www.walla.co.il Open in urlscan Pro
52.85.24.22 Public Scan

URL: https://mail.walla.co.il/

URL: https://mobile.walla.co.il/?utm_source=walla&utm_medium=desktop_hp_top_cpm_W&utm_campaign=Promotion_Sep&lm_supplier=39239&lm_bc=26127
Title: וואלה! mobileבמבצע השקה

URL: https://news.walla.co.il/
Title: חדשות

URL: https://elections.walla.co.il/
Title: בחירות 2022

URL: https://sports.walla.co.il/
Title: ספורט

URL: https://finance.walla.co.il/
Title: כסף

URL: https://e.walla.co.il/
Title: תרבות

URL: https://celebs.walla.co.il/
Title: סלבס

URL: https://food.walla.co.il/
Title: אוכל

URL: https://fashion.walla.co.il/
Title: אופנה

URL: https://healthy.walla.co.il/
Title: בריאות

URL: https://travel.walla.co.il/
Title: תיירות

URL: https://tech.walla.co.il/
Title: טכנולוגיה

URL: https://cars.walla.co.il/
Title: רכב

URL: https://www.sheee.co.il/
Title: Sheee

URL: https://nadlan.walla.co.il/
Title: נדל"ן

URL: https://www.wallashops.co.il/?utm_source=wallahp1&utm_medium=walla&utm_campaign=hpnemalakniut_1
Title: קניות

URL: https://www.drushim.co.il/
Title: דרושים

URL: https://www.yad2.co.il/?utm_source=walla&utm_medium=logo

URL: https://b.walla.co.il/
Title: ברנז'ה

URL: https://marketing.walla.co.il/
Title: שיווק ודיגיטל

URL: https://mekomi.walla.co.il/
Title: מקומי

URL: https://home.walla.co.il/
Title: בית

URL: https://horoscope.walla.co.il/zodiacs
Title: הורוסקופ

URL: https://gaming.walla.co.il/
Title: גיימינג

URL: https://fun.walla.co.il/
Title: משחקים

URL: https://fantasy-sport1.walla.co.il/?utm_source=app&utm_medium=hamburger&utm_campaign=RM_WallaSport
Title: ליגת החלומות

URL: https://healthy.walla.co.il/category/594
Title: הורות וילדים

URL: https://judaism.walla.co.il/
Title: יהדות

URL: https://law.walla.co.il/
Title: משפטי

URL: https://mazaltov.walla.co.il/
Title: וואלה! מזל טוב

URL: https://now.walla.co.il/
Title: NOW

URL: https://calendar.walla.co.il/
Title: לוח שנה

URL: https://tv-guide.walla.co.il/
Title: לוח שידורים

URL: https://walla.co.il/shabbat-times
Title: כניסת שבת

URL: https://www.b144.co.il/?sitecode=10&subsitecode=1406&site=walla&utm_source=walla&utm_medium=header
Title: B144

URL: https://mazaltov.walla.co.il/weddingdresses/
Title: שמלות כלה

URL: https://tld.walla.co.il/
Title: טוב לדעת

URL: https://beauty.walla.co.il/
Title: ביוטי

URL: https://perfectmatch.walla.co.il/
Title: חיבורים מושלמים

URL: https://mumlazim.walla.co.il/
Title: מומלצים

URL: https://b144.walla.co.il/
Title: עסקים קטנים

URL: https://yoram.walla.co.il/
Title: לימודים

URL: https://career.walla.co.il/
Title: חיפוש עבודה

URL: https://paisculture.walla.co.il/
Title: פיס בתרבות

URL: https://tmirecycle.walla.co.il/
Title: קיץ של מחזור

URL: https://starkist.walla.co.il/
Title: כל מה שטוב בטונה

URL: https://dogsandcats.walla.co.il/
Title: כלבים וחתולים

URL: https://galil.walla.co.il/
Title: גליל, תשאלו כל דחליל

URL: https://yarokkl.walla.co.il/
Title: שומרים על כדור הארץ

URL: https://daciatrips.walla.co.il/
Title: מבשלים מהשטח

URL: https://www.wallashops.co.il/%D7%9E%D7%91%D7%A6%D7%A2%D7%99%D7%9D-3?utm_source=WALLA&utm_medium=text_linkHP&utm_campaign=mivtzeim
Title: מבצעים

URL: https://www.wallashops.co.il/?utm_source=WALLA&utm_medium=text_linkHP&utm_campaign=wallashops
Title: וואלה! שופס

URL: https://eilat.wallashops.co.il/?utm_source=WALLA&utm_medium=text_linkHP&utm_campaign=EILAT
Title: וואלה! שופס אילת

URL: https://www.wallatours.co.il/zimmer/
Title: צימרים

URL: https://www.wallaprint.co.il/?utm_source=WALLA&utm_medium=HP&utm_campaign=PRINTtext
Title: אלבומים

URL: https://tld.walla.co.il/category/13221
Title: weshow

URL: https://vod.walla.co.il/movies
Title: סרטים

URL: https://vod.walla.co.il/tvshows
Title: סדרות

URL: https://viva.walla.co.il/
Title: ויוה

URL: https://www.facebook.com/wallanews

URL: https://twitter.com/WallaNews

URL: https://www.instagram.com/wallanews/

URL: https://www.tiktok.com/@walla.news

URL: https://help.walla.co.il/
Title: עזרה

URL: https://help.walla.co.il/section/12344
Title: כתבו לנו

URL: https://dcx.walla.co.il/walla/terms/terms.pdf
Title: תנאי שימוש

URL: https://dcx.walla.co.il/walla_news_files/a516a87cfcaef229b342c437fe2b95f7.pdf
Title: מדיניות פרטיות

URL: https://apps.walla.co.il/
Title: אפליקציות

URL: https://www.wallashops.co.il/?utm_source=WALLA&utm_medium=text_linkHP&utm_campaign=kniyot
Title: קניות

URL: https://bit.ly/3tk0q7d
Title: קניות!באילת

URL: https://bit.ly/3cy45s1
Title: וואלה!פרינט

URL: https://healthy.walla.co.il/category/13034
Title: הורים טריים

URL: https://horoscope.walla.co.il/
Title: הורוסקופ

URL: https://vod.walla.co.il/hot
Title: HOT VOD

URL: https://news.walla.co.il/breaking
Title: מבזקי חדשות

URL: https://news.walla.co.il/break/3533325
Title: 10:27בולגריה: האזרחים מצביעים בבחירות רביעיות בפחות משנתיים

URL: https://news.walla.co.il/break/3533311
Title: 09:40נתניהו: הסכם עם לבנון לא יחייב אותנו

URL: https://news.walla.co.il/break/3533297
Title: 08:58כוויית: הממשלה הגישה את התפטרותה לנסיך הכתר

URL: https://news.walla.co.il/break/3533339
Title: 11:23סוהרת נדקרה בכלא רמון על ידי מבקרת; מצבה קל

URL: https://bit.ly/3QIYsbr

URL: https://e.walla.co.il/item/3533233

URL: https://sports.walla.co.il/item/3533191
Title: השער של דין דוד כיכב בכל העולם: "גול נדיר ביופיו!"

URL: https://sports.walla.co.il/item/3532929
Title: 3:3 משוגע לליברפול, ארסנל וצ'לסי הפגיזו

URL: https://sports.walla.co.il/item/3533084
Title: נדיר: מולר כבש אחרי פאדיחה של השוער, והתנצל בפניו

URL: https://sports.walla.co.il/item/3533117
Title: אליאס סידר לבאר שבע 1:2 דרמטי על מכבי נתניה

URL: https://elections.walla.co.il/item/3533216
Title: חושש מ"מעשה בנט"נתניהו בשיחות סגורות: אם שקד תעבור - היא תסחט ממני את ראשות הממשלה כמו בנט

URL: https://food.walla.co.il/item/3533139
Title: המאמות שולטותבואו רעבים, בואו להסתער: שוק האוכל הנשכח של ת"א

URL: https://home.walla.co.il/item/3532653
Title: צפוסולמות, ארנבים, קסמים: בית-טבע מדהים באמצע העיר

URL: https://paisculture.walla.co.il/item/3531403
Title: בשיתוף מפעל הפיס, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.סוכות בחינם ולכולם: המיזם שמשלב בין הופעות, טיולים ותרבותבשיתוף מפעל הפיס

URL: https://news.walla.co.il/item/3533228
Title: בן 14 עם גרזןמגיע לחנות, מאיים על המוכרת ומרוקן את הקופה. צפו

URL: https://travel.walla.co.il/item/3533267
Title: צפונוסע עלה לטיסה עם "מחבלת-מטוסים" על החולצה. הבנתם?

URL: https://celebs.walla.co.il/item/3533262
Title: צפומצחיקים, לוהטים, חוגגים: המסיבה של "ארץ נהדרת"

URL: https://daciatrips.walla.co.il/item/3530491
Title: בשיתוף דאצ'יה, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.הילדים ישתגעו: פרנץ' טוסט שמכינים בתנאי שטחבשיתוף דאצ'יה

URL: https://travel.walla.co.il/category/13257
Title: מדריך הטיולים והאירועים של החגים

URL: https://healthy.walla.co.il/item/3531657
Title: איך מתחילים להתאמן אחרי כל זה? מאמן מסבירעומר רוזנברג

URL: https://finance.walla.co.il/item/3530874
Title: לא אצל החרדים: הסופר שיחסוך לכם 200 שקל מהעגלהד"ר חזי גור מזרחי

URL: https://tld.walla.co.il/item/3526320?lm_supplier=16893&lm_bc=9701
Title: המים האיכותיים של מי עדן - אצלכם בבית בבר מים קומפקטי ומעוצבמוגש מטעם מי עדן

URL: https://www.outbrain.com/what-is/default/he

URL: https://news.walla.co.il/item/3533279
Title: נתניהו: ההסכם הימי עם לבנון "לא חוקי ולא יחייב אותנו"

URL: https://news.walla.co.il/item/3533335
Title: למרות הטליבאן: הנשים האפגניות מפגינות נגד החיג'אב

URL: https://news.walla.co.il/item/3533206
Title: "קרה לי נס": המחבלים ירו, האוטובוס הממוגן הגן על המונית

URL: https://news.walla.co.il/item/3533314
Title: הסוד מאחורי עגילי היהלומים של מייגן מרקל

URL: https://news.walla.co.il/item/3533291
Title: ברזיל בוחרת נשיא שיקבע את כיוונה של הכלכלה הגדולה באמריקה הלטינית

URL: https://news.walla.co.il/item/3533062
Title: הדמוקרטיה באירופה מתמודדת עם סערה - ולא ברור אם תשרוד אותה

URL: https://elections.walla.co.il/category/13220
Title: טורים

URL: https://elections.walla.co.il/category/13222
Title: לא מצונזר

URL: https://elections.walla.co.il/category/13216
Title: אולפן וואלה

URL: https://elections.walla.co.il/category/13217
Title: כל הכתבות

URL: https://news.walla.co.il/item/3533180
Title: האם הכרזת מיכאלי מסתכמת בפארסה פוליטית? | קינן כהן

URL: https://elections.walla.co.il/item/3532830
Title: גרסת ההפעלה של נתניהו בבחירות החמישיות | ברוך קרא

URL: https://elections.walla.co.il/item/3532949
Title: נתניהו הקדים את פרסום ספרו - לשבועיים לפני הבחירות

URL: https://elections.walla.co.il/item/3532747
Title: שוב זה הוכח: המרכז שמאל מנותק מהערבים | עפיף אבו-מוך

URL: https://news.walla.co.il/category/5108
Title: אסור לפספס

URL: https://fashion.walla.co.il/item/3533248
Title: בלה חדיד עלתה ערומה למסלול - ואז קרה קסם

URL: https://home.walla.co.il/item/3532098
Title: החלק שלא ידעתם שקיים במיקרוגל וחייב ניקוי דחוף

URL: https://tld.walla.co.il/item/3526320?lm_supplier=16893&lm_bc=18422
Title: מוגש מטעם מי עדן, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.מי עדן - עכשיו בבר מים ביתי קומפקטי שכולו סטיילמוגש מטעם מי עדן

URL: https://travel.walla.co.il/item/3530877
Title: נפל ערום 90 מ' לחריץ בין סלעים ולא מבין איך הגיע לשם

URL: https://sports.walla.co.il/item/3533221
Title: הולוגרמה של מספר 7: מה באמת עבר על ערן זהבי במשחק העונה?

URL: https://sports.walla.co.il/item/3533252
Title: תיעוד מזעזע: המחדל מאחורי "אסון הכדורגל הכי כבד שהיה"

URL: https://sport1.maariv.co.il/square/article/960205/
Title: הסיבה לפוסט המתחנף? "מאורו איקרדי מפחד להיזרק לרחוב"

URL: https://sports.walla.co.il/item/3533287
Title: הלם באמריקה: "רמאות מדהימה" וסקנדל באליפות הדיג

URL: https://sports.walla.co.il/item/3533188
Title: צ'אבי שבר את שיאו של זידאן, לבנדובסקי "החלוץ הטוב בעולם"

URL: https://tld.walla.co.il/item/3495186
Title: מוגש מטעם בי קיור לייזר, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.בי-קיור לייזר במבצע התנסות במחיר חסר תקדים (תוכן מקודם)מוגש מטעם בי קיור לייזר

URL: https://tld.walla.co.il/item/3512046
Title: מוגש מטעם בי קיור לייזר, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.מהפכת טיפולי הפנים: בינה מלאכותית במכשיר ביתי (תוכן מקודם)מוגש מטעם בי קיור לייזר

URL: https://tld.walla.co.il/item/3526320?lm_supplier=16893&lm_bc=9857
Title: מוגש מטעם מי עדן, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.מי עדן אצלכם בבית בבר מים קומפקטי ועוצב (תוכן מקודם)מוגש מטעם מי עדן

URL: https://tld.walla.co.il/item/3446048?lm_supplier=16893&lm_bc=9857
Title: מוגש מטעם א.ד. הזכויות בע"מ, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.מגיע לכם תו חניית נכה? ככה תשיגו אותו (תוכן מקודם)מוגש מטעם א.ד. הזכויות בע"מ

URL: https://fantasy-sport1.walla.co.il/?utm_source=WallaDesktop&utm_medium=bannerHP&utm_campaign=RM_WallaSport

URL: https://e.walla.co.il/item/3533261
Title: המלצת כיפור: גם העונה החדשה היא הבינג' הכי מושלם בנטפליקס

URL: https://e.walla.co.il/item/3533078
Title: ששון גבאי אדיר, גם ריטה שוקרון נפלאה. איזה סרט מעולה

URL: https://e.walla.co.il/item/3533255
Title: לזכרו: קבלו את הדואט החדש בין נועה קירל וצביקה פיק (!)

