR1KZKFi50IKNIZBuhD7iiRsy-mt5lZsS6a3LTuj_TbSfq4lpjaw-GSC7l2IFDDsXWll7Y-0atVvxE
x-host: tde-deliveryengine-production-68f76484d6-6j5bv
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1ACA
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESECsch3FSuF6ONTbVNKOWMSg&google_cver=1&google_push=ASkJ3FbbHVvwgOjb6lzBP8C_HJX1X6qwK8uCRT7mtmAJxixtsyriSPECf12rwDjuR0z6tOIPTpbIQtHX...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTA3OTIzMDA5MTM1MTM3ODUyMA&google_push=ASkJ3FbbHVvwgOjb6lzBP8C_HJX1X6qwK8uCRT7mtmAJxixtsyriSPECf12rwDjuR0z6tOIPTpbIQt...

170 B
188 B

24ms
23ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTA3OTIzMDA5MTM1MTM3ODUyMA&google_push=ASkJ3FbbHVvwgOjb6lzBP8C_HJX1X6qwK8uCRT7mtmAJxixtsyriSPECf12rwDjuR0z6tOIPTpbIQtHXMd-fovKpXchyaBcYGgh9

Requested by

Host: 9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com
URL: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 22:52:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 13 Nov 2022 22:52:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTA3OTIzMDA5MTM1MTM3ODUyMA&google_push=ASkJ3FbbHVvwgOjb6lzBP8C_HJX1X6qwK8uCRT7mtmAJxixtsyriSPECf12rwDjuR0z6tOIPTpbIQtHXMd-fovKpXchyaBcYGgh9
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 1ACA 0
12 B 21ms
17ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JfymE69c9OP5LnzrPjOQ6xVZKi2K0HjSJdhm6EB-JwDkGjAS3zq3uRl4Kea0JV3Q_8N8gY

Requested by

Host: 9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com
URL: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 22:52:16 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BB52
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEGrOe2KLv5-FCAuOn6tyA8A&google_cver=1&google_push=ASkJ3Fb5gzBkdQms0AwUPKm375eU5zAQB04fexrglPmjreSZrh4RdJkMxo2hjVwIUUlT5FUkoIgozpQ-ErmW1_6GLXFTqBnA1VBm
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2B88845C29BB4067A8FE0B6B3053AA53&google_push=ASkJ3Fb5gzBkdQms0AwUPKm375eU5zAQB04fexrglPmjreSZrh4RdJkMxo2hjVwIUUlT5FUkoIgozpQ-ErmW1_6...

170 B
188 B

20ms
19ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2B88845C29BB4067A8FE0B6B3053AA53&google_push=ASkJ3Fb5gzBkdQms0AwUPKm375eU5zAQB04fexrglPmjreSZrh4RdJkMxo2hjVwIUUlT5FUkoIgozpQ-ErmW1_6GLXFTqBnA1VBm

Requested by

Host: 9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com
URL: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 22:52:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 13 Nov 2022 22:52:16 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2B88845C29BB4067A8FE0B6B3053AA53&google_push=ASkJ3Fb5gzBkdQms0AwUPKm375eU5zAQB04fexrglPmjreSZrh4RdJkMxo2hjVwIUUlT5FUkoIgozpQ-ErmW1_6GLXFTqBnA1VBm
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 12 Nov 2022 22:52:16 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame BB52 70 B
264 B 40ms
34ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEMsXX5sAchFnlW20GXwC4BA&google_cver=1&google_push=ASkJ3FZmFeRQk1NLD--_0JLLnri8MkanuSQ5fsZwRzqtzzdKFDpP_jvyK7hTITu42WgoZCUfM0uoN3mHvDmcTsO89V08hKdEy11xrA
Requested by: Host: 9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com
URL: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 13 Nov 2022 22:52:16 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BB52
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESECVjAJ7-fSuEtr4aq0XFYMo&google_cver=1&google_push=ASkJ3FYpJyRxAyEp2UbS6eyiSe24Jzb5llVyz066xGv9v49sQGmMC4hzHD3Myf_HpmhAG3EPCZi-Ivl0ykyamD...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE2NTYzNzI2MjQyNTU4NTgwOA%3D%3D&google_push=ASkJ3FYpJyRxAyEp2UbS6eyiSe24Jzb5llVyz066xGv9v49sQGmMC4hzHD3Myf_HpmhAG3EPCZi-Ivl0ykyamDgIFQ...

170 B
188 B

20ms
19ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE2NTYzNzI2MjQyNTU4NTgwOA%3D%3D&google_push=ASkJ3FYpJyRxAyEp2UbS6eyiSe24Jzb5llVyz066xGv9v49sQGmMC4hzHD3Myf_HpmhAG3EPCZi-Ivl0ykyamDgIFQ5X72zgBIm8DA

Requested by

Host: 9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com
URL: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 22:52:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE2NTYzNzI2MjQyNTU4NTgwOA%3D%3D&google_push=ASkJ3FYpJyRxAyEp2UbS6eyiSe24Jzb5llVyz066xGv9v49sQGmMC4hzHD3Myf_HpmhAG3EPCZi-Ivl0ykyamDgIFQ5X72zgBIm8DA
Date: Sun, 13 Nov 2022 22:52:16 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BB52
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESECzRnN0RgSdVhD6lAfz4V6I&google_cver=1&google_push=ASkJ3Fanr9eFeNx4B9E9xs4IpYM3inbcCFzrsR9MhRAbNemAy6z9dzABrXZ1kdOx_O2bdkiminPbwpdXM-EGBXB6...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=O9z-SUuvQcGJVNggll23Ww2&google_push=ASkJ3Fanr9eFeNx4B9E9xs4IpYM3inbcCFzrsR9MhRAbNemAy6z9dzABrXZ1kdOx_O2bdkiminPbwpdXM-EGBXB6_SBmwYWOoFLP

170 B
188 B

19ms
19ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=O9z-SUuvQcGJVNggll23Ww2&google_push=ASkJ3Fanr9eFeNx4B9E9xs4IpYM3inbcCFzrsR9MhRAbNemAy6z9dzABrXZ1kdOx_O2bdkiminPbwpdXM-EGBXB6_SBmwYWOoFLP

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 22:52:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 13 Nov 2022 22:52:16 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=O9z-SUuvQcGJVNggll23Ww2&google_push=ASkJ3Fanr9eFeNx4B9E9xs4IpYM3inbcCFzrsR9MhRAbNemAy6z9dzABrXZ1kdOx_O2bdkiminPbwpdXM-EGBXB6_SBmwYWOoFLP
x-host: tde-deliveryengine-production-68f76484d6-dn4lt
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BB52
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESELzKtMe2jTJAXTUo5Bz6z9I&google_cver=1&google_push=ASkJ3FYiwg-XTn8XF3U7hsGGUBNU8PXuUctht0aNj-loezTBxx_gMxvtHY1vsPX7W6DHcDcckW_ideuRX5O-TksRwWhn...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESELzKtMe2jTJAXTUo5Bz6z9I&google_cver=1&google_push=ASkJ3FYiwg-XTn8XF3U7hsGGUBNU8PXuUctht0aNj-loezTBxx_gMxvtHY1vsPX7W6DHcDcckW_ideuRX5O-Tk...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FYiwg-XTn8XF3U7hsGGUBNU8PXuUctht0aNj-loezTBxx_gMxvtHY1vsPX7W6DHcDcckW_ideuRX5O-TksRwWhnzb4uAzr6hg&google_hm=A82S1kCfSYGxkWpqUpGxjw==

170 B
188 B

19ms
18ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FYiwg-XTn8XF3U7hsGGUBNU8PXuUctht0aNj-loezTBxx_gMxvtHY1vsPX7W6DHcDcckW_ideuRX5O-TksRwWhnzb4uAzr6hg&google_hm=A82S1kCfSYGxkWpqUpGxjw==

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 22:52:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FYiwg-XTn8XF3U7hsGGUBNU8PXuUctht0aNj-loezTBxx_gMxvtHY1vsPX7W6DHcDcckW_ideuRX5O-TksRwWhnzb4uAzr6hg&google_hm=A82S1kCfSYGxkWpqUpGxjw==
Date: Sun, 13 Nov 2022 22:52:16 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BB52
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEMJ_ejcel56pnAEILohIfNU&google_cver=1&google_push=ASkJ3FYi0ewJcNyN2OdYt9jHZJsE56DEDET0WfwhkEWHiM92VEgM9e7UVKgRb8b7jlJaCS9vmiE-njQdd8ToN8S1d4r2Kdw...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FYi0ewJcNyN2OdYt9jHZJsE56DEDET0WfwhkEWHiM92VEgM9e7UVKgRb8b7jlJaCS9vmiE-njQdd8ToN8S1d4r2Kdwo2UA_Iw&google_hm=NjczODMwMDA5MDIzMzAz...