URL: https://law.walla.co.il/item/3531197
Title: בשיתוף zap משפטי, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.צפו: אולי גם אתם זכאים לדרכון רומניבשיתוף zap משפטי

URL: https://law.walla.co.il/item/3531469
Title: בשיתוף zap משפטי, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.חדלות פירעון: תיק לא שגרתי זכה להפחתות חוב משמעותיותבשיתוף zap משפטי

URL: https://law.walla.co.il/item/3530312
Title: בשיתוף zap משפטי, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.תוספות בנייה בבתים משותפים: מה קורה כשהשכנים מתנגדים?בשיתוף zap משפטי

URL: https://paisculture.walla.co.il/item/3531136
Title: בשיתוף מפעל הפיס, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.קובי פרג': "הייתי בעולם הילדים ולא הייתי מסופק כשחקן. הדוקו פרץ את הגבול הזה"בשיתוף מפעל הפיס

URL: https://finance.walla.co.il/item/3529767
Title: בשיתוף בנק הפועלים, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.בנקאות על גלגלים: הסניף הנייד של בנק הפועלים מגיע עד אליכםבשיתוף בנק הפועלים

URL: https://hazihinam.walla.co.il/item/3529946
Title: בשיתוף חצי חינם, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.דגים חריפים לשולחן החג שכו-לם אוהביםבשיתוף חצי חינם

URL: https://yarokkl.walla.co.il/item/3529026
Title: בשיתוף קק"ל, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.אגמון החולה: הפרויקט החדש שיאפשר לציפורים הנודדות להגיע אליכם לסלוןבשיתוף קק"ל

URL: https://track.adform.net/c/?bn=56167187;rtbdata=JM0MzCoBr3psAvogrZU3fGsMJauYuieMeqlQ3xll4Le8ZXHPlvdrTrQSuH5_hfCmh16XdaV2C_nb20X6rUKqap3Y2NOdMfBE09ozZztfyqi3BUbtRNhHAAFeFsp3Z4bOR5uKsSGXkli9_k8A9TkUmSmgMgmJ06dLVpryJusTa0FodOxc2CfdQw2;rtbwp=0.0866;adfrnd=1793700952;crefurl=http%3a%2f%2fwww.walla.co.il%2f&obOrigUrl=true
Title: Die ganze Welt der Technik Conrad | ממומן

URL: https://shefence-citional.com/c351a234-e6d9-4bf6-800c-f99fb09a6b14?utm_source=ob&utm_campaign=ProstateDE_DesktoptCPA_2309&utm_term=$section_name$&utm_content=00c8d3f24c954055fe35a7ad2619f62559-Urologe%3A+Tun+Sie+dies+einmal+t%C3%A4glich+um+vergr%C3%B6%C3%9Ferte+Prostata+zu+schrum&t=$ob_click_id$&dt=ob&obOrigUrl=true
Title: Urologe: Tun Sie dies einmal täglich um vergrößerte Prostata zu schrumpfen Prostata Gesundheit | ממומן

URL: https://tld.walla.co.il/item/3249021?lm_supplier=17030&lm_bc=24847&obOrigUrl=true
Title: מרגישים בטטות כורסא ורוצים לעשות שינוי? שחיית חתירה היא הדרך הטובה ביותר להתחיל וואלה! טוב לדעת

URL: https://celebs.walla.co.il/item/3531451?obOrigUrl=true
Title: בין תחתון לריאיון: היממה העמוסה של דיאן שוורץ סלבס

URL: https://experis.co.il/kickstart/?utm_source=walla&utm_medium=circle&utm_content=hitech_career_change
Title: הסבה להייטק

URL: https://www.manpower.co.il/?utm_source=walla&utm_medium=circle&utm_content=job_search
Title: עבודה בהייטק

URL: https://jobs.experis.co.il/?utm_source=walla&utm_medium=circle&utm_content=hitech_job
Title: חיפוש עבודה

URL: https://finance.walla.co.il/item/3533249
Title: סוכת שלום: מה אפשר ללמוד מההסכם החשוב עם לבנון?

URL: https://finance.walla.co.il/item/3532946
Title: מדינה בחרדה: למה הישראלים לא מפסיקים לקנות מצלמות נסתרות?

URL: https://finance.walla.co.il/item/3533292
Title: אינדיאנה ג'ונס ושוד העתיקות בחוף פלמחים: מי אחראי?

URL: https://finance.walla.co.il/item/3533336
Title: הבנקים יחוייבו לפרסם את הריבית על המינוס ועל הפיקדונות

URL: https://nadlan.walla.co.il/item/3532917
Title: החל משנת הלימודים הקרובה: מתחם מגורים סטודנטיאלי ראשון מסוגו בחולון

URL: https://nadlan.walla.co.il/item/3532723
Title: בעקבות סערת הדר מוכתר: איך נוכל להעניק דירה לילדינו?

URL: https://mekomi.walla.co.il/item/3532760
Title: בשיתוף עיריית גבעתיים, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.הופעות, אוכל רחוב והרבה יין: ביקרנו בפסטיבל הצבעוני של גבעתייםבשיתוף עיריית גבעתיים

URL: https://celebs.walla.co.il/item/3533269
Title: "זה דוחה, לא אנושי": הסערה החדשה של בן זיני

URL: https://celebs.walla.co.il/item/3533063
Title: מבזק מיוחד: כתבי חדשות 13 ליאור קינן וספי עובדיה התחתנו!

URL: https://celebs.walla.co.il/item/3532840
Title: טראמפ ותקיפות מיניות: המחאות שכבשו את הוליווד

URL: https://now.walla.co.il/item/3532575
Title: איך המרגש? תפוח ב...

URL: https://now.walla.co.il/item/3532570
Title: מה תאחלו לעצמכם לשנה החדשה?

URL: https://www.manpower.co.il/?utm_source=walla&utm_medium=content&utm_campaign=jobs_search_new

URL: https://healthy.walla.co.il/item/3532600
Title: התזונה הפופולרית הזו מעלה מאוד את הסיכון לדיכאון

URL: https://healthy.walla.co.il/item/3530982
Title: זה מה שרכיבה על אופניים תעשה לגוף (ולנפש) שלכם

URL: https://healthy.walla.co.il/item/3532631
Title: אישה אושפזה אחרי שכלבה שלשלה לה על הפנים בזמן שישנה

URL: https://healthy.walla.co.il/item/3532698
Title: בשיתוף SyqeAir, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.אוטיזם וקנביס: האם נמצא פתרון לרווחה נפשית למטופלים?בשיתוף SyqeAir

URL: https://healthy.walla.co.il/item/3532602
Title: בשיתוף דנונה שטראוס, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.אפילו באלסקה: על מה מיקי ברקוביץ פשוט לא מוכן לוותר?בשיתוף דנונה שטראוס

URL: https://healthy.walla.co.il/item/3531689
Title: המקרים בהם כדאי להשלים עם זה שהילד לא מתנהג אחרת

URL: https://healthy.walla.co.il/item/3388277
Title: איך משחררים את רגשות האשם? מדריך מיוחד להורים

URL: https://e.walla.co.il/category/12992

URL: https://e.walla.co.il/item/3533294
Title: פרס מפעל חיים ומופע חדש: גם בגיל 70 - חנה לסלאו לא עוצרת

URL: https://e.walla.co.il/item/3533289
Title: תחקיר "המקור" על חקירת האונס במצ"ח: האם חייל חף מפשע יושב בכלא?

URL: https://e.walla.co.il/item/3533283
Title: משחקי השף | חולת הסוכרת, שהתאהבה במטבח - ועבדה אצל רז רהב

URL: https://e.walla.co.il/item/3532649
Title: מהיר, עצבני ומחתרתי: חובבי שדרוג כלי הרכב שפועלים מתחת לרדאר

URL: https://food.walla.co.il/category/13249
Title: מתכונים ליום כיפור

URL: https://food.walla.co.il/recipe/641210
Title: מתכון לפנקייק

URL: https://food.walla.co.il/recipes
Title: מתכונים

URL: https://food.walla.co.il/item/3003916
Title: מהמרק ועד הלפתן: ארוחה מפסקת שתעשה אתכם שבעים

URL: https://food.walla.co.il/item/3532845
Title: העוגיות האלה הן כל מה שצריך בצאת הצום (וכל יום אחר בשנה)

URL: https://food.walla.co.il/item/3532385
Title: באזור תעשייה שומם מסתתר אוכל איטלקי מושלם

URL: https://career.walla.co.il/item/3528833
Title: בשיתוף Manpower, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.מתי צריך לשנמך את קורות החיים וכיצד לעשות את זה?בשיתוף Manpower

URL: https://career.walla.co.il/item/3528831
Title: בשיתוף Manpower, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.עד כמה היציבות התעסוקתית עדיין משחקת תפקיד בשוק העבודה?בשיתוף Manpower

URL: https://career.walla.co.il/item/3509333
Title: בשיתוף Manpower, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.זום, עבודה היברידית ומבחני בית: כך השתנה שוק העבודה בישראלבשיתוף Manpower

URL: https://fashion.walla.co.il/item/3532782
Title: מדיאנה ועד קריס ג'נר: לא תאמינו איזה אקססורי עושה קאמבק

URL: https://fashion.walla.co.il/item/3532786
Title: המלצות רותחות לאירועי אופנה ושופינג בחגים!

URL: https://fashion.walla.co.il/item/3532718
Title: נוסעות למדריד? סיורי האופנה והסטיילינג ששווה שתכירו

URL: https://www.sheee.co.il/item/3317163
Title: שאלון הסליחות הגדול: גלו אם צריך להתנצל השנה וכמה

URL: https://www.sheee.co.il/item/3187107
Title: רוצה צום קל? אלו ההכנות שצריך לעשות כבר מהיום

URL: https://travel.walla.co.il/item/3533250
Title: מתי נתב"ג ייסגר ביום כיפור ומהם הימים העמוסים בסוכות

URL: https://travel.walla.co.il/item/3529821
Title: טסנו מנתב"ג 50 דקות ופתאום גילינו את ה"מלדיביים של סיני"

URL: https://tmirecycle.walla.co.il/item/3519483
Title: בשיתוף תאגיד המיחזור תמיר, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית."המהפכה מתרחשת עכשיו": הצצה למפעלי המיחזורבשיתוף תאגיד המיחזור תמיר

URL: https://tmirecycle.walla.co.il/item/3523332
Title: בשיתוף תאגיד המיחזור תמיר, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית."זה הכי פשוט בעולם": האם הישראלים מזהים את הסימנים?בשיתוף תאגיד המיחזור תמיר

URL: https://tmirecycle.walla.co.il/item/3518707
Title: בשיתוף תאגיד המיחזור תמיר, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.בלי להתבלבל: כך סימון קטן אחד צפוי לחולל שינוי גדולבשיתוף תאגיד המיחזור תמיר

URL: https://tech.walla.co.il/item/3528546
Title: כדאי לשדרג? בדקנו את האיירפודס פרו 2

URL: https://tech.walla.co.il/item/3533082
Title: עד כמה המצלמה של האייפון 14 פרו טובה? מחקר בדק

URL: https://tech.walla.co.il/item/3533239
Title: הסוף למטלות משעממות? טסלה חשפה את הרובוט האנושי שלה

URL: https://tech.walla.co.il/item/3533061
Title: אוזניות גלקסי Buds 2 Pro: צעד קטן לאוזניים

URL: https://tech.walla.co.il/item/3533220
Title: ת"א, חיפה וים המלח: אסטרונאוטית צילמה את ישראל מהחלל

URL: https://tech.walla.co.il/item/3532508
Title: קמיקזה: טלסקופ צילם את התנגשות החללית באסטרואיד

URL: https://marketing.walla.co.il/item/3533271
Title: מודל נשי חדש סוחף את עולם הפרסום

URL: https://marketing.walla.co.il/item/3532327
Title: זאביק דרור: "יח"צ ומשפיענים פרחו אחרי הקורונה"

URL: https://b.walla.co.il/item/3532922
Title: דווקא רגע לפני הבחירות, יאיר לפיד עשה טעות של שמאלנים

URL: https://b.walla.co.il/item/3532784
Title: הקונדום ביד של הכתבת הסיח את דעת הצופים

URL: https://gaming.walla.co.il/item/3532914
Title: השקת פיפ"א 23: בואו לזכות בעותקים של המשחק

URL: https://gaming.walla.co.il/item/3532859
Title: PS PLUS: המשחקים החינמיים לחודש אוקטובר נחשפו

URL: https://gaming.walla.co.il/item/3532678
Title: חוזר, ובגדול: כנס E3 2023 יתקיים במתכונת פיזית

URL: https://gaming.walla.co.il/item/3532659
Title: צפו: טריילר ראשון ומלא לסדרה של The Last of Us

URL: https://horoscope.walla.co.il/item/3532450
Title: הורוסקופ שבועי: 2-8 באוקטובר 2022

URL: https://horoscope.walla.co.il/item/3532815
Title: אוקטובר 2022 יהיה חודש מוצלח ל-3 המזלות האלה

URL: https://horoscope.walla.co.il/item/3531624
Title: מתקשרת חושפת מה קורה לכלבים שלנו אחרי המוות

URL: https://home.walla.co.il/item/3532611
Title: החלום פשוט, אבל הבית מפואר: בית מפנק ויפהפה בשרון

URL: https://home.walla.co.il/item/3530756
Title: ארבעה מקומות בבית שאף אחד לא זוכר לנקות (כן, גם אתם)

URL: https://vod.walla.co.il/episode/3432391
Title: VODג'ודה

URL: https://vod.walla.co.il/
Title: VOD

URL: https://vod.walla.co.il/movie/2849527
Title: VODאני יודעת מי הרג אותי

URL: https://vod.walla.co.il/tvshow/3467045
Title: VODילדות סכסכניות

URL: https://vod.walla.co.il/movie/2878584
Title: VOD1001 גרם

URL: https://vod.walla.co.il/tvshow/3432405
Title: VODשבאבניקים

URL: https://judaism.walla.co.il/item/3533208
Title: מוגש מטעם שובה ישראל, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.ערב יום הכיפורים: זה מה שחשוב שתכוונו במחשבתכםמוגש מטעם שובה ישראל

URL: https://judaism.walla.co.il/item/3533209
Title: מוגש מטעם שובה ישראל, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.מרתק: מדוע אנחנו לא מסוגלים לבקש סליחה ממי שפגענו?מוגש מטעם שובה ישראל

URL: https://judaism.walla.co.il/item/3533210
Title: מוגש מטעם שובה ישראל, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.אחרי פטירת ההורים: האח הרווק בעימות חזיתי עם אחיומוגש מטעם שובה ישראל

URL: https://cars.walla.co.il/item/3533211
Title: תחבורה ציבורית בשבת: נדרש פתרון לא תעמולת בחירות

URL: https://cars.walla.co.il/item/3532799
Title: מחקר מצא: המכוניות עם העיניים מסרטי פיקסאר יצילו חיי אדם

URL: https://cars.walla.co.il/item/3533045
Title: אופל אסטרה החדשה: מבריקה, אבל יש בעיה

URL: https://cars.walla.co.il/item/3532947
Title: הקורולה עולה על עקבים והמחיר קופץ גם הוא

URL: https://havazingboimworld.walla.co.il/
Title: חווה זינגבויים

URL: https://havazingboimworld.walla.co.il/item/3531663
Title: בשיתוף חוה זינגבוים, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.שיקום העור אחרי הקיץ: הדרך לעור פנים בריא וקורן כל השנהבשיתוף חוה זינגבוים

URL: https://havazingboimworld.walla.co.il/item/3531431
Title: בשיתוף חוה זינגבוים, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.עור שמן, עור אקנתי או גם וגם? הטיפול המתאים ביותר לעור הפנים שלךבשיתוף חוה זינגבוים

URL: https://havazingboimworld.walla.co.il/item/3530293
Title: בשיתוף חוה זינגבוים, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.בלי מייקאפ או פילטר: כל הדרכים לטפל בפיגמנטציהבשיתוף חוה זינגבוים

URL: https://tld.walla.co.il/item/3477072?lm_supplier=16893&lm_bc=9857
Title: מוגש טעם מעבדות רבקה זיידה, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית."הקוסמת מבני ברק" שמעלימה צלקות אקנה (תוכן מקודם)מוגש טעם מעבדות רבקה זיידה

URL: https://tld.walla.co.il/item/3531976
Title: מוגש מטעם weshow, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.3 שותפים, 3 עסקים במזון ומסעדנות, 13 שנות הצלחהמוגש מטעם weshow

URL: https://tld.walla.co.il/item/3531972
Title: מוגש מטעם weshow, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.בורדו מבשלים לכם לשבת ולחג והמארחת נשארת רעננהמוגש מטעם weshow

URL: https://tld.walla.co.il/item/3531749
Title: מוגש מטעם weshow, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.זה הסוד: הקריירה החדשה שכל אישה יכולה לפתח בכל גילמוגש מטעם weshow

URL: https://finance.walla.co.il/item/3528670
Title: ניהול ההוצאות בצורה נכונה: 3 טיפים שיעשו לכם סדרבשיתוף max