170 B
188 B

18ms
18ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FYi0ewJcNyN2OdYt9jHZJsE56DEDET0WfwhkEWHiM92VEgM9e7UVKgRb8b7jlJaCS9vmiE-njQdd8ToN8S1d4r2Kdwo2UA_Iw&google_hm=NjczODMwMDA5MDIzMzAzNTczMA%3D%3D

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 22:52:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 13 Nov 2022 22:52:16 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FYi0ewJcNyN2OdYt9jHZJsE56DEDET0WfwhkEWHiM92VEgM9e7UVKgRb8b7jlJaCS9vmiE-njQdd8ToN8S1d4r2Kdwo2UA_Iw&google_hm=NjczODMwMDA5MDIzMzAzNTczMA%3D%3D
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BB52
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESECsch3FSuF6ONTbVNKOWMSg&google_cver=1&google_push=ASkJ3Fb0uTMHdYfKsvyfdjN8QUwNDO-AG0QMUez3K9XfXYnk2eJSE8eBpvCJYSgugurfR1VdR8HYExOt...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTA3OTIzMDA5MTM1MTM3ODUyMA&google_push=ASkJ3Fb0uTMHdYfKsvyfdjN8QUwNDO-AG0QMUez3K9XfXYnk2eJSE8eBpvCJYSgugurfR1VdR8HYEx...

170 B
188 B

21ms
18ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTA3OTIzMDA5MTM1MTM3ODUyMA&google_push=ASkJ3Fb0uTMHdYfKsvyfdjN8QUwNDO-AG0QMUez3K9XfXYnk2eJSE8eBpvCJYSgugurfR1VdR8HYExOtV7tt52vrT1PkAzEbbLa7iw

Requested by

Host: 9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com
URL: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 22:52:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 13 Nov 2022 22:52:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTA3OTIzMDA5MTM1MTM3ODUyMA&google_push=ASkJ3Fb0uTMHdYfKsvyfdjN8QUwNDO-AG0QMUez3K9XfXYnk2eJSE8eBpvCJYSgugurfR1VdR8HYExOtV7tt52vrT1PkAzEbbLa7iw
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame BB52 0
12 B 20ms
15ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KSYknBDMY8y6XK0HyrX5kjDrWuqUuK1xWodgpqbqSnlOR0OO9ROQnKQr6g9d2dLrvuX1-b

Requested by

Host: 9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com
URL: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 22:52:16 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 12EC 20 KB
20 KB 31ms
10ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 22:12:48 GMT
x-content-type-options: nosniff
age: 434368
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Nov 2023 22:12:48 GMT

GET
H3 200 ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 12EC 21 KB
21 KB 33ms
12ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:44:22 GMT
x-content-type-options: nosniff
age: 205674
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21428
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:32:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Nov 2023 13:44:22 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 49C5
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPYIXu9_-Ard5FHUxEeQwS0&google_cve...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UHAyWG9uQ2ExT1VsUE41&google_gid=CAESEPYIXu9_-Ard5FHUxEeQwS0&google_cver=1&google_push=ASkJ3Fbeke7XfeN6F4PumBMeyrj5D7UY7a6PLvZcZGX7QY7...

170 B
188 B

21ms
20ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UHAyWG9uQ2ExT1VsUE41&google_gid=CAESEPYIXu9_-Ard5FHUxEeQwS0&google_cver=1&google_push=ASkJ3Fbeke7XfeN6F4PumBMeyrj5D7UY7a6PLvZcZGX7QY7uS_0Koi_Z6ZdiE4s2OZl0kmllM1f6LMaHnD8Mke-GHsuL8GbgEaw

Requested by

Host: 9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com
URL: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 22:52:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 13 Nov 2022 22:52:15 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/5502e06#5502e06d7dbe3c52c9a5559e1550ac262fba6e07 i-0365872a60f729e92@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UHAyWG9uQ2ExT1VsUE41&google_gid=CAESEPYIXu9_-Ard5FHUxEeQwS0&google_cver=1&google_push=ASkJ3Fbeke7XfeN6F4PumBMeyrj5D7UY7a6PLvZcZGX7QY7uS_0Koi_Z6ZdiE4s2OZl0kmllM1f6LMaHnD8Mke-GHsuL8GbgEaw
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 49C5
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESELzFbXX36w9e9XDvtyntylw&google_cver=1&google_push=ASkJ3FYkWQ9TiRCZZHPHbbBWd5UUaQDcj_w2XS-31D5IibStRgJG-aTtDfOjLLtHy0du79r6iYWm-gY6pWR8WQ9v...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=X1hjcXUfRwCwcbc3bn-Krg&google_push=ASkJ3FYkWQ9TiRCZZHPHbbBWd5UUaQDcj_w2XS-31D5IibStRgJG-aTtDfOjLLtHy0du79r6iYWm-gY6pWR8WQ9vTlSiwtJR...

170 B
188 B

26ms
26ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=X1hjcXUfRwCwcbc3bn-Krg&google_push=ASkJ3FYkWQ9TiRCZZHPHbbBWd5UUaQDcj_w2XS-31D5IibStRgJG-aTtDfOjLLtHy0du79r6iYWm-gY6pWR8WQ9vTlSiwtJRCihZ

Requested by

Host: 9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com
URL: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 22:52:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 13 Nov 2022 22:52:16 GMT
Server: MT3 4629 97bee97 master zrh-pixel-x15 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=X1hjcXUfRwCwcbc3bn-Krg&google_push=ASkJ3FYkWQ9TiRCZZHPHbbBWd5UUaQDcj_w2XS-31D5IibStRgJG-aTtDfOjLLtHy0du79r6iYWm-gY6pWR8WQ9vTlSiwtJRCihZ
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 13 Nov 2022 22:52:15 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 49C5 70 B
264 B 39ms
36ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEMsXX5sAchFnlW20GXwC4BA&google_cver=1&google_push=ASkJ3FaWvtdZ1Vekk8Yg8h1zzn9e6sliC641OoALI8ck9oZHCQ2p80pe9fIQ1WUWnB0HJneb5r4kgvmcTH97PyJeT9ZqReCdJtAF
Requested by: Host: 9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com
URL: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 13 Nov 2022 22:52:16 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 49C5
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESECVjAJ7-fSuEtr4aq0XFYMo&google_cver=1&google_push=ASkJ3FZcb5LWQQqZATsdm-ehiUpFvM7NU3WWijg17Ewe7_AE-P1f90DHWUUB74k-Fa6W_B-JXN2dBe5cTIjpzx...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE2NTYzNzI2MjQyNTU4NTgwOA%3D%3D&google_push=ASkJ3FZcb5LWQQqZATsdm-ehiUpFvM7NU3WWijg17Ewe7_AE-P1f90DHWUUB74k-Fa6W_B-JXN2dBe5cTIjpzxzBPr...