URL: https://tech.walla.co.il/item/3529093
Title: בשיתוף "הטכנולוגית", חטיבת הטכנולוגיה של בנק הפועלים, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.ג'נט ג'קסון יכולה להרוס את המחשב שלכם. רגע, מה?בשיתוף "הטכנולוגית", חטיבת הטכנולוגיה של בנק הפועלים

URL: https://finance.walla.co.il/item/3528588
Title: בשיתוף בנק הפועלים, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.לא רק המשכנתא: רוכשים דירה? יש עוד הרבה הוצאות שאתם צריכים להכירבשיתוף בנק הפועלים

URL: https://daciatrips.walla.co.il/item/3530495
Title: בשיתוף דאצ'יה, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.בקלי קלות: לביבות תירס טעימות ופריכות שמכינים בשטחבשיתוף דאצ'יה

URL: https://mazaltov.walla.co.il/article/archive/8133/#utm_source=walla_news&utm_campaign=merkaz
Title: בשעה טובה: הרווק הנצחי עופר שכטר התחתן

URL: https://mazaltov.walla.co.il/article/catalog-2023/8132/?fbclid=IwAR2x5jOxJEXJfRXFn4w4jW_l9vT2jKLXt86sI-r3F9WaZVOGBTmAhL3QdZA#utm_source=walla_news&utm_campaign=merkaz
Title: צפו: מעיין דורי חוזרת לשמלת הכלה בתצוגה של אלון ליבנה

URL: https://mazaltov.walla.co.il/article/celebs-weddings/8134/?utm_source=walla_news&utm_campaign=merkaz
Title: לא פחות מאייקונית: מצעד שמלות הכלה של ליבר בלילתי

URL: https://fun.walla.co.il/game/3454992
Title: בלאק ג'ק בקזינו

URL: https://fun.walla.co.il/game/1578384
Title: מאג'ונג נגד השעון

URL: https://fun.walla.co.il/game/3406144
Title: סוליטר רומא העתיקה

URL: https://fun.walla.co.il/game/2940155
Title: טטריס Deluxe 1010

URL: https://fun.walla.co.il/game/3176826
Title: מהג'ונג פורטונה 2

URL: https://fun.walla.co.il/game/1578368
Title: באבלס

URL: https://travel.walla.co.il/item/3528687
Title: בשיתוף פגסוס, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.בין תרבות לקולינריה: דובאי ואבו דאבי מזווית קצת אחרתבשיתוף פגסוס

URL: https://tech.walla.co.il/item/3529665
Title: בשיתוף "הטכנולוגית", חטיבת הטכנולוגיה של בנק הפועלים, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.התמונות הן רק יחסי ציבור: ההישג האמיתי של הטלסקופ ג'יימס וובבשיתוף "הטכנולוגית", חטיבת הטכנולוגיה של בנק הפועלים

URL: https://fashion.walla.co.il/item/3529449
Title: בשיתוף פדני, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.בהשראת העונה החגיגית של השנה: הקמפיין החדש של פדני לחגיםבשיתוף פדני

URL: http://www.enaim.co.il/
Title: הסרת משקפיים

URL: http://dominos.walla.co.il/?utm_source=Walla&utm_medium=Cooperation&utm_campaign=ongoing&utm_content=more_online
Title: פיצה אונליין

URL: https://www.b144.co.il/%D7%A4%D7%A8%D7%97%D7%99%D7%9D/%D7%AA%D7%9C-%D7%90%D7%91%D7%99%D7%91-%D7%99%D7%A4%D7%95/?&sitecode=10&subsitecode=1400&site=walla&d=1
Title: כל חנויות הפרחים

URL: https://www.b144.co.il/%D7%97%D7%A9%D7%9E%D7%9C%D7%90%D7%99%D7%9D/%D7%97%D7%A9%D7%9E%D7%9C%D7%90%D7%99%D7%9D-24-%D7%A9%D7%A2%D7%95%D7%AA/%D7%90%D7%96%D7%95%D7%A8-%D7%AA%D7%9C-%D7%90%D7%91%D7%99%D7%91-%D7%95%D7%94%D7%9E%D7%A8%D7%9B%D7%96/?&sitecode=10&subsitecode=1402&site=walla&d=1
Title: חשמלאים

URL: https://www.b144.co.il/%D7%92%D7%A0%D7%99-%D7%99%D7%9C%D7%93%D7%99%D7%9D-%D7%95%D7%A4%D7%A2%D7%95%D7%98%D7%95%D7%A0%D7%99%D7%9D/%D7%AA%D7%9C-%D7%90%D7%91%D7%99%D7%91-%D7%99%D7%A4%D7%95/?&sitecode=10&subsitecode=1401&site=walla&d=1
Title: גני ילדים

URL: https://www.b144.co.il/%D7%A0%D7%93%D7%9C%D7%9F/%D7%AA%D7%99%D7%95%D7%95%D7%9A/%D7%90%D7%96%D7%95%D7%A8-%D7%AA%D7%9C-%D7%90%D7%91%D7%99%D7%91-%D7%95%D7%94%D7%9E%D7%A8%D7%9B%D7%96/?&sitecode=10&subsitecode=1403&site=walla&d=1
Title: תיווך

URL: https://www.wallashops.co.il/?utm_source=walla&utm_medium=wallahp2&utm_campaign=hpnemalawallashops_2
Title: וואלה שופס

URL: https://www.seolinks.co.il/
Title: קידום אתרים

URL: https://hayoetzet.co.il/
Title: מציאת רופא מומלץ

URL: https://www.wallashops.co.il/%D7%94%D7%9E%D7%95%D7%A6%D7%A8%D7%99%D7%9D-%D7%94%D7%A0%D7%9E%D7%9B%D7%A8%D7%99%D7%9D-%D7%91%D7%99%D7%95%D7%AA%D7%A8#intref=HP-DealCubes&meta=%D7%94%D7%A0%D7%9E%D7%9B%D7%A8%D7%99%D7%9D-%D7%91%D7%99%D7%95%D7%AA%D7%A8?utm_source=walla&utm_medium=wallahp2&utm_campaign=hpnemalasale_2
Title: מבצעים

URL: https://www.leumi.co.il/Campaign/loan_all_clients/47071/
Title: הלוואה לכל מטרה

URL: https://www.sugat.com/all-recipes/
Title: מתכונים מנצחים

URL: https://www.wallashops.co.il/%D7%93%D7%99%D7%9C-%D7%99%D7%95%D7%9E%D7%99?utm_source=walla&utm_mediumhp2=walla&utm_campaign=hpnemaladeal_2
Title: דיל יומי

URL: http://m.onelink.me/b3fbc033
Title: חדשות בזמן אמת

URL: https://www.wallaprint.co.il/?utm_source=WALLA&utm_medium=textSEO&utm_campaign=odBAinternet
Title: וואלה! פרינט

URL: http://pricelist.yad2.co.il/
Title: מחירון רכב

URL: http://www.yad2.co.il/Nadlan/sales.php
Title: דירות למכירה

URL: http://www.yad2.co.il/Nadlan/rent.php
Title: דירות להשכרה

URL: https://yoram.walla.co.il/mivdak?utm_source=wallacampaign
Title: המבדק של יורם

URL: http://www.oref.org.il/11093-he/Pakar.aspx
Title: פיקוד העורף

URL: https://news.walla.co.il/category/1
Title: חדשות בארץ

URL: https://bama.bio/b2b
Title: הבמה שלך באינטרנט

URL: https://www.maariv.co.il/jewishism/shabat-times
Title: כניסת שבת

URL: https://www.hamal.co.il/
Title: חמ"ל

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://walla.co.il/ HTTP 301
https://walla.co.il/ HTTP 301
https://www.walla.co.il/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 67

https://ib.adnxs.com/getuid?https://ledger.crowdad.io/map-id?publisherId=WALLA&publisherUserId=&kaUserId=a948f123-72ce-4b6c-a280-09b54f9f697e&adnxsUserId=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fledger.crowdad.io%2Fmap-id%3FpublisherId%3DWALLA%26publisherUserId%3D%26kaUserId%3Da948f123-72ce-4b6c-a280-09b54f9f697e%26adnxsUserId%3D%24UID HTTP 302
https://ledger.crowdad.io/map-id?publisherId=WALLA&publisherUserId=&kaUserId=a948f123-72ce-4b6c-a280-09b54f9f697e&adnxsUserId=7541192142968515385

Request Chain 108

https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent= HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/freewheel/3bafd9781f926aa7b41b62e571382ceb

Request Chain 115

https://creativecdn.com/cm-notify?pi=smilewanted HTTP 302
https://creativecdn.com/cm-notify?pi=smilewanted&tc=1 HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/zwbEK4O0DGnzVIIUkv3m?pi=smilewanted&tc=1

Request Chain 117

https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 302
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=8b0dd08cb2e7c58df73197de7d9c1554

Request Chain 119

https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid] HTTP 302
https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1

Request Chain 121

https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010 HTTP 302
https://ice.360yield.com/ul_cb/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/%7BPUB_USER_ID%7D&partner_id=1010 HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/improve/aba60665-25e0-4476-82a5-857d57af6300&partner_id=1010

Request Chain 138

https://ssum-sec.casalemedia.com/usermatchredir?s=193216&cb=https://csync.smilewanted.com/set_partner_userid_get/indexexchange/ HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Findexexchange%2F&s=193216&C=1 HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/indexexchange/Yzl1jET6kH7tABQbQ-Cl4QAA%261178

Request Chain 142

https://ghent-aws-fr.bidswitch.net/imp/0.0866/BSWhttps_A_B_Btrack.adform.net_Brtb_Bwinnotice_Cbn_R56167187_Jwinparams_RatC4npiLmPtxURYYTdNpB4p9HM83XWaiy2nYn4UiJoNxC31HnPXspgsptvGhoNX88SToQFloQbO8U7EuhrBf8VX0b5KNHciw286-tUrNWNyoy-4otgeXJ66ULKRXfpdmjmzJ-K__u3LHcSmlXIxxc__dpCBKuUw0J-68SsLM8zYASHXpd1pXYL-dvbRfqtQqpqndjY050x8ETxUnrGW1eJ__QO8__7rsP1jj0_Jrtbdata_RJM0MzCoBr3psAvogrZU3fGsMJauYuieMeqlQ3xll4Le8ZXHPlvdrTrQSuH5__hfCmh16XdaV2C__nb20X6rUKqap3Y2NOdMfBE09ozZztfyqi3BUbtRNhHAAFeFsp3Z4bOR5uKsSGXkli9__k8A9TkUmSmgMgmJ06dLVpryJusTa0FodOxc2CfdQw2_Jrtbwp_R_I_WAUCTION__PRICE_X_Jadfrnd_R1466876707/8MQYqtB6E7_UaYBBWxPamzXr9mWVNoo3maX-rzqlR1obrW0XBgoIxyYGL6tgUTbaquR3uct6zso6537ZkqsWjwvsOxnMOtPWC7yTbvnn68u7QJIWfhPHcy0kRbaG-pIVKYMA7OJqcGaNCh1nhDbfQNM64HFLbMlhdn-21Sm79W-1DDJBJK5PeFA2tO6RHQIMhYq2RnoKzoJb9jEZEoJ-ROzTXjJ76a_WUP9FrlL_qfbupiTZyL40oHsYIoueJPZJEW5i68bftEhNRdqAa4UJ1XLej2-fHPIC0AztRP6GIMZIrnlWa8hAPe6dZASt_UiJq8pbChStF2DEXL4_8m0fHy2nTqI4o4DRjKit-2Se0Annv2_zihPk7cWVmh_0F8NZWDDoHiHIz9SnTKsHgpvEycO8vfzI6AyAj4wdsxSwrMPQ1M_ceqljf4PGsI5DJrunXwqyde9Hzh2fTw8RpBBpyLA-Z4CFNp854N2gJSGN1AwchblUr_PtrsPVEhNpvnapvKPgivQpoiZfycMwHGWIqy9yXFFLA2y90RjgqYh8g7PaCwPzvKMO5dIO762JDG5ZjjSil7yQOeaKjlonXwx93_g4KNQTkbDO5eHGbGVudu-Or4Nv-i76WrJXcW3s7PTGimp78URHdtJnNyQYhyU2I8YZdvtgzGL4TD0ykZppHQLuExvP7-Fvksh0Q-Reo45ek-HQAMrII99f7mdUHbHW9tqDKGwKbqlqeRShHxtJkE2lCYl5oLom2iddfA3qZmFprgLympyIsVgJI1Wz0tsYwtbJ4froQXK3na-B3heQYohTaW1P14kYOQalgQR6wlf--xtruq1cDlVVlepEo3g9vKA6o6I-FbG9TlYb3oZJmohdpisa3E6cECPaUjexBosPD45FynsML5z9ibT6Ex0N_fwloGZiBdYBUvwQlgMgsxfmV5vgfoRLgeUCPTw7qJ-D5XYx6G3M4ic0DYX5xbJUxTCmbOOqE3Eqm6pQLYznuRwQDeuR3FgMhwojxh9Mu7ssxwitdLZZq2jB3tIhSPF4S93pa5scB4EdfMh6DB8S4FF03SBhAWs2n9eY_xWN5ABP1KRA_Tz-VkZ7gWQh1gJPMDM5_sKwv1DXFsX9udKLbsp3ptNDOPwMSOsgSfBrvswS9UzaBFztrmy3P6HnLDv6xyuf2GnqV7_JAjVqdp3Gj0kSHiJj6WxTToT_D16oYKXNBM9SsuBZ3ImJaKzoOsyg87vb2qYIMkLe18Z1cldvFDu1hUptfHKE3bpk4MrAONUFnes1K4uKxq6b48g5a5DTrqcv6hONariCg9nPvwvoSPkrZskGcldOeRVqRcdhUWZCKciem365Vp6ioX6senYs4opZdK4HYaRsge_ovuBpQKqj2Be5puyvKNGvlknAJJ7KTzAxNt8WN8YdTtBtkNU5WcV6yuY-RydpAbCdQurTaiJRHpDpBHXEGrrEBK-cCYEcm2IMrlzHPXJ8oejb63wR7RLab3ZaaaRGd5wdhujlAuHqkm847186gJMPpEyJVm1-xd16efHQ1IlvfWV9g_CsRYq88qnoXv8X2WAN2WzhbEjZ0ANvryw10cJwsZFs5Std8oZLIIn14puBO7eaNvRng8bHfT9cf2oJ9uMLBASMir4ZZqdh09psfupCuOdBYGpTwNZIMsa6_4D-wYZJZnvdTJeH477sL_GjxjU/ HTTP 302
https://track.adform.net/rtb/winnotice?bn=56167187&winparams=atC4npiLmPtxURYYTdNpB4p9HM83XWaiy2nYn4UiJoNxC31HnPXspgsptvGhoNX88SToQFloQbO8U7EuhrBf8VX0b5KNHciw286-tUrNWNyoy-4otgeXJ66ULKRXfpdmjmzJ-K_u3LHcSmlXIxxc_dpCBKuUw0J-68SsLM8zYASHXpd1pXYL-dvbRfqtQqpqndjY050x8ETxUnrGW1eJ_QO8_7rsP1jj0&rtbdata=JM0MzCoBr3psAvogrZU3fGsMJauYuieMeqlQ3xll4Le8ZXHPlvdrTrQSuH5_hfCmh16XdaV2C_nb20X6rUKqap3Y2NOdMfBE09ozZztfyqi3BUbtRNhHAAFeFsp3Z4bOR5uKsSGXkli9_k8A9TkUmSmgMgmJ06dLVpryJusTa0FodOxc2CfdQw2&rtbwp=0.092662&adfrnd=1466876707

Request Chain 144

https://www.awin1.com/cshow.php?s=2470167&v=11354&q=377133&r=300627&pv=1&viewref=native HTTP 302
https://www.zenaps.com/cshow.php?pvr=263f6960-4245-11ed-85db-22335d251430&v=11354&r=300627&q=377133&s=2470167&viewref=native&pv=1 HTTP 302
https://www.conrad.de/ztpv.php?awc=11354_300627_1664710028_263f6960-4245-11ed-85db-22335d251430&insert=AW&&gdpr=&gdpr_consent=

Request Chain 200

https://c1.adform.net/serving/cookie/match?party=14&cid=ABA4E9BE-9366-46AF-8704-5C27B54DA2E6 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=ABA4E9BE-9366-46AF-8704-5C27B54DA2E6

Request Chain 202

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2626054664376082177

Request Chain 203

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:b32a6339-758c-4d00-b7ec-6f8554e7664f&gdpr=0&gdpr_consent=

Request Chain 205

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=q6TpvpNmRq-HBFwntU2i5g%3D%3D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 206

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=1b746339-758c-4a00-b058-70bfc4850e28

Request Chain 207

https://pixel.onaudience.com/?partner=214&mapped=ABA4E9BE-9366-46AF-8704-5C27B54DA2E6 HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1 HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1&xl8blockcheck=1 HTTP 302
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=1bf55afce99a6bd5696fd7538a1b5926&gdpr=1 HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=c3511831b9ca450a/gdpr=1/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26gdpr_consent%3D%24%7Bgdpr_consent%7D HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD/tpid=c3511831b9ca450a/gdpr=1/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26gdpr_consent%3D%24%7Bgdpr_consent%7D HTTP 302
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1&gdpr_consent=${gdpr_consent} HTTP 302
https://pixel.onaudience.com/?partner=190&icm&cver&gdpr=1&gdpr_consent=${gdpr_consent}&smartmap=1&redirect=ps.eyeota.net%2Fpixel%3Fgdpr%3D1%26gdpr_consent%3D${gdpr_consent}%26pid%3D3b2cb90%26t%3Dgif%26uid%3D%25m HTTP 302
https://ps.eyeota.net/pixel?gdpr=1&gdpr_consent=${gdpr_consent}&pid=3b2cb90&t=gif&uid=cc5f7980b35024e5

Request Chain 208

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QUJBNEU5QkUtOTM2Ni00NkFGLTg3MDQtNUMyN0I1NERBMkU2&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 209

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDOXfoOxbHOrCxBvh4OLiKY&google_cver=1

Request Chain 211

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6653584868059426744

Request Chain 213

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7541192142968515385&gdpr=0&gdpr_consent=

Request Chain 214

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=qC12AKkrfVqzKiMJqytoAf98cA-zfXBa_SnlCIkW

Request Chain 219

https://ghent-aws-fr.bidswitch.net/imp/0.0866/BSWhttps_A_B_Btrack.adform.net_Brtb_Bwinnotice_Cbn_R56167187_Jwinparams_RUMvTJGRFzntxURYYTdNpB4p9HM83XWaiy2nYn4UiJoNxC31HnPXspgsptvGhoNX88SToQFloQbO8U7EuhrBf8VX0b5KNHciw286-tUrNWNyoy-4otgeXJ66ULKRXfpdmjmzJ-K__u3LHcSmlXIxxc__dpCBKuUw0J-68SsLM8zYASHXpd1pXYL-dvbRfqtQqpqndjY050x8ETxUnrGW1eJ__QO8__7rsP1jj0_Jrtbdata_RZ0UGC82hh1gPN8lzvtOqIb3rj5Itvbvkq0EPG7dRqxOZsajPBu6KKFQjuN26lf39h16XdaV2C__nb20X6rUKqap3Y2NOdMfBE09ozZztfyqj95ZwZ2G--BQFeFsp3Z4bOR5uKsSGXkli9__k8A9TkUmSmgMgmJ06dLVpryJusTa0FodOxc2CfdQw2_Jrtbwp_R_I_WAUCTION__PRICE_X_Jadfrnd_R31441307/gdc59Sn49ctkiihMnpH4c8gq3nALx5_p5UZhcD0NtknkpSXPYo6EF5fgqzwGQWTxNeHg4hmcS4GKqE9yj1NUM-Ri5iJou8JTEj38A5vlk6mQlvxfDb43hESU-z-atkmVGfSDE9xPJGwBmX6j6jwghnZLpWks79DSLbsKAI0kqn7CDNtYY8-6Z8mZ386xWypgE_0qDvUcsAoIcxwW2_kbU_aQcEvp9M7TEnZjxgbrELEvxQzJi1Wtxw27J4FMDR0bd2ZJdrAy3cQMJePue2WBgVC_cvLOnMYCjPPcBE3KOU672XkXbnwyU_H8qPrkGz1A_ZmLmWKzkHZ7TqL1CfSRWileaUEHDrrSH6zdJUlfPH0WPvAmFQkdZYEYSI2tkxvLqwqofN1ikuJf2_rP37hhbUEbw8hEDxju0QBkilrEh4p7FO_GeS81PyONWEhYwXBywopNdHiQ--pPPIk2oCw2YtAoxTobrqdz4MEk7m7sO6rTJ_hY5Uqs-cASfOLkMU8U20njUnLGEs2lIGSUd5DXCjm31UWP9L4U-LpCcnY24Hu5YRLx2z2q6A3V96dOH8d1oUd2QyKGBMWMnV-vzsqZ722Xse40Ge6Ma22A1PcOUHbZ3UO33LxUbUc83DT9cIWbL68tkhGjN3YQZuPT78ZM8Oy2zEzVq12pW_HuuIljTm7HF9ZBNrqeQl7cCg-a8db52Na3FxpiYbC-ySEBYKqqYQRIMip3hJhImsZPC_wTNoruKZfvtVcKaOZdS0T8RaYRjXTKmN4oxSJHpdgpa6kixjnqucplUl2jhR14arBGeKjMSP53y7zGTSFMxGLBLevAy33oQZ-aJF1KAsQpkwXaZvDZu5Ie4p1U4BKsaPqAe2nPFXE7h6-YWaS-8gCzl9SqVgT3i05o0eW4dSLe7lqQHhcjxMiDTxH1bS-mG5CAneiFLZm5GYSL2pl_k3RLKlOzDpLR70YwwbuJwfd0_ln9WBItWwkuz0kHgJR3Fb8MiF5VveHtPtU0kXYj9v2wL3apyZGd_m6riX0avj_PX7eaUn8-EEIAGE8BS77IxCiS4skuaj1wBmz2qGr5vFuXZNY6ei2vttkOIR0lPpwnrvv7WK9ectG8ZR5pIGLPxkRoGAPc5YaW8wqR1M8ktmHskYy-2p22p6DOkLSdHQErSDGF0gRBYgmK0fA62ZprPtMlnB_hSdUCgzAXGJoTc6S64J5N1wejnShq4t8A7SUdGd59wqMNTBA2XKR0ic3RyEyJqhiap5J5UgVVXIR2PG4GWc6qqMaYxPtoyXuIdn-vp3EUoRBC5RJzxxZaACghTytALzWDwww5qj8s8XmyghWK5K3Fdi0lbcDPcZfG6iSqodrygUBIv2PBOUC5wL9fFLN4Sjf_5xR3fwOjzP4F7Qv51v0WBseSZhcCtvxli2b8nB6ZrDTid4HCWJ-A0TW1bT1i8VGLjT30AgJAhtFG73co7Cvxt-7ckRvvUCXeG8DnbbGT2FVXoHeoAUi3d-vXuH4AdVp1s0Oxe5m2g3zhvw4l113QmDeP19bkYhbt-uU7Sboc9lKelrL0deAyQkc0NjnYIE7KgFUKPj0n7uVuuwjHBJI-qY2UlwqCcgFtwlo8trzB7knRvocIsvyX7D1RvUmaoYwGKPu8xPWzCQohg87jXg4HsHExdprwxgVcxX1teRdbVDalshMKNdZpn5oCeVBGx89GZh0BnvSg5c9xnkCqcysBEU8Zb_0FQ4mJ2-Uo5O9D_8s4cgIWN33n/ HTTP 302
https://track.adform.net/rtb/winnotice?bn=56167187&winparams=UMvTJGRFzntxURYYTdNpB4p9HM83XWaiy2nYn4UiJoNxC31HnPXspgsptvGhoNX88SToQFloQbO8U7EuhrBf8VX0b5KNHciw286-tUrNWNyoy-4otgeXJ66ULKRXfpdmjmzJ-K_u3LHcSmlXIxxc_dpCBKuUw0J-68SsLM8zYASHXpd1pXYL-dvbRfqtQqpqndjY050x8ETxUnrGW1eJ_QO8_7rsP1jj0&rtbdata=Z0UGC82hh1gPN8lzvtOqIb3rj5Itvbvkq0EPG7dRqxOZsajPBu6KKFQjuN26lf39h16XdaV2C_nb20X6rUKqap3Y2NOdMfBE09ozZztfyqj95ZwZ2G--BQFeFsp3Z4bOR5uKsSGXkli9_k8A9TkUmSmgMgmJ06dLVpryJusTa0FodOxc2CfdQw2&rtbwp=0.092662&adfrnd=31441307

Request Chain 221

https://www.awin1.com/cshow.php?s=2470167&v=11354&q=377133&r=300627&pv=1&viewref=native HTTP 302
https://www.zenaps.com/cshow.php?pvr=266fef47-4245-11ed-a184-2263aefec425&v=11354&r=300627&q=377133&s=2470167&viewref=native&pv=1 HTTP 302
https://www.conrad.de/ztpv.php?awc=11354_300627_1664710028_266fef47-4245-11ed-a184-2263aefec425&insert=AW&&gdpr=&gdpr_consent=

Request Chain 249

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEtSO64Yh9yARPwdbck-XGs&google_cver=1

Request Chain 250

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yzl1jET6kH7tABQbQ-Cl4QAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEtSO64Yh9yARPwdbck-XGs&google_cver=1

Request Chain 251

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEIzcM-GDu1TW9df8ikQmfbQ&google_cver=1

Request Chain 252

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzU0MTE5MjE0Mjk2ODUxNTM4NQ%3D%3D

Request Chain 253

https://ad.turn.com/r/cs?pid=3&google_gid=CAESECzdVNfMAs2eqyhysPB-sm0&google_cver=1&google_push=AZmPxg8fvE_NR4M5dmP4TCpEY1VjS49JzRfc9sOGaGYSuiSwOBA_GIGjEZiLo48aS1XIwf6pXI4m1aFCpwVeH8epvCIhQSYeT6HY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mzc5OTU4OTczNzc1OTEzNTU2Nw==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESECzdVNfMAs2eqyhysPB-sm0&google_cver=1

Request Chain 255

https://ads.travelaudience.com/google_pixel?google_gid=CAESEEIMii81dQrs1px35LCiAEE&google_cver=1&google_push=AZmPxg-jBdr7QK8UjDjTZSXRJegbB-es6-_pD-0m1WvL693Q7e0KQPuckoM1Sfu6poC5tUJxc5uIL1OTymICY8quLJeZpb5i_4cl HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=6gWFlwfRS9S73ABajTqvFA2&google_push=AZmPxg-jBdr7QK8UjDjTZSXRJegbB-es6-_pD-0m1WvL693Q7e0KQPuckoM1Sfu6poC5tUJxc5uIL1OTymICY8quLJeZpb5i_4cl

Request Chain 256

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEA02kehyb-Hx1y8sx6LUWxI&google_cver=1&google_push=AZmPxg_bzcprriZxljZRU0xddMo5wqkdVQLElDptrarT3OHYSyOdyX9VyuP1Xu4hIrp8eNejLvTxT0m3wi7TLt1PRIIana0b_-k HTTP 302
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=7f7495f7-28fe-461f-8799-6a5d3797d4e7&ssp=google&gdpr=&gdpr_consent=

Request Chain 257

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEO_NATA7KAid_Mzo-yvQfVA&google_cver=1&google_push=AZmPxg_lRW86xgABs6oULPG7t0fLpUudORlEnRN7bfsu1MPFTxmcb8YrwCqRzA5I2_CaRYZAcWD8ovB56c3YGOsvSozmRtpWmiFf HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjY1MzU4NDg2ODA1OTQyNjc0NA&google_push=AZmPxg_lRW86xgABs6oULPG7t0fLpUudORlEnRN7bfsu1MPFTxmcb8YrwCqRzA5I2_CaRYZAcWD8ovB56c3YGOsvSozmRtpWmiFf

Request Chain 259

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEBpRar886cSRItwcriyf810&google_cver=1&google_push=AZmPxg_goKa0dOeZhszfxJ3QIIONsUUTkRTI_OejAfWZTQ-ayFVkzW3hAgjoKKn02oLH8U0tigWAS9vg1xj2cJcUQUuu8ssFDsPNcQ HTTP 302
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEBpRar886cSRItwcriyf810&google_cver=1&google_push=AZmPxg_goKa0dOeZhszfxJ3QIIONsUUTkRTI_OejAfWZTQ-ayFVkzW3hAgjoKKn02oLH8U0tigWAS9vg1xj2cJcUQUuu8ssFDsPNcQ&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1VT3FkbjdCRTJ1Ry4uWnEydk5nMU13VUtpbjRfRnhrY35B&google_push=AZmPxg_goKa0dOeZhszfxJ3QIIONsUUTkRTI_OejAfWZTQ-ayFVkzW3hAgjoKKn02oLH8U0tigWAS9vg1xj2cJcUQUuu8ssFDsPNcQ

Request Chain 287

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMRYilfUNuxI9AMASZojQkw&google_cver=1&google_push=AZmPxg-rAKl0eIM0tHm5ELLZj_yaNOuFYu5hty8zxlmR2zLSXh10lv-EPqQb3PUm_tLMBX6OMXGREpG_1gbXED-GMDv2WEAugboI HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg-rAKl0eIM0tHm5ELLZj_yaNOuFYu5hty8zxlmR2zLSXh10lv-EPqQb3PUm_tLMBX6OMXGREpG_1gbXED-GMDv2WEAugboI&google_hm=GJ_ft5pcHWXrwBQowb-1kg

Request Chain 289

https://um.simpli.fi/gp_match?google_gid=CAESED0QkvWjSar4C4T-2IHn4JI&google_cver=1&google_push=AZmPxg9id4V_4OK5wqgR30RlXM_M2r6s2-9-KMGv1S-o7EaVgU45-PHRH6A-O-gKW0vf3ingLi2DZgpjMfEYUxcKcGFZQQga-ic HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=BB5F013D0844418D8818FA1B516D05E0&google_push=AZmPxg9id4V_4OK5wqgR30RlXM_M2r6s2-9-KMGv1S-o7EaVgU45-PHRH6A-O-gKW0vf3ingLi2DZgpjMfEYUxcKcGFZQQga-ic

Request Chain 291

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESENyPRTlrx5vMxG7mx_a3J4c&google_cver=1&google_push=AZmPxg9AOxf_undECKo4_F6IM0zu1HuR3CHGpNNz10v0GtMC6JkDnx7XhMdyyKNbWM5Db3zVNzSOMx-zuCfxVUhg3ofxsUgUSJBO HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg9AOxf_undECKo4_F6IM0zu1HuR3CHGpNNz10v0GtMC6JkDnx7XhMdyyKNbWM5Db3zVNzSOMx-zuCfxVUhg3ofxsUgUSJBO&google_hm=NDcwODQ5NjY2MDEzNTg4MDU4Ng%3D%3D

Request Chain 292

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEHOowOi1ef0QI5teBzLTMCs&google_cver=1&google_push=AZmPxg980ES9llccx3OgcAGLKiBF-F-OYreuqfx6atmO98Bh_FtPWZwikeBbKEOlnbVthVOtiJdXK8mzNJuPws8X1l3szQVY3jWi HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEHOowOi1ef0QI5teBzLTMCs&google_hm=Yzl1jET6kH7tABQbQ_Cl4QAABJoAAAIB&google_nid=index&google_push=AZmPxg980ES9llccx3OgcAGLKiBF-F-OYreuqfx6atmO98Bh_FtPWZwikeBbKEOlnbVthVOtiJdXK8mzNJuPws8X1l3szQVY3jWi