170 B
188 B

19ms
19ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE2NTYzNzI2MjQyNTU4NTgwOA%3D%3D&google_push=ASkJ3FZcb5LWQQqZATsdm-ehiUpFvM7NU3WWijg17Ewe7_AE-P1f90DHWUUB74k-Fa6W_B-JXN2dBe5cTIjpzxzBPrzZr_rEr-M

Requested by

Host: 9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com
URL: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 22:52:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE2NTYzNzI2MjQyNTU4NTgwOA%3D%3D&google_push=ASkJ3FZcb5LWQQqZATsdm-ehiUpFvM7NU3WWijg17Ewe7_AE-P1f90DHWUUB74k-Fa6W_B-JXN2dBe5cTIjpzxzBPrzZr_rEr-M
Date: Sun, 13 Nov 2022 22:52:16 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 49C5
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESECzRnN0RgSdVhD6lAfz4V6I&google_cver=1&google_push=ASkJ3FaJ0vWgOh_ejtKQSqTylHiow7r0Yd1RG9dCVzSM9tgpxN2HxA17vNRrU-FZO0lF4xXaX65-KFCc9FXiQnmB...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=O9z-SUuvQcGJVNggll23Ww2&google_push=ASkJ3FaJ0vWgOh_ejtKQSqTylHiow7r0Yd1RG9dCVzSM9tgpxN2HxA17vNRrU-FZO0lF4xXaX65-KFCc9FXiQnmBIAg2G94r3IPI

170 B
188 B

19ms
18ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=O9z-SUuvQcGJVNggll23Ww2&google_push=ASkJ3FaJ0vWgOh_ejtKQSqTylHiow7r0Yd1RG9dCVzSM9tgpxN2HxA17vNRrU-FZO0lF4xXaX65-KFCc9FXiQnmBIAg2G94r3IPI

Requested by

Host: 9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com
URL: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 22:52:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 13 Nov 2022 22:52:16 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=O9z-SUuvQcGJVNggll23Ww2&google_push=ASkJ3FaJ0vWgOh_ejtKQSqTylHiow7r0Yd1RG9dCVzSM9tgpxN2HxA17vNRrU-FZO0lF4xXaX65-KFCc9FXiQnmBIAg2G94r3IPI
x-host: tde-deliveryengine-production-68f76484d6-dn4lt
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 49C5
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESELzKtMe2jTJAXTUo5Bz6z9I&google_cver=1&google_push=ASkJ3FaMc-7a21WmPzXrnlB76kO5CKeiYWatQV2IYraOCz4CWIL4aK_HKnEGWvnnDZ3BedjEag9oCp5efplaUsbLf2rR...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FaMc-7a21WmPzXrnlB76kO5CKeiYWatQV2IYraOCz4CWIL4aK_HKnEGWvnnDZ3BedjEag9oCp5efplaUsbLf2rRZtbXtnw&google_hm=

170 B
188 B

18ms
18ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FaMc-7a21WmPzXrnlB76kO5CKeiYWatQV2IYraOCz4CWIL4aK_HKnEGWvnnDZ3BedjEag9oCp5efplaUsbLf2rRZtbXtnw&google_hm=

Requested by

Host: 9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com
URL: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 22:52:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ASkJ3FaMc-7a21WmPzXrnlB76kO5CKeiYWatQV2IYraOCz4CWIL4aK_HKnEGWvnnDZ3BedjEag9oCp5efplaUsbLf2rRZtbXtnw&google_hm=
Date: Sun, 13 Nov 2022 22:52:16 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 49C5
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEMJ_ejcel56pnAEILohIfNU&google_cver=1&google_push=ASkJ3FZp9ad0cz9FbiyIdtVXBgxwGvKiV9_c4s95V87r9bGOvJH4a6i7-fW4ix_h0JprlXgBEb24Khj_nC_HWwy7XL7rhNc...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FZp9ad0cz9FbiyIdtVXBgxwGvKiV9_c4s95V87r9bGOvJH4a6i7-fW4ix_h0JprlXgBEb24Khj_nC_HWwy7XL7rhNcptJg&google_hm=NjczODMwMDA5MDIzMzAzNTc...

170 B
188 B

17ms
17ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FZp9ad0cz9FbiyIdtVXBgxwGvKiV9_c4s95V87r9bGOvJH4a6i7-fW4ix_h0JprlXgBEb24Khj_nC_HWwy7XL7rhNcptJg&google_hm=NjczODMwMDA5MDIzMzAzNTczMA%3D%3D

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 22:52:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 13 Nov 2022 22:52:16 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FZp9ad0cz9FbiyIdtVXBgxwGvKiV9_c4s95V87r9bGOvJH4a6i7-fW4ix_h0JprlXgBEb24Khj_nC_HWwy7XL7rhNcptJg&google_hm=NjczODMwMDA5MDIzMzAzNTczMA%3D%3D
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 49C5 0
12 B 20ms
18ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I70Irsd5XrxAp-OL5-vX6z99-Ta-QYE0gVJTrLcLWL-FRRZKGEzrXnkz3t0m7t6yC6wBzc

Requested by

Host: 9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com
URL: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 22:52:16 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame C2B3 12 KB
6 KB 17ms
17ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 22:52:16 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 08 Nov 2023 22:52:16 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame C2B3 2 KB
2 KB 17ms
17ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

d530eb650281c426cb8d0c8d602cffe1a63b732b9b4d93e33aaf0340896e3024

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 22:52:15 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=54407
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1902
expires: Mon, 14 Nov 2022 13:59:03 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame C2B3 2 KB
2 KB 17ms
16ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

490319aff00a55cfc00d9e24f71f39fc0801858055c62c07bec8fabf2f6e24ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 22:52:15 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=432777
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1584
expires: Fri, 18 Nov 2022 23:05:13 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame C2B3 25 KB
25 KB 20ms
19ms Image
image/png 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=116&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F79f2c646e3f74b54931cff1f39d769d0_blue.png&v=3&w=596&s=Y68RrOBJBgfoItKZxNi7YWKx

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

0b13f84a6dde5e31b8a9e05852d609f5aa9d41b1b86c26d2d4f773b7dca0a675

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 22:52:15 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=30883145
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 25396
expires: Mon, 06 Nov 2023 09:31:21 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame C2B3 824 B
1 KB 21ms
21ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FF%2Flogoforsa-GmbH-106079DE.gif%3Feb%3D1&v=3&w=400&s=SWE6M4UNbOZ85LqWAXorsR09&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

99db7c45413b65d885b0ed8ee9b5adcb77066510eeb758cf53c6fdd1f07c0eda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 22:52:15 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=2455971
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 824
expires: Mon, 12 Dec 2022 09:05:07 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame C2B3 2 KB
2 KB 21ms
21ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F7%2FlogoExyte-Management-GmbH-213960DE.gif%3Feb%3D1&v=3&w=400&s=wc_qkiw2xZropug7jkn2H9uR&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

23dcf4c89871124e658e9ceb0069b07ea56ac09cfb416f898846c9f561546b00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 22:52:15 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2030
expires: Sun, 13 Nov 2022 22:52:16 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame C2B3 0
127 B 13ms
13ms Ping
text/plain 2a02:2638:1::17
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=8JcLBv7IxGoJ1inC5tEyvHUQ6Mh4Okmo9lswOEgskCEmRqPkNqhnah-xtCjETBCSKWelHpKRLQch_dQ9nTLBZnfEPVQKPr1wbd2hgyQL78xqZD__WkBBIhlYJV-CdJpXqjD3enZ6Po82wocUWWhg-KPf27AB-7FOfPGLJUh-O_xZWqJ54QZ69FU0ByArEPRcZIEU5bt8mmdmENkS0MYoFD6-ui4G180bItmX6YA0kQv0B1AmvuwQZicRyauPNIYhby_eKA&sds=2&rev=83376.1&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 13 Nov 2022 22:52:15 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame C2B3 2 KB
1 KB 17ms
17ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 22:52:16 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 08 Nov 2023 22:52:16 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame C2B3 2 KB
1 KB 18ms
18ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 22:52:16 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 08 Nov 2023 22:52:16 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1EB1 16 KB
16 KB 10ms
10ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 11:59:40 GMT
x-content-type-options: nosniff
age: 298356
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Nov 2023 11:59:40 GMT

GET
H3 200 rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js Show response
pagead2.googlesyndication.com/bg/ Frame 7DA9 36 KB
16 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad596ab3f0ba304a3298d220ae96016367897e1549b8c8c451e59a6f8cfdc913

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 20:32:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8385
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15986
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 13 Nov 2023 20:32:31 GMT

GET
H3 200 rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js Show response
pagead2.googlesyndication.com/bg/ Frame 7BD8 36 KB
16 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad596ab3f0ba304a3298d220ae96016367897e1549b8c8c451e59a6f8cfdc913

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 20:32:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8385
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15986
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 13 Nov 2023 20:32:31 GMT