Request Chain 293

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEPSvrVU07Y9spM1UQELzNmQ&google_cver=1&google_push=AZmPxg-RizerpOiQZXap9OI-23tCZdgq1m9Wz3fGqdoPNQJPZxcMdQcYsssb_tSpuJkwggg2NxDqayfr-ArR9X2p719SDllV3saL HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg-RizerpOiQZXap9OI-23tCZdgq1m9Wz3fGqdoPNQJPZxcMdQcYsssb_tSpuJkwggg2NxDqayfr-ArR9X2p719SDllV3saL

Request Chain 335

https://a.tribalfusion.com/i.match?p=b6&u=CAESEDhvWJzdp8lrVf_4aL5Dczk&google_cver=1&google_push=AZmPxg-wXwcweEbboCHPvLHMh-pk09v5b-OVtkvlNgPasYT-IuugUBx6Xw8H8uDb9328nzJ4b6KLMOqON8VFTyOs3bd26K9bxGQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg-wXwcweEbboCHPvLHMh-pk09v5b-OVtkvlNgPasYT-IuugUBx6Xw8H8uDb9328nzJ4b6KLMOqON8VFTyOs3bd26K9bxGQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDhvWJzdp8lrVf_4aL5Dczk&google_cver=1&google_push=AZmPxg-wXwcweEbboCHPvLHMh-pk09v5b-OVtkvlNgPasYT-IuugUBx6Xw8H8uDb9328nzJ4b6KLMOqON8VFTyOs3bd26K9bxGQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg-wXwcweEbboCHPvLHMh-pk09v5b-OVtkvlNgPasYT-IuugUBx6Xw8H8uDb9328nzJ4b6KLMOqON8VFTyOs3bd26K9bxGQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 338

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEOkyOg1ugcnBcSbEbpAlByU&google_cver=1&google_push=AZmPxg-E3LS5iPwoWuiaH0EA6DwY8jPOztGx-nHimZhJERbJMkHEgl9lvMcOSfW6Wnt3UaxOy0CQkwN9lA7Bqa8vuk0FhsqjndE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE0OTg3NTEzMTg5MTcxMDEwNQ%3D%3D&google_push=AZmPxg-E3LS5iPwoWuiaH0EA6DwY8jPOztGx-nHimZhJERbJMkHEgl9lvMcOSfW6Wnt3UaxOy0CQkwN9lA7Bqa8vuk0FhsqjndE

Request Chain 339

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEHjHc_tyCkI25ps5pgBgQFw&google_cver=1&google_push=AZmPxg9kpD-i_wh5cE8FRnknRcaa3bhicGqsOgO_OgRezdTUiq6AYf-oikkzmv3tkmKMdrxCmi31YtiwKF6L9Ffd9VyIWvclUX4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg9kpD-i_wh5cE8FRnknRcaa3bhicGqsOgO_OgRezdTUiq6AYf-oikkzmv3tkmKMdrxCmi31YtiwKF6L9Ffd9VyIWvclUX4&google_hm=f3SV9yj-Rh-HmWpdN5fU5w==

Request Chain 340

https://d5p.de17a.com/cookies/google?google_gid=CAESEPp88BGKiDz4WHlDERtSwto&google_cver=1&google_push=AZmPxg_U6-oJmfk064B8L3loZdI1dvhRIKpWJFzB5Te7ybImhx-kqhQh_xTINKq2g_86Mac8IpzmkEUcrudw-Bw7ZkCcf-ChxyU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AZmPxg_U6-oJmfk064B8L3loZdI1dvhRIKpWJFzB5Te7ybImhx-kqhQh_xTINKq2g_86Mac8IpzmkEUcrudw-Bw7ZkCcf-ChxyU

Request Chain 341

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESECsHzovzHMVkBIrA9DFc-3g&google_cver=1&google_push=AZmPxg-6wRtCL1bW-FaaFZ3SSigPN1hCuat8QJhqZTJwAKUK1wGCPoCsR0xqS_s7MiJrVkh_tNOHA2EjBUJVJq-LVkSNtwJ92-pZ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg-6wRtCL1bW-FaaFZ3SSigPN1hCuat8QJhqZTJwAKUK1wGCPoCsR0xqS_s7MiJrVkh_tNOHA2EjBUJVJq-LVkSNtwJ92-pZ HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 343

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEArz39ujfwYHWnaQj9kHVeA&google_cver=1

Request Chain 345

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESELVoEu8gO5lLLcDiYJpgnDk&google_cver=1

Request Chain 347

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEArz39ujfwYHWnaQj9kHVeA&google_cver=1

Request Chain 349

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESELVoEu8gO5lLLcDiYJpgnDk&google_cver=1

Request Chain 351

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEArz39ujfwYHWnaQj9kHVeA&google_cver=1

Request Chain 353

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESELVoEu8gO5lLLcDiYJpgnDk&google_cver=1

Request Chain 395

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDShI9sP_-TvDEfjsbdcQHM&google_cver=1&google_push=AZmPxg9sYllxUzFZyQn0JGP5CwTADZC8TgjwD3zP_rHY3qcRgXAN5Vmr6el6HhffKAN1VJO1f9aorSE3Nmgzz-AvE4_LF1pRuFA HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDShI9sP_-TvDEfjsbdcQHM&google_cver=1&google_push=AZmPxg9sYllxUzFZyQn0JGP5CwTADZC8TgjwD3zP_rHY3qcRgXAN5Vmr6el6HhffKAN1VJO1f9aorSE3Nmgzz-AvE4_LF1pRuFA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Vk5FVEhqdVgxT0VYN0w1&google_gid=CAESEDShI9sP_-TvDEfjsbdcQHM&google_cver=1&google_push=AZmPxg9sYllxUzFZyQn0JGP5CwTADZC8TgjwD3zP_rHY3qcRgXAN5Vmr6el6HhffKAN1VJO1f9aorSE3Nmgzz-AvE4_LF1pRuFA

Request Chain 397

https://um.simpli.fi/gp_match?google_gid=CAESEE_hBEo42sTLjBoLPRRhPbk&google_cver=1&google_push=AZmPxg_5zG3fCcNTujofYnxGQIKhwX2yTlZaxIkaTDisaEhqWsmSH_Ht6zOYoh-rZncZGyhSq5AJW85Y7kmpFy_dG3AP14wm39Yy HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=BB5F013D0844418D8818FA1B516D05E0&google_push=AZmPxg_5zG3fCcNTujofYnxGQIKhwX2yTlZaxIkaTDisaEhqWsmSH_Ht6zOYoh-rZncZGyhSq5AJW85Y7kmpFy_dG3AP14wm39Yy

Request Chain 398

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEO7xAhQrOy5n6DZ2q_NlyjI&google_cver=1&google_push=AZmPxg-YFpjWHFmMjGfemHHT78AJtNLmRTzW4D6Ez5v3oeF7HF4LT11sC82o-8TblVsC1-TBM1TQPJ4C1xR6yC1wYkxCueUJquHE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg-YFpjWHFmMjGfemHHT78AJtNLmRTzW4D6Ez5v3oeF7HF4LT11sC82o-8TblVsC1-TBM1TQPJ4C1xR6yC1wYkxCueUJquHE&google_hm=NDcwODQ5NjY2MDEzNTg4MDU4Ng%3D%3D

Request Chain 399

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJueY9Zc5V6WY948IpJNbe0&google_cver=1&google_push=AZmPxg8ufpYr_VHXoxhX9Mt6ci4CsOoyODgKji68Cs1F7OWKBKDr6oxX5Nrs_Ktr0Vl09Xr98RETD9I0z2Fw19CmqBz3nI826HNL HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhSOURBSUQtMU4tR0RIUA==&google_push=AZmPxg8ufpYr_VHXoxhX9Mt6ci4CsOoyODgKji68Cs1F7OWKBKDr6oxX5Nrs_Ktr0Vl09Xr98RETD9I0z2Fw19CmqBz3nI826HNL

Request Chain 400

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEOaeeXOZ0ztXaq36mI4ZIu4&google_cver=1&google_push=AZmPxg9eb_95eJPw6ubcNbZBUtBXLaSUTwqYUFH5eJZF7st5hpDVEzRiR43OU0pBGRI7b9tfIm4SSk-cDpEI3vWqn7D5C1wrzOg4 HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AZmPxg9eb_95eJPw6ubcNbZBUtBXLaSUTwqYUFH5eJZF7st5hpDVEzRiR43OU0pBGRI7b9tfIm4SSk-cDpEI3vWqn7D5C1wrzOg4&google_gid=CAESEOaeeXOZ0ztXaq36mI4ZIu4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDUxMDc2NzE4OTExNzE2Mzk2OTE4MQ%3D%3D&google_push=AZmPxg9eb_95eJPw6ubcNbZBUtBXLaSUTwqYUFH5eJZF7st5hpDVEzRiR43OU0pBGRI7b9tfIm4SSk-cDpEI3vWqn7D5C1wrzOg4

Request Chain 401

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEOfOX_t_5DNjcZq7fX2xwZE&google_cver=1&google_push=AZmPxg-0AcpVrpqkm0EoVQYnNS5dz2GR3q-JcDRBACWMKdiyjQVHos7p3oeVhpVKu9JJekOUSE4kUeadflQfc--5_0bft-nh7NWzMg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1VT3FkbjdCRTJ1Ry4uWnEydk5nMU13VUtpbjRfRnhrY35B&google_push=AZmPxg-0AcpVrpqkm0EoVQYnNS5dz2GR3q-JcDRBACWMKdiyjQVHos7p3oeVhpVKu9JJekOUSE4kUeadflQfc--5_0bft-nh7NWzMg

Request Chain 436

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESED36ZQCqzTaYhjGNdFhN9Uk&google_cver=1&google_push=AZmPxg_bBY6DsLJ1axBvTDihIdNpTyL7fxKXmHe8NYL4B2KjEq4gShmoFbVPawiIllVpaTR-_WMbAO33j1dQDRwspks0nhOylkM HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=8&google_gid=CAESED36ZQCqzTaYhjGNdFhN9Uk&google_cver=1&google_push=AZmPxg_bBY6DsLJ1axBvTDihIdNpTyL7fxKXmHe8NYL4B2KjEq4gShmoFbVPawiIllVpaTR-_WMbAO33j1dQDRwspks0nhOylkM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=sHyRxM7ERvG_MAUFslyYa2M5dY4

Request Chain 437

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPRmNCOqv1CX_Y9rOM_952E&google_cver=1&google_push=AZmPxg_5Tbz0wjhTKqwCIn2CrlEuyjo_oSoTP9Y48sGjAe4UuL4x5BSKZjc640ev4iPUrU1uUKz45Y1z-0bqxzYzuPze724Uir0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjY1MzU4NDg2ODA1OTQyNjc0NA&google_push=AZmPxg_5Tbz0wjhTKqwCIn2CrlEuyjo_oSoTP9Y48sGjAe4UuL4x5BSKZjc640ev4iPUrU1uUKz45Y1z-0bqxzYzuPze724Uir0

Request Chain 438

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJueY9Zc5V6WY948IpJNbe0&google_cver=1&google_push=AZmPxg-FHBUoIBOw6uuBHCH7pVz93j03o2l9OtkNCiWKz6dyLS33dXdajZtmbjupiZISAwXP8bhMgpxeUQt4_0v-0gb3GgrvHA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhSOURBSUQtMU4tR0RIUA==&google_push=AZmPxg-FHBUoIBOw6uuBHCH7pVz93j03o2l9OtkNCiWKz6dyLS33dXdajZtmbjupiZISAwXP8bhMgpxeUQt4_0v-0gb3GgrvHA

Request Chain 439

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEAM40CENnLs6stONiLQX08s&google_cver=1&google_push=AZmPxg_y3zMmUX-T6bOqC6WpyplZiBdK2vlEJCMYwnfGJdHE0pECgaUTffOvIpSIZKS78XszQ-dyJWPQZ8qxRxHpCCDlyDNLf50 HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEAM40CENnLs6stONiLQX08s&google_cver=1&google_push=AZmPxg_y3zMmUX-T6bOqC6WpyplZiBdK2vlEJCMYwnfGJdHE0pECgaUTffOvIpSIZKS78XszQ-dyJWPQZ8qxRxHpCCDlyDNLf50&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AZmPxg_y3zMmUX-T6bOqC6WpyplZiBdK2vlEJCMYwnfGJdHE0pECgaUTffOvIpSIZKS78XszQ-dyJWPQZ8qxRxHpCCDlyDNLf50&google_hm=FadPqGZHVUw_sU9SQnKg-CMc

Request Chain 440

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESELNZA1zVhbfeLxN4szuBVmQ&google_cver=1&google_push=AZmPxg8xgWhqOJsCrY6p9Rmwajedqe7R4JelR01G4QMHiHpAV-R26NUrEZK3UTbdyuEVfnIAKy1b-t-tSt7QHVSsJQl-BOX1cqY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AZmPxg8xgWhqOJsCrY6p9Rmwajedqe7R4JelR01G4QMHiHpAV-R26NUrEZK3UTbdyuEVfnIAKy1b-t-tSt7QHVSsJQl-BOX1cqY

Request Chain 441

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESECsHzovzHMVkBIrA9DFc-3g&google_cver=1&google_push=AZmPxg9vicvisAo-BmroQusB5ACWcoEFkERX3PqAEQRe2UuHBTAPVMGFhMw0u5t0FPIfIASZjkoQz-D3_8mq_D6MHz79xoXQ1DE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg9vicvisAo-BmroQusB5ACWcoEFkERX3PqAEQRe2UuHBTAPVMGFhMw0u5t0FPIfIASZjkoQz-D3_8mq_D6MHz79xoXQ1DE HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 444

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEHY-5sPFyG5NrzlCehOqrtA&google_cver=1&google_push=AZmPxg-hu1Ilch6z3hrXQhfYfnw7NLlO_dUId4XrFcfi4CwS4WXbW4LZ2luniVg1uynRFjV0lghg5z8hKuCzUGZXX6SRiiaCNXjI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=G3RjOXWMSgCwWHC_xIUOKA&google_push=AZmPxg-hu1Ilch6z3hrXQhfYfnw7NLlO_dUId4XrFcfi4CwS4WXbW4LZ2luniVg1uynRFjV0lghg5z8hKuCzUGZXX6SRiiaCNXjI

Request Chain 446

https://um.simpli.fi/gp_match?google_gid=CAESEE_hBEo42sTLjBoLPRRhPbk&google_cver=1&google_push=AZmPxg_2nJXIdcAcniMSjBCGPPhN8vd-sbfSkOGnUQuZi5PiF0GRnfIGhllqpH7XwIigOJduejI6NbX6azQYSm2afG7b-HXprP9- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=BB5F013D0844418D8818FA1B516D05E0&google_push=AZmPxg_2nJXIdcAcniMSjBCGPPhN8vd-sbfSkOGnUQuZi5PiF0GRnfIGhllqpH7XwIigOJduejI6NbX6azQYSm2afG7b-HXprP9-

Request Chain 447

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESELPFk67qUUKBVl8zdmEO3tQ&google_cver=1&google_push=AZmPxg87VZH2uOlY5Sp7RggzM6pcDIJtMgR2YF0i1Bdos-UxH9UeSSlV_CW7XtIyWn0gg96KhM1DFNZFIMb28Fvc9U9zgqQvLbET HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AZmPxg87VZH2uOlY5Sp7RggzM6pcDIJtMgR2YF0i1Bdos-UxH9UeSSlV_CW7XtIyWn0gg96KhM1DFNZFIMb28Fvc9U9zgqQvLbET&google_hm=fsvM-UYQQlesQQx8IrNqU4Q

Request Chain 448

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESECsHzovzHMVkBIrA9DFc-3g&google_cver=1&google_push=AZmPxg-_xvE2ynwsBcxIL4eCTtixjhY25DbJl1rZXbkCJuLp7RCmKPRdsm9UBRQzzMSe1QwUzMAgXum9AZsSjmKwgfa9Bg9yEK4E HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg-_xvE2ynwsBcxIL4eCTtixjhY25DbJl1rZXbkCJuLp7RCmKPRdsm9UBRQzzMSe1QwUzMAgXum9AZsSjmKwgfa9Bg9yEK4E

Request Chain 449

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEOaeeXOZ0ztXaq36mI4ZIu4&google_cver=1&google_push=AZmPxg9YoMeO0K6SiDcRHZZq2TnkWV0HS65MfR4zswovHS0wye2hom53bkxgikl0N9u5GT29I8kA9uc5PbJlIQuxgVQNxW1ygZc2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDUxMDc2NzE4OTExNzE2Mzk2OTE4MQ%3D%3D&google_push=AZmPxg9YoMeO0K6SiDcRHZZq2TnkWV0HS65MfR4zswovHS0wye2hom53bkxgikl0N9u5GT29I8kA9uc5PbJlIQuxgVQNxW1ygZc2

Request Chain 450

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEOfOX_t_5DNjcZq7fX2xwZE&google_cver=1&google_push=AZmPxg9F8lzUUTkDGAonH18Vmzgyd6HSapN5PkiY5nSv7tp-SjyFmbpi9cM0qauQi7ypv-u50_aIxgNuy7It-OZTjtY_S5OHsDZ_cA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1VT3FkbjdCRTJ1Ry4uWnEydk5nMU13VUtpbjRfRnhrY35B&google_push=AZmPxg9F8lzUUTkDGAonH18Vmzgyd6HSapN5PkiY5nSv7tp-SjyFmbpi9cM0qauQi7ypv-u50_aIxgNuy7It-OZTjtY_S5OHsDZ_cA

Request Chain 494

https://gum.criteo.com/sid/json?origin=publishertag&domain=walla.co.il&sn=ChromeSyncframe&so=0&topUrl=www.walla.co.il&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=imRsPnxJQU80VHVzMXNkbmtOZmlZL2NUUUJjaUxwcXA5ZFo1b3M1cG5oY2tBM2o2VUd2dE1lRHFrVk1XNU1uQ3FINWVYcjlOc0tVMVVTVU1nOUkvOFNrSUZiSFN6bGFVbW1PQmlXRXQ4bU0raWdrdWJKUkxOcmxwUERIOTU3TUoxbHYrcUdMbnpSVE9wMjdnVjJ1SllOV1V1R0YwOGdlV3FBc3pITWhrN2gxR3d2cWFDY3NJN1VCS25sc0d5MnBXT2tOUzNPc2RLeXpLcHhqWURPV1Vhb0UvdVNLc0pZbkNZUGtnV3B3TnJEK3hJdlVWaFo4NHBLeHBJRys3Q2lXUXF6MlVjejhNQUM5di9RSlJUbUFvZEl0VFZORURZQlliSnpRMS9xdnplVTZJaHk4OD18&cppv=2

Request Chain 496

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.walla.co.il%2F&domain=www.walla.co.il&cw=1&pbt=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=JkYysHwwVjR1Q2o3eS9jZnV6Ykh3U05uY2lEQk41NVpwZnFqVHNXczlFZ2VkMWhFMndsZXlxak5xL2ZtN213dHdZcGVSUzBPb2YwQ3d2R0tLL3F3V0dvTHV5c3N5cWJMSm1wWFpDRDUvUm4zYVNmNUZRdWR6WFlQOE4yN3JsS3RjNkliTmxZczU1VHBOODlyZmxXV00zNm0xRFRpcVpGbFJsYmRhK2hUa1ExWmVwL0VNWDJuNklrNS9oYlUxaE5CK3A2ZVJ4Sm1aZUFCdnVCSE5Uck83YTg4MjRRc1FMZ3JKMWM0L2JCM0NsZUs1Y1VqQmtxNlM1emFKSll0L00ybm9jUGdPU0RKWTV6UVByc000M2NlZFFPRmRLQy93UnZzakM0MnRRd01SOGI2N0RBTT18&cppv=2

Request Chain 516

https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7149875131891710105

Request Chain 518

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFJc0JrN0djdXNBQUI5cE9YNnNsZw&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAK1IE7GcusAAB4UALaRQQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID

Request Chain 519

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=ABA4E9BE-9366-46AF-8704-5C27B54DA2E6&gdpr= HTTP 302
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=ABA4E9BE-9366-46AF-8704-5C27B54DA2E6&gdpr=&fbounce=1 HTTP 302
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=ABA4E9BE-9366-46AF-8704-5C27B54DA2E6&addseg=19,36,42

Request Chain 520

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=ABA4E9BE-9366-46AF-8704-5C27B54DA2E6&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=ABA4E9BE-9366-46AF-8704-5C27B54DA2E6&sInitiator=external&gdpr=0&gdpr_consent=

Request Chain 522

https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=ABA4E9BE-9366-46AF-8704-5C27B54DA2E6 HTTP 302
https://a.audrte.com/p

Request Chain 523

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=7f7495f7-28fe-461f-8799-6a5d3797d4e7&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
https://x.bidswitch.net/sync?dsp_id=283&user_id=893557d6-b9d6-4d6f-a623-814a7dbefb72&expires=1&user_group=5&ssp=pubmatic&bsw_param=7f7495f7-28fe-461f-8799-6a5d3797d4e7 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=7f7495f7-28fe-461f-8799-6a5d3797d4e7&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 526

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=ABA4E9BE-9366-46AF-8704-5C27B54DA2E6&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-aExPBbRE2uXMzkKsfXtaHetFxBdTgKY-~A&gdpr=0&gdpr_consent=

Request Chain 527

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=b07c91c4-cec4-46f1-bf30-0505b25c986b-6339758e-5858&gdpr=0&gdpr_consent=

Request Chain 528

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3799589737759135567&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 529

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:ed7c7830-a26f-4511-87fb-fa86ada9ead6&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

Request Chain 530

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yzl1jET6kH7tABQbQ_Cl4QAABJoAAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yzl1jET6kH7tABQbQ_Cl4QAABJoAAAIB&dcc=t

Request Chain 532

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yzl1jET6kH7tABQbQ_Cl4QAABJoAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEHOowOi1ef0QI5teBzLTMCs&google_cver=1

Request Chain 533

https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7541192142968515385

Request Chain 534

https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=6653584868059426744&expiration=1665919632

Request Chain 535

https://ad.turn.com/r/cs?pid=21 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3799589737759135567

Request Chain 536

https://match.prod.bidr.io/cookie-sync/ie HTTP 303
https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1 HTTP 303
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAK1IE7GcusAAB4UALaRQQ&expiration=1665919632

Request Chain 542

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=N2NjNWI2MTExODNiZDQ1YmY5OTk1ZWE2MWU3MDE5Zjg1ZGRiMTNlZg

Request Chain 543

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhSOURBSUQtMU4tR0RIUA==

Request Chain 544

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/kUgNp0GwC0r6XojBzvQHk8n5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4708496660135880586

Request Chain 545

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8R9DAID-1N-GDHP

Request Chain 546

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=5xhqUaOyRPGUwrES2Fn5hQ&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=5xhqUaOyRPGUwrES2Fn5hQ

Request Chain 547

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECHpEt1BRtNU9_lH5079Xhg&google_cver=1

Request Chain 548

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=35Ny0QHjSKWtUEnTA7fw3g&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=35Ny0QHjSKWtUEnTA7fw3g

Request Chain 549

https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 302
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=8b0dd08cb2e7c58df73197de7d9c1554

Request Chain 551

https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid] HTTP 302
https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1

Request Chain 554

https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID&__user_check__=1&sync_id=2934a1f7-4245-11ed-87cf-13ae17dc0306 HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/spotx/2934a194-4245-11ed-87cf-13ae17dc0306

Request Chain 555

https://b1sync.zemanta.com/usersync/smilewanted?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Foutbrain%2F__ZUID__ HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0

Request Chain 557

https://ups.analytics.yahoo.com/ups/58618/occ?gdpr=0&gdpr_consent= HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/yahoo/y-zzV9z2NE2uHwOQX1fZSHsTqib_8Z6YtDNlmu9Pc-~A&gdpr=0&gdpr_consent=

Request Chain 558

https://u.openx.net/w/1.0/cm?id=158474f5-20ec-4fcc-8ba8-4c101c556b25&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fopenx%2F HTTP 302
https://u.openx.net/w/1.0/cm?cc=1&id=158474f5-20ec-4fcc-8ba8-4c101c556b25&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fopenx%2F HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/openx/078dafc4-ba39-4269-b7ea-71a73eb849ef

569 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.walla.co.il/
Redirect Chain

http://walla.co.il/
https://walla.co.il/
https://www.walla.co.il/

685 KB
311 KB

793ms
381ms

Document
text/html

52.85.24.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.24.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-24-22.cpt52.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: f0264c1beeddb80a82180947cf5cf0874c4d0d9d1491957b45ccb0be15872368

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 27
cache-control: public, max-age=30
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 02 Oct 2022 11:26:38 GMT
etag: W/"ab2d1-KGc2s305BGaC891aoqLJTteWLyI"
server: openresty/1.15.8.1
vary: Accept-Encoding
via: 1.1 ab0eba22e4754ba13cb1d379e26fe642.cloudfront.net (CloudFront)
x-amz-cf-id: Q-Z2dJA-nhYGhbUHXTRqdu7YSL6OwkGloaxItrkvSjJzSG61Gry_aw==
x-amz-cf-pop: CPT52-C1
x-cache: Hit from cloudfront
x-cached: MISS

Redirect headers

age: 13141
content-length: 0
date: Sun, 02 Oct 2022 07:48:04 GMT
location: https://www.walla.co.il/
server: AmazonS3
via: 1.1 2a3d03f915cb6d29f35b8f9edd3b1956.cloudfront.net (CloudFront)
x-amz-cf-id: w-zZPa1eGEws1f9nijkmQTy33FOiTbvSCsNqBFsj3Ed0CNekq0tN3w==
x-amz-cf-pop: VIE50-C1
x-cache: Hit from cloudfront

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 80 KB
28 KB 137ms
57ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c3d5671eb464c4040b864da705012965774556b2515837a216e8f205e257f28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:27:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27690
x-xss-protection: 0
server: sffe
etag: "1351 / 775 of 1000 / last-modified: 1664575501"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 02 Oct 2022 11:27:05 GMT

GET
H2 200 chartbeat_mab.js Show response
static.chartbeat.com/js/ 23 KB
10 KB 51ms
8ms Script
application/x-javascript 2600:9000:223c:1000:18:1fcd:351:7bc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_mab.js
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:1000:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 09:56:34 GMT
content-encoding: gzip
via: 1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)
last-modified: Wed, 20 Jul 2022 00:57:56 GMT
server: nginx
x-amz-cf-pop: FRA56-P2
age: 5430
etag: W/"62d75314-5d6b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-id: KwRjWFG-bMJ0g-imNjV6nfmNPhd9oMnR2WORjal3YiHAc3rg5we1dg==
expires: Sun, 02 Oct 2022 11:56:34 GMT

GET
H2 200 new-logo-mobile.svg
www.walla.co.il/public/assets/homepage2/ 1 KB
974 B 494ms
494ms Image
image/svg+xml 52.85.24.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/homepage2/new-logo-mobile.svg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.24.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-24-22.cpt52.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: a1cb876b8d4ac161aa3960063801ce2a3e1f893863524b9132de74867fe9d16b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 08:34:04 GMT
content-encoding: gzip
via: 1.1 ab0eba22e4754ba13cb1d379e26fe642.cloudfront.net (CloudFront)
last-modified: Sun, 02 Oct 2022 08:12:23 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: CPT52-C1
age: 10381
etag: W/"473-18397c0de58"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-id: rNALgtlwJzB4DzPxuqLxKFczrpLBFcCanEIOFpoimeGw3xYVPpgEmg==
x-cached: HIT

GET
H2 200 icon-weather-mobile.svg
www.walla.co.il/public/assets/icons/ 2 KB
1 KB 390ms
390ms Image
image/svg+xml 52.85.24.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/icons/icon-weather-mobile.svg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.24.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-24-22.cpt52.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: fd3121a04a4b745f71058c38f7902b207de37f86aa3a9674eda80a2baf366382

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 08:34:04 GMT
content-encoding: gzip
via: 1.1 ab0eba22e4754ba13cb1d379e26fe642.cloudfront.net (CloudFront)
last-modified: Sun, 02 Oct 2022 08:12:23 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: CPT52-C1
age: 10381
etag: W/"7ee-18397c0de58"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-id: 5ENbFbMN34UQCqOVpk3wDTq-5rk6jfZa5aufcDMLpGCGZ1wQsIhxMw==
x-cached: HIT

GET
H2 200 icon-mail-no-bg.svg
www.walla.co.il/public/assets/homepage2/ 464 B
830 B 198ms
194ms Image
image/svg+xml 52.85.24.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/homepage2/icon-mail-no-bg.svg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.24.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-24-22.cpt52.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 50795dddaa17612e809ddf339489bc1fdff6f7bcc76115ba6eeb17eccb68eb47

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 08:34:04 GMT
via: 1.1 ab0eba22e4754ba13cb1d379e26fe642.cloudfront.net (CloudFront)
last-modified: Sun, 02 Oct 2022 08:12:23 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: CPT52-C1
age: 10381
etag: W/"1d0-18397c0de58"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 464
x-cached: HIT
x-amz-cf-id: sW_FaKB_ZzC5B5jbE86aaFVgBvhSb2up06iFWgOJkToCAM6S12Py6g==

GET
H2 200 new-logo.svg
www.walla.co.il/public/assets/homepage2/ 1 KB
999 B 201ms
196ms Image
image/svg+xml 52.85.24.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/homepage2/new-logo.svg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.24.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-24-22.cpt52.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: a0321d7f4006d1ef24eb6f33f7252ab8bcbb9237a56c49aad5abe30b085ae3fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 08:33:24 GMT
content-encoding: gzip
via: 1.1 ab0eba22e4754ba13cb1d379e26fe642.cloudfront.net (CloudFront)
last-modified: Sun, 02 Oct 2022 08:12:23 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: CPT52-C1
age: 10421
etag: W/"492-18397c0de58"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-id: tb7GXwBNDBmWzRNX5CLWG4RVui-eEqigXW1PA1BXnaA4uIV3-clE_w==
x-cached: HIT

GET
H2 200 allay-icon.svg
www.walla.co.il/public/assets/icons/ 3 KB
2 KB 204ms
200ms Image
image/svg+xml 52.85.24.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/icons/allay-icon.svg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.24.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-24-22.cpt52.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 06629d4561f4f5300f64a9bd017f09f07617d10fe67e3c82feabd39d52aad534

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 08:34:04 GMT
content-encoding: gzip
via: 1.1 ab0eba22e4754ba13cb1d379e26fe642.cloudfront.net (CloudFront)
last-modified: Sun, 02 Oct 2022 08:12:23 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: CPT52-C1
age: 10381
etag: W/"c00-18397c0de58"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-id: 6go5lstVbxa00qx3hOE5JvPBqqQ7dVMZWUR5MJX8iDXLjcsHucxDZQ==
x-cached: MISS

GET
H2 200 yad2.png
www.walla.co.il/public/assets/icons/ 1 KB
1 KB 201ms
197ms Image
image/png 52.85.24.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/icons/yad2.png
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.24.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-24-22.cpt52.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: a374b60100f2559a33f142d53bf332d5efad58e505683bff5cf0523abacc0274

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 08:34:04 GMT
via: 1.1 ab0eba22e4754ba13cb1d379e26fe642.cloudfront.net (CloudFront)
last-modified: Sun, 02 Oct 2022 08:12:23 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: CPT52-C1
age: 10381
etag: W/"488-18397c0de58"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 1160
x-cached: HIT
x-amz-cf-id: EwaFaiDC_mS6gycZCuegz8lpsGcLi7itCGPLouHNr-1SDJGVr0H_Sw==