GET
H2 200 get Show response
odb.outbrain.com/utils/ 51 KB
16 KB 334ms
334ms Script
text/javascript 146.75.118.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.walla.co.il%2F&idx=9&rand=50449&key=NANOWDGT01&widgetJSId=AR_25&va=true&et=true&format=html&t=ODY3NzQxODZlYjcxNzk4MzY2N2M3YmZhYjMyMjdkZGY=&adblck=false&abwl=false&px=0&py=2452&vpd=1252&cw=1600&activeTab=true&darkMode=false&ab=0&wl=0&em=1&settings=true&recs=true&version=2000941&sig=8oBnIw85&apv=false&false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fwww.walla.co.il%2F
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.118.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4dc29df82cfec79f07e4e8dad3b0de02c95a9bf25e51a6671a0823bbaf9a3fec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-cache-hits: 0, 0
date: Sun, 13 Nov 2022 22:52:16 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, FRA, Europe1
x-timer: S1668379936.253132,VS0,VE327
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-served-by: cache-lga21933-LGA, cache-fra-eddf8230040-FRA
x-traceid: c4d072a30129bcb80cd19939bb01d5fe
accept-ranges: bytes
content-length: 16174
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 45ms
28ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022110801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js?cb=31070836

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

96b87e2837305ced35551879fdadb78a0dc75c3c7cf033f01ae6daf12345dfca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 22:52:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11118
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 533ms
532ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110801.js?cb=31070836

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 22:52:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 13 Nov 2022 22:52:16 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3BAF 42 B
64 B 41ms
41ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvpiEUomJuKNOHDEnbAWggA_Y-yuDC_OTdZiGe9CYBjQmEsB4dBVTSyHZs9usxohTvE7EwA2ht2P5d4y2wiTkegIzg&sig=Cg0ArKJSzGl76LYlJN64EAE&cid=CAASF-RoI6HO6YZcYy082e4es5KYLZiLsEdm&id=lidar2&mcvt=1009&p=20,315,270,1285&mtos=1009,1009,1009,1009,1009&tos=1009,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=885339185&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1668379935135&rpt=227&isd=0&lsd=0&met=ie&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 22:52:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame ADA0 42 B
64 B 42ms
42ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssURDNu7IsZzOn1c456nu1WOLYGCGR3r07e0TVQ6U4c8XlznnPf9L7KBFhcPboqjTkeS2Mh0DugtOiU0ZV2l5R5A3g&sig=Cg0ArKJSzOzkhzGX9M0_EAE&cid=CAASF-RoQDdG_-25sOSPr73I1iHJ0IE6vd2I&id=lidar2&mcvt=1000&p=1035,199,1235,499&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=0.82&if=1&vu=1&app=0&itpl=20&adk=2822717126&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1668379935139&rpt=255&isd=0&lsd=0&met=ie&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 22:52:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 get Show response
mv.outbrain.com/Multivac/api/ 86 KB
22 KB 1070ms
1070ms Script
text/javascript 146.75.118.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fwww.walla.co.il%2F&settings=true&recs=true&widgetJSId=AR_25&key=NANOWDGT01&version=2000941&apv=true&sig=8oBnIw85&format=html&rand=80534&em=1&osLang=en-US&va=true&et=true&cmpStat=0&ccpaStat=0&scrW=1600&scrH=1200&t=ODY3NzQxODZlYjcxNzk4MzY2N2M3YmZhYjMyMjdkZGY=&winW=1600&winH=1200&adblck=false&abwl=false&secured=true&feedIdx=9&lastIdx=9&lastCardIdx=0&fAB=no_abtest&dpr=1&cw=1600&darkMode=false&activeTab=true&ogn=https%3A%2F%2Fwww.walla.co.il%2F
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/2000941/module/streamFeed.js?e=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.118.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f3016c1c2c18b45d46f9fea7adb609309c3842cc27a81b3c8a15f06e41958bcf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-cache-hits: 0, 0
date: Sun, 13 Nov 2022 22:52:17 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, FRA, Europe1
x-timer: S1668379937.597182,VS0,VE1061
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-served-by: cache-lga21920-LGA, cache-fra-eddf8230040-FRA
x-traceid: 74963e11e6cf281660655d499ceea392
accept-ranges: bytes
content-length: 21712
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 4385 0
127 B 13ms
12ms Ping
text/plain 2a02:2638:1::17
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 13 Nov 2022 22:52:16 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

POST
H2 200 all
csm.eu.criteo.net/ Frame 21F2 0
127 B 13ms
13ms Ping
text/plain 2a02:2638:1::17
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 13 Nov 2022 22:52:16 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7041 13 KB
5 KB 9ms
8ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 6909
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 13 Nov 2022 20:57:07 GMT
expires: Mon, 13 Nov 2023 20:57:07 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 873F 783 B
536 B 19ms
19ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3550d95af51fa6f51717bb4ff67daf2cc86becbfdef768c693864945d3ba6d22

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-94p1toXWKNWfA0AnzPQy-g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-94p1toXWKNWfA0AnzPQy-g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 13 Nov 2022 22:52:16 GMT
expires: Sun, 13 Nov 2022 22:52:16 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 873F 0
0 42ms
42ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022110801&jk=1973268937009361&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H3 200 rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js Show response
pagead2.googlesyndication.com/bg/ Frame 7041 36 KB
16 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad596ab3f0ba304a3298d220ae96016367897e1549b8c8c451e59a6f8cfdc913

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 20:32:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8385
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15986
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 13 Nov 2023 20:32:31 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 7041 0
11 B 7ms
7ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Ylzf1Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 22:52:16 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 12EC 42 B
64 B 53ms
52ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstO2OP9Q9pWadrJfqyHaPDt73eH7Zo9wcP-lQn5nR-Su-tb_me8Jvht8FosCHamBAx1e9xCeudnj-p1nEI_2JYC-_B3YIN3XQcTWvAzvZcqqobv7R2qs6wbkqzLYmkAI4RVrNThVGLMTWiqH_9ZKEIGbIDyzVqREN2N&sai=AMfl-YQtBD-kUE9qfMadwpTxjq3k7PjLZ8dgCDto-HB23hSu_t1HE28fyBj6qFVCG3sg7HzJFvxyll_rSQiuLP2ru0S-nLVD-yz8xl8W0J2vOJhZczTUmov5nX392kYTC8k&sig=Cg0ArKJSzETj5TDwjUOXEAE&cid=CAQSPADq26N9sAK5otwGSRVHI6E0BcZPCZpimb6livMl-zB3fKISo7FGc4mdibWUhq0qeSYSwcijnBTTg8qe5RgBIBM&id=lidar2&mcvt=1000&p=451,1439,1051,1599&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2273020712&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1668379935719&rpt=479&isd=0&lsd=0&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9783329cf58adafa23dc352f2653d264.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 22:52:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame C92F 0
128 B 28ms
19ms Script
text/plain 185.64.190.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=158810&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 22:52:16 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 44ms
43ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022110801&jk=1973268937009361&bg=!MDOlM3fNAAbvMpMzzzI7ACkAdvg8WnQCIkcLewwoCkMATwiZf_fCUfDW6NhXjSs_wORux0u6g2CspQIAAABXUgAAAANoAQcKADqQJrwTx7dp1eTH5nTxYMcINamk2kIjQvnV_dTi8N9guMA-4EoTOrf5eWxY-3Dr5vzujkZBL5sT7NObmQKf6GCLSWkIqdMNEtgoZsXWA5THNhOKJuGmGSN2PJ3m3RU2Gg9aH_WqT_MeSEsTteXmsOrto4f0LqnKOM3aJZZR3X_q5Xp5TwMSKi6B4jVdYiykbpkyJ13YgrWL2vEJLqgfwqaPcbpdsk1YaY2us1GmHBSmupYwC4lB69N75W7X27hMzZqeFSyoz6EwcDO6Wsep-2g704HOzsRCsukuAxiSz-UdnHw-lGpQcDt7h25DX3_9Bc3D5EB0LYdVSB7vIunsuq7qS8X0cgRkdQGr--L7qa-zwU625d_r1qkWGS0rcfhvxr3csNogxp4ya-aAXvpVvMuolrE4OGNviuNBaP_gNhQmg7OA0B-iYFhsSS-I9iHsbIGCXfzY00IcH1XgF6EYMYbl5Unu8Hp9j9qPq6c1j2N3T7F3CLhqTQwAvNNPFYQdtrFOCbFT2NaudfSGQ8QDQh9ttGlufqIsSMPU10vjhBVevCROwZs7eaBvYRL9bVduzI-RbGqOmjW6AKDmKlzkxix0t_u8VD1nOyfnc3PuhLT39QvNA8ndfxxQFayb_FvvxdGPtbZ1bOYfjzYdnXvX_-KAGvI-4o1sxqofNBo6iCndUrc41wpe5EC730KWsBWvqKw1nB7pPJ-SCSsHilbYCwX99Untivk3V_fvbQqGf-8JM1a-mAA-sSZouCvxkBeOo-gZcy6a719nPdyvHZIgWciI-XWl5vbNLEfb4T5t28pAiMi44FktODnekRHN48EUZvhuupJbKNY_ESLMfChxbpLJvIYrB3Ei5Wo2MVNE1EKN3Ng3B6Iv37rVPpb6s9UA5pVIr8rLTTXMu4bVVfrlzT_mIZSxcVrg4XBMhcRL0dLQoN8y4FzgdGX6rMd7QdB5GQzXYDw_P6_uOpjvIKA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H2 200 publishertag.prebid.123.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 23ms
22ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.123.js

Requested by

Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1668297600000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 22:52:17 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 03 May 2022 11:21:03 GMT
server: nginx
etag: W/"6271101f-15b58"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 14 Nov 2022 22:52:17 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame EED7 15 KB
6 KB 73ms
21ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.walla.co.il

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 13 Nov 2022 22:52:17 GMT
server: Kestrel
server-processing-duration-in-ticks: 918683
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 89 KB
29 KB 64ms
31ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 22:52:17 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
server: nginx
etag: W/"6356752f-16294"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 14 Nov 2022 22:52:17 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame EED7
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=walla.co.il&sn=ChromeSyncframe&so=0&topUrl=www.walla.co.il&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=zxwMs3xobFpaZFp0NmNYWE9lNmdkMmxMZkhGSEk5bUVKVVA3YU9EUm1NYVRnMHQ4YkYzNHZaaFdwMkl6SFhCTG85Mi91eFRIbVhtcVBmQ0NNWlFWSHZvWUxyVUticGtZemVSTWRzK2VDSVg2cXFOK3VNVThxMmJpejQ5bU...

422 B
648 B

65ms
15ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=zxwMs3xobFpaZFp0NmNYWE9lNmdkMmxMZkhGSEk5bUVKVVA3YU9EUm1NYVRnMHQ4YkYzNHZaaFdwMkl6SFhCTG85Mi91eFRIbVhtcVBmQ0NNWlFWSHZvWUxyVUticGtZemVSTWRzK2VDSVg2cXFOK3VNVThxMmJpejQ5bUtIZDkxZ1hSRkxic3pSZ1o3QkxpVzFFam4yYmVONHFoOVlXSmNkQTJWSUhzYndZVWJGQzYyd0FNekRGRWJDcEQ5M1lDYnQvUTlXSzNyd1hFdVZEZGhaOU12OU0zYXZHeGVPazhUY2lJeG83MW5iclEwR21saVVDeitNdVJkenpJL08xcXEwUnYwY2VhckptOEt5M0R5eW55aGh2eXdKUT09fA&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

8c6ce9b4bdd47564cfde1b9b4d481ecb970ddd945dc51159fe6478133b049254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 22:52:17 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2136249
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 13 Nov 2022 22:52:16 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=zxwMs3xobFpaZFp0NmNYWE9lNmdkMmxMZkhGSEk5bUVKVVA3YU9EUm1NYVRnMHQ4YkYzNHZaaFdwMkl6SFhCTG85Mi91eFRIbVhtcVBmQ0NNWlFWSHZvWUxyVUticGtZemVSTWRzK2VDSVg2cXFOK3VNVThxMmJpejQ5bUtIZDkxZ1hSRkxic3pSZ1o3QkxpVzFFam4yYmVONHFoOVlXSmNkQTJWSUhzYndZVWJGQzYyd0FNekRGRWJDcEQ5M1lDYnQvUTlXSzNyd1hFdVZEZGhaOU12OU0zYXZHeGVPazhUY2lJeG83MW5iclEwR21saVVDeitNdVJkenpJL08xcXEwUnYwY2VhckptOEt5M0R5eW55aGh2eXdKUT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 603507
content-length: 0
expires: 0

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.walla.co.il%2F&domain=www.walla.co.il&cw=1&pbt=1&lsw=1
https://mug.criteo.com/sid?cpp=mmPM0HxTREJJcEIwYWZYeE1xUTZGZ1ZqSmxaeWVyMUV4TjhJYkkwMXc3Y0o4dVlpMVFPaVo1WVZXaW9xNXNXaldIVG05Vk02QzR5QjNWM2thQzRXTDBiaFlBbXl4WWJ3MFlnbEZ1VzEyVEdkdDdxb3RYSzl5ZUZzTnUyQ0...

415 B
691 B

15ms
14ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=mmPM0HxTREJJcEIwYWZYeE1xUTZGZ1ZqSmxaeWVyMUV4TjhJYkkwMXc3Y0o4dVlpMVFPaVo1WVZXaW9xNXNXaldIVG05Vk02QzR5QjNWM2thQzRXTDBiaFlBbXl4WWJ3MFlnbEZ1VzEyVEdkdDdxb3RYSzl5ZUZzTnUyQ0NLQld4aENQR215YUdMVlUyWlRua2dLZmNYT3RGLzh1cFlxaXEva2JxdG5qWG5uM2NSY0NxOEVhTHU3UFlHS29BRTl1bGhuaHd1UUZxR2ZmQTdPQVJ2VTU5UDllTzZMaTRBckt1and5dDIxQm9WSEhKTGNsVmZnNTZGNmsrR1B4NDF2V0RFMHpOVTROc3ZYNGVkMVh6bmxCaHRkbWJ0dz09fA&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

ca99f348f58b563d6ff5a88b8809e6e61e4554073f5b0baca09e2f0d117a9175

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 22:52:17 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1561640
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 13 Nov 2022 22:52:18 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-methods: GET
location: https://mug.criteo.com/sid?cpp=mmPM0HxTREJJcEIwYWZYeE1xUTZGZ1ZqSmxaeWVyMUV4TjhJYkkwMXc3Y0o4dVlpMVFPaVo1WVZXaW9xNXNXaldIVG05Vk02QzR5QjNWM2thQzRXTDBiaFlBbXl4WWJ3MFlnbEZ1VzEyVEdkdDdxb3RYSzl5ZUZzTnUyQ0NLQld4aENQR215YUdMVlUyWlRua2dLZmNYT3RGLzh1cFlxaXEva2JxdG5qWG5uM2NSY0NxOEVhTHU3UFlHS29BRTl1bGhuaHd1UUZxR2ZmQTdPQVJ2VTU5UDllTzZMaTRBckt1and5dDIxQm9WSEhKTGNsVmZnNTZGNmsrR1B4NDF2V0RFMHpOVTROc3ZYNGVkMVh6bmxCaHRkbWJ0dz09fA&cppv=2
access-control-allow-origin: https://www.walla.co.il
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 672782
content-length: 0
expires: 0

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 41ms
15ms Preflight
application/json 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.walla.co.il%2F&domain=www.walla.co.il&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.walla.co.il
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.walla.co.il
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sun, 13 Nov 2022 22:52:17 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 466434
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 pd Show response
u.openx.net/w/1.0/ Frame 51F4 0
35 B 27ms
16ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1668297600000
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Sun, 13 Nov 2022 22:52:18 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 3C19 281 B
554 B 41ms
9ms Document
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1668297600000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 13 Nov 2022 22:52:18 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 4B90 52 KB
17 KB 37ms
7ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1668297600000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 65400
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sun, 13 Nov 2022 22:52:18 GMT
ETag: W/"623de86a-cf34"
Expires: Fri, 04 Nov 2022 04:41:58 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 9, 822027
X-Served-By: cache-lga13626-LGA, cache-hhn4083-HHN
X-Timer: S1668379938.226839,VS0,VE0