GET
H2 200 3400070-46.jpeg
images.wcdn.co.il/f_auto,q_auto,w_700,t_54/3/4/0/0/ 11 KB
11 KB 41ms
10ms Image
image/avif 18.66.122.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wcdn.co.il/f_auto,q_auto,w_700,t_54/3/4/0/0/3400070-46.jpeg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-50.fra60.r.cloudfront.net
Software: cloudinary /
Resource Hash: 23d70cd1ccab603b01db08ca5f6d1d871322cf2020f50346a8804ec2d9ef09f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 10:43:44 GMT
via: 1.1 varnish, 1.1 1aa52a2a71a599aaf6b3df3a9c53b268.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 2601
edge-cache-tag: 364361711753622708795911296849741449125,118291521066828225852529435541574966377,d2bce9e04f88d43dd8350e859c701704
cache-tag: 364361711753622708795911296849741449125,118291521066828225852529435541574966377,d2bce9e04f88d43dd8350e859c701704
status: 200 OK
x-cache: Hit from cloudfront
content-length: 10774
x-request-id: 021c9a80c5a5df469181594e26857b10
x-served-by: cache-iad-kiad7000033-IAD
last-modified: Sun, 02 Oct 2022 10:43:45 GMT
server: cloudinary
x-timer: S1664707422.959049,VS0,VE2120
etag: "7a57be0563f9c2b454019c9615a8939a"
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: uvvcvjSN2Dhe5BJh5-xaUp0FSJr_pBUz1rG6m-mx6U_MtRfEZT_-mA==
x-cache-hits: 0

GET
H2 200 invalid-name2.svg
www.walla.co.il/public/assets/shivuki/ 2 KB
1 KB 206ms
202ms Image
image/svg+xml 52.85.24.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/shivuki/invalid-name2.svg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.24.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-24-22.cpt52.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: ce3152168290b1b92efe3a9ec4ee91acf3b91397b117aecaa158ae938bb826f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 08:34:04 GMT
content-encoding: gzip
via: 1.1 ab0eba22e4754ba13cb1d379e26fe642.cloudfront.net (CloudFront)
last-modified: Sun, 02 Oct 2022 08:12:23 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: CPT52-C1
age: 10381
etag: W/"834-18397c0de58"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-id: _8EyXsC92qiTDUliKUmjxIvYdTQbQacXiYDSeJcKtSYpVePVQFEY1A==
x-cached: HIT

GET
H2 200 103fm.png
www.walla.co.il/public/assets/homepage2/radio-stations/ 895 B
1 KB 201ms
198ms Image
image/png 52.85.24.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/homepage2/radio-stations/103fm.png
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.24.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-24-22.cpt52.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: e28df0d1ecf0a67bfe7db32c3aafada6f839721734581e6a36cd5a5fcdf55fdb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 08:34:26 GMT
via: 1.1 ab0eba22e4754ba13cb1d379e26fe642.cloudfront.net (CloudFront)
last-modified: Sun, 02 Oct 2022 08:12:23 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: CPT52-C1
age: 10359
etag: W/"37f-18397c0de58"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 895
x-cached: HIT
x-amz-cf-id: jwWJvwgUgSqCSbhLVDO1SLxGh7xKFxcqcxgTMzJU4oLoAK5SzxQlPw==

GET
H2 200 99fm.png
www.walla.co.il/public/assets/homepage2/radio-stations/ 933 B
1 KB 202ms
199ms Image
image/png 52.85.24.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/homepage2/radio-stations/99fm.png
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.24.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-24-22.cpt52.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 3008b4354e1b60f29f320cfa65b9725167ad632656392673a4785d836bf3f14d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 08:34:04 GMT
via: 1.1 ab0eba22e4754ba13cb1d379e26fe642.cloudfront.net (CloudFront)
last-modified: Sun, 02 Oct 2022 08:12:23 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: CPT52-C1
age: 10381
etag: W/"3a5-18397c0de58"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 933
x-cached: HIT
x-amz-cf-id: eloM8FEVOuPfrDTC7J-fYEpCSTHkSKzrwCzhaLwtRJ1hEakQ4lANjw==

GET
H2 200 3440480-46.jpeg
images.wcdn.co.il/f_auto,q_auto,w_300,t_100/3/4/4/0/ 93 KB
94 KB 42ms
11ms Image
image/avif 18.66.122.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wcdn.co.il/f_auto,q_auto,w_300,t_100/3/4/4/0/3440480-46.jpeg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-50.fra60.r.cloudfront.net
Software: cloudinary /
Resource Hash: ac6ab2ce65b14559e324acee45e5732079c91102c8f19dcae6a8b7aeaf2490ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 07:38:40 GMT
via: 1.1 varnish, 1.1 1aa52a2a71a599aaf6b3df3a9c53b268.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 13705
edge-cache-tag: 232757342419372516763630598189928302127,250042840635848636171648228462440373188,d2bce9e04f88d43dd8350e859c701704
cache-tag: 232757342419372516763630598189928302127,250042840635848636171648228462440373188,d2bce9e04f88d43dd8350e859c701704
status: 200 OK
x-cache: Hit from cloudfront
content-length: 95358
x-request-id: d082d3f15b7252b6775ab475b3660ad8
x-served-by: cache-iad-kjyo7100175-IAD
last-modified: Sun, 02 Oct 2022 07:38:30 GMT
server: cloudinary
x-timer: S1664696321.556820,VS0,VE1
etag: "29e614cf22c3f095287956ce7bceb165"
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: JXmVBPjEIynjz5A2N62qxhgFsgdicE6Tr2zpaB0JsYPo80lArTc44Q==
x-cache-hits: 1

GET
H2 200 3359196-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_100,t_53/3/3/5/9/ 2 KB
3 KB 67ms
36ms Image
image/avif 18.66.122.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wcdn.co.il/f_auto,q_auto,w_100,t_53/3/3/5/9/3359196-46.jpg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-50.fra60.r.cloudfront.net
Software: cloudinary /
Resource Hash: e058125fea13e01d2d935dd699e91dda08a15db9c1cdbd839f65b9da839166b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 04:21:44 GMT
via: 1.1 varnish, 1.1 1aa52a2a71a599aaf6b3df3a9c53b268.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 284721
edge-cache-tag: 152352453697148817813912982657591676432,126791851644153346182560705225699570347,d2bce9e04f88d43dd8350e859c701704
cache-tag: 152352453697148817813912982657591676432,126791851644153346182560705225699570347,d2bce9e04f88d43dd8350e859c701704
status: 200 OK
x-cache: Hit from cloudfront
content-length: 2143
x-request-id: e6a5963719fd4da09ed191d2bbd43f4b
x-served-by: cache-lga21974-LGA
last-modified: Thu, 29 Sep 2022 04:21:45 GMT
server: cloudinary
x-timer: S1664425304.002506,VS0,VE555
etag: "5c010e0b0130e7be5a26ceb7b9149a4f"
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: K0mV3YWWY0NW2c3CxQgYTluiFjWQ9HZYr52Twngxa7J641Tw29HGrA==
x-cache-hits: 0

GET
H2 200 3341171-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_100,t_53/3/3/4/1/ 4 KB
5 KB 72ms
42ms Image
image/avif 18.66.122.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wcdn.co.il/f_auto,q_auto,w_100,t_53/3/3/4/1/3341171-46.jpg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-50.fra60.r.cloudfront.net
Software: cloudinary /
Resource Hash: d77d27666cbecfe4cd9149a720ac6abe85c7cae793ae3c90fbfbb608df84d54d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 06:48:20 GMT
via: 1.1 varnish, 1.1 1aa52a2a71a599aaf6b3df3a9c53b268.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 1053525
edge-cache-tag: 427256996032750856864594949422871261604,126791851644153346182560705225699570347,d2bce9e04f88d43dd8350e859c701704
cache-tag: 427256996032750856864594949422871261604,126791851644153346182560705225699570347,d2bce9e04f88d43dd8350e859c701704
status: 200 OK
x-cache: Hit from cloudfront
content-length: 4386
x-request-id: 783865d3ebad0f02bff634e75595f089
x-served-by: cache-iad-kiad7000114-IAD
last-modified: Tue, 20 Sep 2022 06:48:21 GMT
server: cloudinary
x-timer: S1663656500.088393,VS0,VE734
etag: "e058d4498910311c89f1e7317465267b"
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: pobTTdar4zt4-f7__86CFhuL8bZiJvl9i3__huoH7Aj1XZTI4Ukh0w==
x-cache-hits: 0

GET
H2 200 3425986-46.jpg
images.wcdn.co.il//3/4/2/5/ 35 KB
36 KB 69ms
39ms Image
image/jpeg 18.66.122.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wcdn.co.il//3/4/2/5/3425986-46.jpg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-50.fra60.r.cloudfront.net
Software: cloudinary /
Resource Hash: e90afefe008174901648b6984e3849d61ab51fcd2f9c260cb182f1b9eded2b4f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 13:08:35 GMT
via: 1.1 varnish, 1.1 1aa52a2a71a599aaf6b3df3a9c53b268.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 3017910
edge-cache-tag: 354062088052095449999837282067072178970,d2bce9e04f88d43dd8350e859c701704
cache-tag: 354062088052095449999837282067072178970,d2bce9e04f88d43dd8350e859c701704
x-cache: Hit from cloudfront
content-length: 35924
x-served-by: cache-lga21964-LGA
last-modified: Thu, 25 Aug 2022 07:06:31 GMT
server: cloudinary
x-timer: S1661692115.029574,VS0,VE1
etag: "e8ad9a497fd64fdf8908a78fca482108"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: x_uAzqnvdZ9kQKt5vy8sBcLBrV4P7mbB19lWF-LQxjnD8jeXzA791A==
x-cache-hits: 1

GET
H2 200 liga-banner-desktop.png
www.walla.co.il/public/assets/sport/ 294 KB
295 KB 219ms
216ms Image
image/png 52.85.24.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/sport/liga-banner-desktop.png
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.24.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-24-22.cpt52.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 8674c690e379aa2d7f8f84624402dc41902336d4c7044a931e34e247839463a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 08:33:51 GMT
via: 1.1 ab0eba22e4754ba13cb1d379e26fe642.cloudfront.net (CloudFront)
last-modified: Sun, 02 Oct 2022 08:12:23 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: CPT52-C1
age: 10394
etag: W/"499a6-18397c0de58"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 301478
x-cached: HIT
x-amz-cf-id: WDJSKb3FlRR4ImsWL1bNTkxUa88KoFS8dSOKecis_-qDHqh_ewAfqw==

GET
H2 200 mishpati.png
www.walla.co.il/public/assets/icons/homepage/ 4 KB
4 KB 249ms
246ms Image
image/png 52.85.24.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/icons/homepage/mishpati.png
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.24.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-24-22.cpt52.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 03baca21d7a98bc118436bcb698ecaafefff81373d472afdf259fdfe3f5c1a03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 08:34:04 GMT
via: 1.1 ab0eba22e4754ba13cb1d379e26fe642.cloudfront.net (CloudFront)
last-modified: Sun, 02 Oct 2022 08:12:23 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: CPT52-C1
age: 10381
etag: W/"f8c-18397c0de58"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 3980
x-cached: HIT
x-amz-cf-id: l_evqyQ2eXSIKzKL1SOLwrn7yLLNvgVONrwcM_ESv4C58wGUWyJLig==

GET
H2 200 3329203-46.png
img.wcdn.co.il/f_auto,w_66/3/3/2/9/ 732 B
1 KB 598ms
192ms Image
image/png 52.85.24.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.wcdn.co.il/f_auto,w_66/3/3/2/9/3329203-46.png
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.24.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-24-59.cpt52.r.cloudfront.net
Software: cloudinary /
Resource Hash: de6bf035e9195f0b9f69ddc8a8a0431deaa22504c56412d03dd103beb35ab2d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 15 Jan 2022 17:18:45 GMT
via: 1.1 varnish, 1.1 8ffdf81445705ce3cff3276f061fa880.cloudfront.net (CloudFront)
x-amz-cf-pop: CPT52-C1
age: 22442901
edge-cache-tag: 315444705734958248972687902270172938779,275138840448101508428674266858349850681,d2bce9e04f88d43dd8350e859c701704
cache-tag: 315444705734958248972687902270172938779,275138840448101508428674266858349850681,d2bce9e04f88d43dd8350e859c701704
x-cache: Hit from cloudfront
content-length: 732
x-served-by: cache-wdc5543-WDC
last-modified: Mon, 03 Jan 2022 09:47:54 GMT
server: cloudinary
x-timer: S1642267126.706756,VS0,VE1
etag: "79624ac971cffa490d9827a952393183"
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: MDiT0dd4rLs6bvm1qeou7TD9fYB2xYWllhmx8hrL4HY5pTX4nyD0UQ==
x-cache-hits: 1

GET
H2 200 career.jpg
www.walla.co.il/public/assets/icons/homepage/ 3 KB
3 KB 390ms
388ms Image
image/jpeg 52.85.24.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/icons/homepage/career.jpg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.24.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-24-22.cpt52.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: edd4d9c515c398baf420a025641816721bdc7f67945144fe15a1058f6c75e667

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 08:34:04 GMT
via: 1.1 ab0eba22e4754ba13cb1d379e26fe642.cloudfront.net (CloudFront)
last-modified: Sun, 02 Oct 2022 08:12:23 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: CPT52-C1
age: 10381
etag: W/"be7-18397c0de58"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 3047
x-cached: HIT
x-amz-cf-id: IGL8aeY1Ud2_sYSLNfwT2l7PqJ_-6ahMXIGeXx_Om01q-j7jI2rlww==

GET
H2 200 mazaltov-logo-new.png
www.walla.co.il/public/assets/icons/homepage/ 2 KB
3 KB 392ms
389ms Image
image/png 52.85.24.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/icons/homepage/mazaltov-logo-new.png
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.24.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-24-22.cpt52.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 9c2fff24329f1fe904135f52256900469efd1e77ae3da4b0f528094cd2123e1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 08:34:04 GMT
via: 1.1 ab0eba22e4754ba13cb1d379e26fe642.cloudfront.net (CloudFront)
last-modified: Sun, 02 Oct 2022 08:12:23 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: CPT52-C1
age: 10381
etag: W/"9ce-18397c0de58"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 2510
x-cached: HIT
x-amz-cf-id: KK2Kctr9ZXuL4SDLoAHg63z_xNQX3ijOLBght9EutnGRvvkxJ3JFSg==

GET
H2 200 new-logo-walla-negativ.png
www.walla.co.il/public/assets/icons/ 636 B
998 B 395ms
393ms Image
image/png 52.85.24.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/icons/new-logo-walla-negativ.png
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.24.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-24-22.cpt52.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: f6a69ae74374cd68efa0256c89a99d1cccbb7095e33ffb88d1ae54ee900d4741

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 08:34:04 GMT
via: 1.1 ab0eba22e4754ba13cb1d379e26fe642.cloudfront.net (CloudFront)
last-modified: Sun, 02 Oct 2022 08:12:23 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: CPT52-C1
age: 10381
etag: W/"27c-18397c0de58"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 636
x-cached: HIT
x-amz-cf-id: cEnoT3xiAUvKq4gnyUWfLTLlULb7f7TuNCmRN4Q_I2rS9F-w-cuTCg==

GET
H2 200 pubads_impl_2022092701.js Show response
securepubads.g.doubleclick.net/gpt/ 378 KB
129 KB 101ms
23ms Script
text/javascript 142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34c9ee51c2dd7fafb4df5f5e0bbb0a2a3508db0692f97b90b44ab89a50a545ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Fri, 30 Sep 2022 01:26:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 208843
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131011
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 08:38:39 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 30 Sep 2023 01:26:22 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 926 B
936 B 122ms
45ms XHR
application/json 142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.walla.co.il

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c71e3a6115b72afd9b3e67dfaf7a93fc16df44c968b5752c91871dee966cd92b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:27:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 300
x-xss-protection: 0
expires: Sun, 02 Oct 2022 11:27:05 GMT

GET
H2 200 walla-v2-prod.js Show response
cdn.valuad.cloud/hb/ 895 KB
242 KB 244ms
154ms Script
application/javascript 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1664668800000

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

515e3e6e09f6b0ad8436d1dda33a7a689e7ef111ad485ce26bb36f209f540da4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:27:05 GMT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
last-modified: Thu, 22 Sep 2022 14:19:12 GMT
x-amz-request-id: tx00000000000001f73c351-0063394123-2b9df863-fra1a
etag: "c632ebf889ba989871a1f5d72dd028e5"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1664710025.dop139.fr8.t,1664710025.cds055.fr8.hn,1664710025.cds257.fr8.c
content-type: application/javascript
x-rgw-object-type: Normal
cache-control: public, max-age=86400
accept-ranges: bytes
content-length: 247104

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 97 KB
29 KB 41ms
8ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/674C) /
Resource Hash: 9bd8dcc115a0e9fce94520cecad5254352b86d55bca2506833057bb52e87ee1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Sun, 02 Oct 2022 11:27:05 GMT
Content-Encoding: gzip
Age: 145
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length: 29223
x-amzn-internal-status: 304
Last-Modified: Wed, 28 Sep 2022 20:05:37 GMT
Server: ECS (frb/674C)
Etag: "f26384f93da6974ed577808dfa1fede5+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 385 KB
77 KB 52ms
27ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T728TH

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ad8a9ca756d376062b9b0a06d12cd72f07d011805f194f61eccc0e12cfd65023

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:27:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 78275
x-xss-protection: 0
last-modified: Sun, 02 Oct 2022 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 02 Oct 2022 11:27:05 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 436 KB
63 KB 42ms
17ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WGMK7ZS

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9000202147e54fa28dc6fc15536bb302d30d39a975b720688dade9da8185f49c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:27:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63735
x-xss-protection: 0
last-modified: Sun, 02 Oct 2022 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 02 Oct 2022 11:27:05 GMT

GET
H2 200 wallawb.js Show response
cf.dxmcdn.com/dta/ 4 KB
2 KB 79ms
8ms Script
application/javascript 2600:9000:2240:5000:11:da61:a100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cf.dxmcdn.com/dta/wallawb.js
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:5000:11:da61:a100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 94c0a6a1ca27813a96c8286b7e1e6dee5b6af23babad416606784366748417b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-amz-version-id: qZmD6iSiSNKopHEgv3XRn4Et4epkBb1Z
content-encoding: gzip
via: 1.1 0dec5f752f0f332c449471a83f050dd2.cloudfront.net (CloudFront)
date: Sun, 02 Oct 2022 05:13:23 GMT
last-modified: Sun, 29 May 2022 13:46:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 22454
etag: W/"c6a8b1a7ee5ce83efe089c14c99eefad"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: NYXpQ-CaKvE0p4qhQGLFyhA690jZfqArKS1XBzCFLuDr_X9TLRrLMw==

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 37 KB
15 KB 9ms
8ms Script
application/x-javascript 2600:9000:223c:1000:18:1fcd:351:7bc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:1000:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 300706e57de1a7af148bd670379c4b39bb36dda8160e42d92747a3139af37816

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 10:39:39 GMT
content-encoding: gzip
via: 1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)
last-modified: Wed, 20 Jul 2022 00:50:34 GMT
server: nginx
x-amz-cf-pop: FRA56-P2
age: 2846
etag: W/"62d7515a-933f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-id: B-9DNoFYBBBYEVV4FW0CO2nVKcqLsJ_-XNRUtpsG1ToD7DPBSdiArg==
expires: Sun, 02 Oct 2022 12:39:39 GMT

GET
H2 200 google.gif
www.walla.co.il/public/assets/icons/ 1 KB
2 KB 389ms
388ms Image
image/gif 52.85.24.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/icons/google.gif
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.24.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-24-22.cpt52.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: a9556451882c7b86d689ee82a86c2b360cf0acea6d92a4165c80054371e52336

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 08:34:12 GMT
via: 1.1 ab0eba22e4754ba13cb1d379e26fe642.cloudfront.net (CloudFront)
last-modified: Sun, 02 Oct 2022 08:12:23 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: CPT52-C1
age: 10373
etag: W/"5b6-18397c0de58"
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 1462
x-cached: HIT
x-amz-cf-id: -1uLIa68bgayZs5PBBhFFXD3Ccp5CYntQCOjjnqRdTIvg0t3IHCDRw==

GET
H2 200 icon-serch.svg
www.walla.co.il/public/assets/homepage2/ 743 B
1 KB 389ms
388ms Image
image/svg+xml 52.85.24.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/homepage2/icon-serch.svg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.24.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-24-22.cpt52.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: b7ee2e2c1f36198a263d4d442d6752e78d61fecd54473cb5c1c3dbb8b6053817

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 08:34:12 GMT
via: 1.1 ab0eba22e4754ba13cb1d379e26fe642.cloudfront.net (CloudFront)
last-modified: Sun, 02 Oct 2022 08:12:23 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: CPT52-C1
age: 10373
etag: W/"2e7-18397c0de58"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 743
x-cached: HIT
x-amz-cf-id: tzBJVNv-OfvzsRmieuAVk-iMesJNNh7IejphMf68rMqVkyV3Ixescg==

GET
H2 200 icon-5-g.svg
www.walla.co.il/public/assets/icons/ 3 KB
1 KB 390ms
389ms Image
image/svg+xml 52.85.24.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/icons/icon-5-g.svg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.24.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-24-22.cpt52.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 9e3035b7f5b0074bf8401e498b2160a29e3f13741f03e537ad98e9a1836a701f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 08:34:04 GMT
content-encoding: gzip
via: 1.1 ab0eba22e4754ba13cb1d379e26fe642.cloudfront.net (CloudFront)
last-modified: Sun, 02 Oct 2022 08:12:23 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: CPT52-C1
age: 10381
etag: W/"b30-18397c0de58"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-id: j3fV59rK1Z5jdpZQFneAeeO7p7jG5nHUlp0EBLxT0OqbpLTIb44Jng==
x-cached: MISS

GET
H2 200 icon-wather.svg
www.walla.co.il/public/assets/icons/ 2 KB
1 KB 390ms
389ms Image
image/svg+xml 52.85.24.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/icons/icon-wather.svg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.24.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-24-22.cpt52.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: c2095f6920579eb6938ef2ddecc5652d5a9557555a32b019969e329a93731897

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 08:34:12 GMT
content-encoding: gzip
via: 1.1 ab0eba22e4754ba13cb1d379e26fe642.cloudfront.net (CloudFront)
last-modified: Sun, 02 Oct 2022 08:12:23 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: CPT52-C1
age: 10373
etag: W/"85c-18397c0de58"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-id: 4Sx7xSIiBpG31GxJEeoudL8W-nzUDec3akZOZG4sMW4h92JThJIanQ==
x-cached: HIT

GET
H2 200 icon-mail-empty.svg
www.walla.co.il/public/assets/homepage2/ 1 KB
1 KB 390ms
390ms Image
image/svg+xml 52.85.24.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/homepage2/icon-mail-empty.svg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.24.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-24-22.cpt52.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 56dc3f20e9bfd5faaa6cb74b9e2b1c4f6ef120732aa1f111b56e988123800fbd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 08:34:12 GMT
content-encoding: gzip
via: 1.1 ab0eba22e4754ba13cb1d379e26fe642.cloudfront.net (CloudFront)
last-modified: Sun, 02 Oct 2022 08:12:23 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: CPT52-C1
age: 10372
etag: W/"5f6-18397c0de58"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-id: Bs_XPJ_s8u6wXGCbGMgWCk0HEieIWQ31q_iMXALUT5ZxNmYEPWeUzw==
x-cached: HIT

GET
H2 200 almoni-neue-aaa-600.woff
www.walla.co.il/public/font/almoni/ 58 KB
59 KB 391ms
391ms Font
font/woff 52.85.24.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.walla.co.il/public/font/almoni/almoni-neue-aaa-600.woff
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.24.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-24-22.cpt52.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 963bd10345f70bf05d8735d5e33a7586d1c4b5e8a5b45861d36febe8be0d9af8

Request headers

Referer: https://www.walla.co.il/
Origin: https://www.walla.co.il
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 08:33:38 GMT
via: 1.1 ab0eba22e4754ba13cb1d379e26fe642.cloudfront.net (CloudFront)
last-modified: Sun, 02 Oct 2022 08:12:23 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: CPT52-C1
age: 10407
etag: W/"e954-18397c0de58"
x-cache: Hit from cloudfront
content-type: font/woff
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 59732
x-cached: HIT
x-amz-cf-id: tmdbwnXU6yXFUs6MXd8qO10YS3ZoyIRN2FmpdEMcvSqSNKQoYtPtRg==

GET
H2 200 / Show response
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 6 KB
2 KB 74ms
7ms XHR
application/json 2a04:4e42:200::714
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=walla.co.il&domain=walla.co.il&path=%2F
Requested by: Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e4e77926a7a5e67880907a14980aa10355ae4fd4da1f318f007f77399d6fe907

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-cache-hits: 16
date: Sun, 02 Oct 2022 11:27:05 GMT
content-encoding: gzip
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
age: 118
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1337
x-served-by: cache-hhn4028-HHN
x-timer: S1664710026.775904,VS0,VE0
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges: bytes
expires: Fri, 30 Sep 2022 11:25:07 GMT

GET
H2 206 3426036-46.mp4
images.wcdn.co.il/q_auto,w_300,t_54/3/4/2/6/ 139 KB
140 KB 35ms
34ms Media
video/mp4 18.66.122.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.wcdn.co.il/q_auto,w_300,t_54/3/4/2/6/3426036-46.mp4
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-50.fra60.r.cloudfront.net
Software: cloudinary /
Resource Hash: 29144c197d191dbff68f455261d6d174ef9650efccde204e7ac920c1196e1e4a

Request headers

Referer: https://www.walla.co.il/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Range: bytes=0-

Response headers

date: Mon, 05 Sep 2022 10:38:07 GMT
via: 1.1 varnish, 1.1 1aa52a2a71a599aaf6b3df3a9c53b268.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 2335738
edge-cache-tag: 387766428688420191316326096545705257677,297971540058848560575371772229170621855,d2bce9e04f88d43dd8350e859c701704
cache-tag: 387766428688420191316326096545705257677,297971540058848560575371772229170621855,d2bce9e04f88d43dd8350e859c701704
status: 206 Partial Content
x-cache: Hit from cloudfront
Content-Range: bytes 0-142672/142673
Content-Length: 142673
x-request-id: fe6bd8861d583cf1ef6be268f74a0cbf
x-ua-compatible: IE=Edge,chrome=1
x-served-by: cache-iad-kiad7000137-IAD
last-modified: Mon, 05 Sep 2022 10:38:08 GMT
server: cloudinary
x-timer: S1662374274.815570,VS0,VE13421
etag: "97a5e256bb482fe9a16adec58248ae91"
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: UJuNU2SeaB7dcwkndycD-d0_BibUqz_k4tLMUsPAQE5g2B-AnYvXbQ==
x-cache-hits: 0

GET
H2 206 3426036-46.mp4
images.wcdn.co.il/q_auto,w_300,t_54/3/4/2/6/ 139 KB
140 KB 36ms
35ms Media
video/mp4 18.66.122.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.wcdn.co.il/q_auto,w_300,t_54/3/4/2/6/3426036-46.mp4
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-50.fra60.r.cloudfront.net
Software: cloudinary /
Resource Hash: 29144c197d191dbff68f455261d6d174ef9650efccde204e7ac920c1196e1e4a

Request headers

Referer: https://www.walla.co.il/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Range: bytes=0-

Response headers

date: Mon, 05 Sep 2022 10:38:07 GMT
via: 1.1 varnish, 1.1 1aa52a2a71a599aaf6b3df3a9c53b268.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 2335738
edge-cache-tag: 387766428688420191316326096545705257677,297971540058848560575371772229170621855,d2bce9e04f88d43dd8350e859c701704
cache-tag: 387766428688420191316326096545705257677,297971540058848560575371772229170621855,d2bce9e04f88d43dd8350e859c701704
status: 206 Partial Content
x-cache: Hit from cloudfront
Content-Range: bytes 0-142672/142673
Content-Length: 142673
x-request-id: fe6bd8861d583cf1ef6be268f74a0cbf
x-ua-compatible: IE=Edge,chrome=1
x-served-by: cache-iad-kiad7000137-IAD
last-modified: Mon, 05 Sep 2022 10:38:08 GMT
server: cloudinary
x-timer: S1662374274.815570,VS0,VE13421
etag: "97a5e256bb482fe9a16adec58248ae91"
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: yiZdOzgoNDJxNnQHjBfcTIRnEzBQSSWQ7WUQH_p3bdw57c7NNZN7mA==
x-cache-hits: 0

GET
H2 200 arrow-forward.svg
www.walla.co.il/public/assets/homepage2/ 475 B
840 B 430ms
425ms Image
image/svg+xml 52.85.24.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/homepage2/arrow-forward.svg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.24.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-24-22.cpt52.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 00df84c0176ae68719671b3cf670d45da854c8e4b092eb72eb0b36f6737ae111

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 08:34:12 GMT
via: 1.1 ab0eba22e4754ba13cb1d379e26fe642.cloudfront.net (CloudFront)
last-modified: Sun, 02 Oct 2022 08:12:23 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: CPT52-C1
age: 10373
etag: W/"1db-18397c0de58"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 475
x-cached: HIT
x-amz-cf-id: b5GqegTmeH95fy5lcgm_TQF5QD2k9bdnKhRLFl6mGPOUuwAivle5rg==

GET
H2 200 walla-sprite.svg
www.walla.co.il/public/assets/icons/ 19 KB
6 KB 380ms
376ms Image
image/svg+xml 52.85.24.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/icons/walla-sprite.svg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.24.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-24-22.cpt52.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 3241bf3866d5c2c02fd32bc792aa155f587efc0780ad197d0040d3377ff5af3f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 08:34:12 GMT
content-encoding: gzip
via: 1.1 ab0eba22e4754ba13cb1d379e26fe642.cloudfront.net (CloudFront)
last-modified: Sun, 02 Oct 2022 08:12:23 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: CPT52-C1
age: 10373
etag: W/"4a05-18397c0de58"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-id: MXqqm-3n-dw-Pp4bXjS-6s4OAoGx720xHBXLsPl6jWwoARmW-kXpVg==
x-cached: HIT

GET
H2 200 icons-play-live.svg
www.walla.co.il/public/assets/icons/ 298 B
665 B 380ms
376ms Image
image/svg+xml 52.85.24.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/icons/icons-play-live.svg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.24.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-24-22.cpt52.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: e8edb024e688dad4a4dbb15cc90e7cbcae1f1426f34ddb2c22523625f46aafde

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 08:34:12 GMT
via: 1.1 ab0eba22e4754ba13cb1d379e26fe642.cloudfront.net (CloudFront)
last-modified: Sun, 02 Oct 2022 08:12:23 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: CPT52-C1
age: 10373
etag: W/"12a-18397c0de58"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 298
x-cached: HIT
x-amz-cf-id: bLY2-4YzlE3kOz6wXzD1PdQmZayLFFaEQBWLrnL75XSLBsC1uFLZBg==

GET
H2 200 play103fm.svg
www.walla.co.il/public/assets/homepage2/radio-stations/ 409 B
775 B 429ms
427ms Image
image/svg+xml 52.85.24.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/homepage2/radio-stations/play103fm.svg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.24.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-24-22.cpt52.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: f20eeef8fb712ad2bf5e21dfe5944ab2b62010e44ffa8f79a3bfa354973ab517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 08:34:12 GMT
via: 1.1 ab0eba22e4754ba13cb1d379e26fe642.cloudfront.net (CloudFront)
last-modified: Sun, 02 Oct 2022 08:12:23 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: CPT52-C1
age: 10372
etag: W/"199-18397c0de58"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 409
x-cached