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame 8B0A 3 KB
2 KB 58ms
17ms Document
text/html 104.18.12.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1668297600000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.12.76 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 35
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 769b13b5fe68902e-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 13 Nov 2022 22:52:18 GMT
expires: Mon, 14 Nov 2022 02:52:18 GMT
last-modified: Mon, 25 Jul 2022 19:18:26 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H2 200 sync Show response
eb2.3lift.com/ Frame 16E0 37 B
140 B 36ms
10ms Document
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1668297600000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Sun, 13 Nov 2022 22:52:18 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 71C0 52 KB
17 KB 32ms
7ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1668297600000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 65400
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sun, 13 Nov 2022 22:52:18 GMT
ETag: W/"623de86a-cf34"
Expires: Fri, 04 Nov 2022 04:41:58 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 9, 850278
X-Served-By: cache-lga13626-LGA, cache-hhn4075-HHN
X-Timer: S1668379938.227640,VS0,VE0

GET
H2 204 /
onetag-sys.com/usync/ Frame 425C 0
0 9ms
9ms Document
text/plain 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1668379934651

Requested by

Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1668297600000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 / Show response
csync.smilewanted.com/ Frame 2C07 6 KB
2 KB 27ms
26ms Document
text/html 104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1668297600000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9ec911db2ab87570c430bedf2e40f78bfe082b195cc36075f36b1bbcbb45510

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 769b13b5cee892b4-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 13 Nov 2022 22:52:18 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame C1E4 15 KB
6 KB 8ms
7ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1668297600000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=25903
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Sun, 13 Nov 2022 22:52:18 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Mon, 14 Nov 2022 06:04:01 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
unused62: 8096267
vary: Accept-Encoding

GET
H/1.1 200
OK prebid
b1h-euc1.zemanta.com/usersync/ 26 B
151 B 13ms
13ms Image
image/gif 213.227.153.220
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b1h-euc1.zemanta.com/usersync/prebid
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.227.153.220 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: v182.ce13.ams-01.nl.leaseweb.net
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Sun, 13 Nov 2022 22:52:18 GMT
Connection: keep-alive
Content-Length: 26
Content-Type: image/gif

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame C1E4 2 KB
2 KB 15ms
13ms Script
text/html 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=81108888&p=160447&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 6ec14b673a46af1b371437aeba34714f8665b000b2a24d40421cf57160494075

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Sun, 13 Nov 2022 22:52:18 GMT
content-length: 1818
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 3C19 33 KB
10 KB 8ms
8ms Script
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 1130210f2839a120b566a95d84b393f660e1a411befdfe2b1acb7eef287c4a8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Sun, 13 Nov 2022 22:52:18 GMT
Content-Encoding: gzip
Last-Modified: Sun, 13 Nov 2022 20:09:55 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=76667
Connection: keep-alive
Content-Length: 9884
Expires: Mon, 14 Nov 2022 20:10:05 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 48ms
13ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sun, 13 Nov 2022 22:52:18 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 593841
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 4B90 0
859 B 14ms
14ms Script
text/html 185.89.210.141
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 13 Nov 2022 22:52:18 GMT
AN-X-Request-Uuid: 28225392-50bf-4db7-bf27-a9d6b81230a7
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 80.255.10.205; 80.255.10.205; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 71C0 0
859 B 15ms
15ms Script
text/html 185.89.210.141
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

ec2-54-72-173-47.eu-west-1.compute.amazonaws.com

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 13 Nov 2022 22:52:18 GMT
AN-X-Request-Uuid: 7f11711f-012a-4eaa-b12f-02ac501e9466
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 80.255.10.205; 80.255.10.205; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 decode_consent.js Show response
static.smilewanted.com/js/decode_consent/ Frame 2C07 48 KB
12 KB 24ms
24ms Script
application/javascript 104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.smilewanted.com/js/decode_consent/decode_consent.js

Requested by

Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.68.131 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://csync.smilewanted.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 22:52:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 281795
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Thu, 15 Apr 2021 17:11:55 GMT
server: cloudflare
etag: W/"607873db-c1ce"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 769b13b64fac92b4-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 usermatch Show response
ssum-sec.casalemedia.com/ Frame 2575 2 KB
1 KB 30ms
30ms Document
text/html 104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc633d8d4c6a7d06d8c233bb43c8cf4197fc220ecb56d8ed900a83cda98e1219

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 769b13b65f67900a-FRA
content-encoding: br
content-type: text/html
date: Sun, 13 Nov 2022 22:52:18 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EohgGjreWfo1hkSyjtrnfSMOEnZ81Y7GIizTbXdrcj1Mz3AiuRror2JxUF4MoT62cR%2BPtE8CsiSnTZYVT7YQpjYiRtUV1Do%2BQeJHQTAxhwvj8q3mWMn%2FzY6b0L6QSRTO77l6eZp%2B%2Beya%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame AF55
Redirect Chain

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=r8GQrq7Hlvm0xJOur5GKqaGWlqi0y5Kur8TPJxWV

42 B
419 B

13ms
13ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=r8GQrq7Hlvm0xJOur5GKqaGWlqi0y5Kur8TPJxWV
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sun, 13 Nov 2022 22:52:16 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
date: Sun, 13 Nov 2022 22:52:18 GMT
expires: Fri, 04 Aug 1978 12:00:00 GMT
location: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=r8GQrq7Hlvm0xJOur5GKqaGWlqi0y5Kur8TPJxWV
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
strict-transport-security: max-age=86400

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 559D
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7165637262425585808&gdpr=0&gdpr_consent=

42 B
298 B

13ms
13ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7165637262425585808&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sun, 13 Nov 2022 22:52:17 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Date: Sun, 13 Nov 2022 22:52:18 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7165637262425585808&gdpr=0&gdpr_consent=
Server: nginx
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H/1.1

200
OK

adx Show response
match.prod.bidr.io/cookie-sync/ Frame 1CE0
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDbDMwN0c0dW9BQUNCWFZVN0NTUQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1

43 B
433 B

30ms
30ms

Document
image/gif

54.72.173.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.72.173.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

gunicorn /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Length: 43
Date: Sun, 13 Nov 2022 22:52:18 GMT
Server: gunicorn
cache-control: no-cache, must-revalidate
content-type: image/gif
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma: no-cache
strict-transport-security: max-age=2592000; includeSubDomains

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 355
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 13 Nov 2022 22:52:18 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: HTTP server (unknown)
x-xss-protection: 0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 6973
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=xrla2sUSRZ5DAL7wa6Qxz1D_Cs0

42 B
266 B

13ms
13ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=xrla2sUSRZ5DAL7wa6Qxz1D_Cs0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sun, 13 Nov 2022 22:52:17 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Content-Length: 159
Content-Type: text/html; charset=utf-8
Date: Sun, 13 Nov 2022 22:52:18 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=xrla2sUSRZ5DAL7wa6Qxz1D_Cs0

GET
H2

200

Artemis
aud.pubmatic.com/AdServer/ Frame C1E4
Redirect Chain

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=E38BD62B-5B53-45AF-9D2C-894F68FDDC16&gdpr=
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=E38BD62B-5B53-45AF-9D2C-894F68FDDC16&gdpr=&fbounce=1
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=E38BD62B-5B53-45AF-9D2C-894F68FDDC16&addseg=19,36,42

0
0

82ms
20ms

Image
application/json

185.64.190.87
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=E38BD62B-5B53-45AF-9D2C-894F68FDDC16&addseg=19,36,42
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol: H2
Server: 185.64.190.87 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Redirect headers

date: Sun, 13 Nov 2022 22:52:18 GMT
via: 1.1 google
content-type: text/html; charset=utf-8
location: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=E38BD62B-5B53-45AF-9D2C-894F68FDDC16&addseg=19,36,42
p3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141

GET
H/1.1

200
OK

info2
uipglob.semasio.net/pubmatic/1/ Frame C1E4
Redirect Chain

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=E38BD62B-5B53-45AF-9D2C-894F68FDDC16&sInitiator=external&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=E38BD62B-5B53-45AF-9D2C-894F68FDDC16&sInitiator=external&gdpr=0&gdpr_consent=

42 B
604 B

29ms
28ms

Image
image/gif

77.243.60.138
NETIC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=E38BD62B-5B53-45AF-9D2C-894F68FDDC16&sInitiator=external&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol: HTTP/1.1
Server: 77.243.60.138 , Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 22:52:25 GMT
frontend-id: 15
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type: image/gif
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin: *
content-length: 42
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 13 Nov 2022 22:52:25 GMT
frontend-id: 7
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location: /pubmatic/1/info2?sType=sync&sExtCookieId=E38BD62B-5B53-45AF-9D2C-894F68FDDC16&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin: *
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H2 200 mw
mwzeom.zeotap.com/ Frame C1E4 95 B
382 B 54ms
21ms Image
image/png 2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=E38BD62B-5B53-45AF-9D2C-894F68FDDC16
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 22:52:18 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 769b13b69912bbfe-FRA
access-control-allow-headers: *
content-length: 95

GET
H/1.1

200

p
a.audrte.com/ Frame C1E4
Redirect Chain

https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=E38BD62B-5B53-45AF-9D2C-894F68FDDC16
https://a.audrte.com/p

68 B
424 B

92ms
92ms

Image
image/png

52.73.233.198
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.audrte.com/p
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol: HTTP/1.1
Server: 52.73.233.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-73-233-198.compute-1.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Sun, 13 Nov 2022 22:52:18 GMT
Server: nginx/1.18.0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 68

Redirect headers

Date: Sun, 13 Nov 2022 22:52:18 GMT
Server: nginx/1.18.0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *
Location: https://a.audrte.com:443/p
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame C1E4
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic
https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic
https://x.bidswitch.net/sync?dsp_id=59&user_id=e914f2bf-ce57-4d2f-9fbf-9cb1e209ccb4&ssp=pubmatic
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=03cd92d6-409f-4981-b191-6a6a5291b18f&gdpr=&gdpr_consent=&gdpr_pd=

1 B
165 B

13ms
13ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=03cd92d6-409f-4981-b191-6a6a5291b18f&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Sun, 13 Nov 2022 22:52:17 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=03cd92d6-409f-4981-b191-6a6a5291b18f&gdpr=&gdpr_consent=&gdpr_pd=
Date: Sun, 13 Nov 2022 22:52:18 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2 200 E38BD62B-5B53-45AF-9D2C-894F68FDDC16
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame C1E4 43 B
601 B 36ms
33ms Image
image/gif 2a05:d018:d29:3605:aa90:4442:d391:12dd
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/E38BD62B-5B53-45AF-9D2C-894F68FDDC16?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3605:aa90:4442:d391:12dd Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 22:52:18 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame C1E4
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=E38BD62B-5B53-45AF-9D2C-894F68FDDC16&redir=true&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-wR3R1o1E2uWNnT4AQR5NmSx_gYjTg6U-~A&gdpr=0&gdpr_consent=

0
128 B

20ms
18ms

Image
text/plain

185.64.190.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-wR3R1o1E2uWNnT4AQR5NmSx_gYjTg6U-~A&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol: H2
Server: 185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 22:52:18 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-wR3R1o1E2uWNnT4AQR5NmSx_gYjTg6U-~A&gdpr=0&gdpr_consent=
date: Sun, 13 Nov 2022 22:52:18 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 current
pubmatic-match.dotomi.com/match/bounce/ Frame C1E4 0
103 B 38ms
13ms Image
text/plain 2a02:fa8:8806:12::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=E38BD62B-5B53-45AF-9D2C-894F68FDDC16&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 22:52:18 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame C1E4 0
191 B 26ms
23ms Image
text/plain 66.155.71.25
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Sun, 13 Nov 2022 22:52:18 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame C1E4
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8121903843134960957&gdpr=0&gdpr_consent=&us_privacy=

1 B
194 B

13ms
13ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8121903843134960957&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Sun, 13 Nov 2022 22:52:17 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8121903843134960957&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Sun, 13 Nov 2022 22:52:17 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2 200 drop_cookie_sw.php Show response
csync.smilewanted.com/ Frame 54C2 0
563 B 31ms
31ms Document
text/html 104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/drop_cookie_sw.php
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 769b13b67fe492b4-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 13 Nov 2022 22:52:18 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2 204 v1
match.sharethrough.com/universal/ Frame 1468 0
0 29ms
8ms Document
text/plain 3.122.48.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.122.48.34 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-48-34.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

date: Sun, 13 Nov 2022 22:52:18 GMT

GET
H/1.1 200
OK dcm
s.amazon-adsystem.com/ Frame 2575 43 B
855 B 385ms
96ms Image
image/gif 209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y3F1H90V5uXLOufgSEsR6AAAFDwAAAAB

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 13 Nov 2022 22:52:18 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: VY3T7WKPDN2G9SD1ZKB9
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

usermatchredir
ssum-sec.casalemedia.com/ Frame 2575
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y3F1H90V5uXLOufgSEsR6AAAFDwAAAAB&gdpr_consent=&us_privacy=&gdpr=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEFNVtrt12G7OXtd3lwKdcJI&google_cver=1

43 B
839 B

30ms
30ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEFNVtrt12G7OXtd3lwKdcJI&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 22:52:18 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=viZ0osazghyTVqjteQOHnnPWhYu05IrR4xmb3HpMrpYjOIPOghBBo90z%2FhOKIqfsZdjEbeOZKNzvFX01hv3nRC4K2ha7oUCiRAUWBQ06k9P6gOmCFwFVwrcMOIcoVWZxbzau7OjUjysV0g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 769b13b6bfea900a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 13 Nov 2022 22:52:18 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEFNVtrt12G7OXtd3lwKdcJI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 342
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 2575
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y3F1H90V5uXLOufgSEsR6AAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELk5tajXrITPgHpat5gIkC4&google_cver=1

43 B
766 B

9ms
9ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELk5tajXrITPgHpat5gIkC4&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 13 Nov 2022 22:52:18 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sun, 13 Nov 2022 22:52:18 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELk5tajXrITPgHpat5gIkC4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 2575 70 B
264 B 39ms
35ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 13 Nov 2022 22:52:18 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 2575
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=29
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=9079230091351378520&expiration=1669589538

43 B
766 B

50ms
9ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=9079230091351378520&expiration=1669589538
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 13 Nov 2022 22:52:18 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sun, 13 Nov 2022 22:52:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=9079230091351378520&expiration=1669589538
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 Y3F1H90V5uXLOufgSEsR6AAAFDwAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 2575 43 B
601 B 35ms
31ms Image
image/gif 2a05:d018:d29:3605:aa90:4442:d391:12dd
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/Y3F1H90V5uXLOufgSEsR6AAAFDwAAAAB?gdpr_consent=&us_privacy=&gdpr=

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3605:aa90:4442:d391:12dd Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 22:52:18 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2

200

crum
dsum.casalemedia.com/ Frame 2575
Redirect Chain

https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=9042649650226842289

43 B
878 B

75ms
39ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=9042649650226842289
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Server: 104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 22:52:18 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BGvOujd9V56JGII%2BrzyU2t5%2FEHldp84E9dG05YXZR2d3B3dkK5MEV1m6w6x%2F4vlSvkNM5Mphwqoq%2BPJPtuIOm%2F%2BU64YrGXSsNVRuCTP6KCsxWGrxkiTlED1%2Fx2s%2Bou5tcjPnmCWq"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 769b13b6fb1d91f3-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

Date: Sun, 13 Nov 2022 22:52:18 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 80.255.10.205; 80.255.10.205; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 9694e87a-ea61-47dd-bb00-a2692d818c01
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=9042649650226842289
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

Y3F1H90V5uXLOufgSEsR6AAAFDwAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 2575
Redirect Chain

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y3F1H90V5uXLOufgSEsR6AAAFDwAAAAB&gdpr_consent=&us_privacy=&gdpr=
https://pr-bh.ybp.yahoo.com/sync/casale/Y3F1H90V5uXLOufgSEsR6AAAFDwAAAAB

43 B
601 B

33ms
31ms

Image
image/gif

2a05:d018:d29:3605:aa90:4442:d391:12dd
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/Y3F1H90V5uXLOufgSEsR6AAAFDwAAAAB

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

Server

2a05:d018:d29:3605:aa90:4442:d391:12dd Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 22:52:18 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

Redirect headers

location: https://pr-bh.ybp.yahoo.com/sync/casale/Y3F1H90V5uXLOufgSEsR6AAAFDwAAAAB
date: Sun, 13 Nov 2022 22:52:18 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame 2575 43 B
352 B 51ms
15ms Image
image/gif 104.18.13.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?Y3F1H90V5uXLOufgSEsR6AAA%265180
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.13.76 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 22:52:18 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 1241
etag: "761e21-2b-546dc3a097100"
vary: Accept-Encoding
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 769b13b6d8308fe3-FRA
content-length: 43
expires: Mon, 14 Nov 2022 22:52:18 GMT

GET
H/1.1

200
OK

setuid Show response
ib.adnxs.com/prebid/ Frame 9D13
Redirect Chain

https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%...
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=71f50e5fc66713a52716e1e4731ef6bc

43 B
1 KB

25ms
25ms

Document
image/gif

185.89.210.141
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=71f50e5fc66713a52716e1e4731ef6bc

Requested by

Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

AN-X-Request-Uuid: c7e15fa9-d3c0-422d-b197-5f6df842df24
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Sun, 13 Nov 2022 22:52:18 GMT
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma: no-cache
Server: nginx/1.21.3
X-Proxy-Origin: 80.255.10.205; 80.255.10.205; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 769b13b6d86692b4-FRA
content-type: text/html; charset=UTF-8
date: Sun, 13 Nov 2022 22:52:18 GMT
location: https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=71f50e5fc66713a52716e1e4731ef6bc
server: cloudflare

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 3C19
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=DJykAJawR9KxFC8gPfp9uA&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=DJykAJawR9KxFC8gPfp9uA

43 B
479 B

98ms
98ms

Image
image/gif

209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=DJykAJawR9KxFC8gPfp9uA

Protocol

HTTP/1.1

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 13 Nov 2022 22:52:18 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 0NX70H5AS80BZDDQD82Z
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=DJykAJawR9KxFC8gPfp9uA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 3C19
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGhRhZX-QnLCWk9Tv0K9gbE&google_cver=1

0
239 B

9ms
9ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGhRhZX-QnLCWk9Tv0K9gbE&google_cver=1
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Sun, 13 Nov 2022 22:52:18 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGhRhZX-QnLCWk9Tv0K9gbE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 3C19
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=ikGQGP57RoqFDJM2UT_EIw&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=ikGQGP57RoqFDJM2UT_EIw

43 B
479 B

35ms
34ms

Image
image/gif

67.220.228.201
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=ikGQGP57RoqFDJM2UT_EIw

Protocol

HTTP/1.1

Server

67.220.228.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 13 Nov 2022 22:52:18 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: FKJ29XB4KAPJ7NDQ73SR
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=ikGQGP57RoqFDJM2UT_EIw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 3C19 70 B
264 B 38ms
35ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 13 Nov 2022 22:52:18 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 3C19
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/CQI1BX_mleh2YAqwrQdcQA?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6738300090233035730

0
239 B

9ms
9ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6738300090233035730
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Sun, 13 Nov 2022 22:52:18 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6738300090233035730
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3C19
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFGWUM0STAtSS1DQ1JZ

170 B
188 B

19ms
18ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFGWUM0STAtSS1DQ1JZ

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 22:52:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFGWUM0STAtSS1DQ1JZ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 3C19
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LAFYC4I0-I-CCRY

0
707 B

220ms
188ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LAFYC4I0-I-CCRY
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 22:52:18 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 989751E78E14470693968AA90FCC3185 Ref B: DUS30EDGE0915 Ref C: 2022-11-13T22:52:18Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXtYfmW5OPsZtUJptUGNw==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LAFYC4I0-I-CCRY
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3C19
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YTE3NDJmM2RkZmFkMmYzMjUwNTg1ODk3MDRhZjEwOWViZWJhYzMxYQ

170 B
188 B

18ms
18ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YTE3NDJmM2RkZmFkMmYzMjUwNTg1ODk3MDRhZjEwOWViZWJhYzMxYQ

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 22:52:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YTE3NDJmM2RkZmFkMmYzMjUwNTg1ODk3MDRhZjEwOWViZWJhYzMxYQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3 200 connectmyusers.php Show response
cdn.connectad.io/ Frame 3BC2 1 KB
834 B 55ms
44ms Document
text/html 2606:4700:10::6816:36ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 769b13b739c79a03-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 13 Nov 2022 22:52:18 GMT
server: cloudflare

GET
H/1.1

200
OK

getuid Show response
sync.smartadserver.com/ Frame C615
Redirect Chain

https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]
https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1

0
75 B

21ms
21ms

Document
text/plain

185.86.137.131
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.131 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
date: Sun, 13 Nov 2022 22:52:17 GMT

Redirect headers

cache-control: no-cache,no-store
content-length: 0
date: Sun, 13 Nov 2022 22:52:17 GMT
location: https://sync.smartadserver.com:443/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
pragma: no-cache

GET
H3 204 1
sync-eu.connectad.io/syncer/ Frame 1B06 0
0 22ms
21ms Document
text/plain 2606:4700:10::6816:36ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by: Host: cdn.connectad.io
URL: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://cdn.connectad.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 769b13b78a5e9a03-FRA
date: Sun, 13 Nov 2022 22:52:18 GMT
server: cloudflare
via: 1.1 google

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame F3BC 0
0 10ms
9ms Document
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache,no-store,must-revalidate
Content-Type: image/gif
Expires: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 0309 15 KB
6 KB 9ms
9ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=25903
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Sun, 13 Nov 2022 22:52:18 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Mon, 14 Nov 2022 06:04:01 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
unused62: 8096267
vary: Accept-Encoding

GET
H2

200

d379414e-63a5-11ed-a9da-1ee5b9e10506 Show response
csync.smilewanted.com/set_partner_userid_get/spotx/ Frame 3FC7
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID&__user_check__=1&sync_id=d3794188-63a5-11ed-a9da-1ee5b9e10506
https://csync.smilewanted.com/set_partner_userid_get/spotx/d379414e-63a5-11ed-a9da-1ee5b9e10506

0
797 B

27ms
27ms

Document
text/html

104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/spotx/d379414e-63a5-11ed-a9da-1ee5b9e10506
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 769b13b91bc992b4-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 13 Nov 2022 22:52:18 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection: keep-alive
Content-Length: 0
Content-Type: text/plain
Date: Sun, 13 Nov 2022 22:52:18 GMT
Location: https://csync.smilewanted.com/set_partner_userid_get/spotx/d379414e-63a5-11ed-a9da-1ee5b9e10506
Server: nginx
X-fe: 134

GET
H2

200

/ Show response
csync.smilewanted.com/set_partner_userid_get/outbrain/ Frame 6D9D
Redirect Chain

https://b1sync.zemanta.com/usersync/smilewanted?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Foutbrain%2F__ZUID__
https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0

0
103 B

34ms
34ms

Document
text/html

104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 769b13bd9b1492b4-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 13 Nov 2022 22:52:19 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 92
Content-Type: text/html; charset=utf-8
Date: Sun, 13 Nov 2022 22:52:19 GMT
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Location: https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
Pragma: no-cache

GET /
csync.loopme.me/ Frame 9BB0 0
0

GET
H2

200

y-V.kV1tNE2uH4VJyuLn3gMTqsg_pHgTnUEt4dLIo-~A&gdpr=0&gdpr_consent= Show response
csync.smilewanted.com/set_partner_userid_get/yahoo/ Frame 90AA
Redirect Chain

https://ups.analytics.yahoo.com/ups/58618/occ?gdpr=0&gdpr_consent=
https://csync.smilewanted.com/set_partner_userid_get/yahoo/y-V.kV1tNE2uH4VJyuLn3gMTqsg_pHgTnUEt4dLIo-~A&gdpr=0&gdpr_consent=

0
664 B

33ms
32ms

Document
text/html

104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/yahoo/y-V.kV1tNE2uH4VJyuLn3gMTqsg_pHgTnUEt4dLIo-~A&gdpr=0&gdpr_consent=
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 769b13b96c5c92b4-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 13 Nov 2022 22:52:18 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

age: 0
content-length: 0
date: Sun, 13 Nov 2022 22:52:18 GMT
location: https://csync.smilewanted.com/set_partner_userid_get/yahoo/y-V.kV1tNE2uH4VJyuLn3gMTqsg_pHgTnUEt4dLIo-~A&gdpr=0&gdpr_consent=
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server: ATS/9.1.10.25
strict-transport-security: max-age=31536000

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 4B90 0
859 B 19ms
19ms Script
text/html 185.89.210.141
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 13 Nov 2022 22:52:19 GMT
AN-X-Request-Uuid: 238c747f-51b4-4cbc-8f7e-1334ea3eafa8
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 80.255.10.205; 80.255.10.205; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 71C0 0
859 B 15ms
15ms Script
text/html 185.89.210.141
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS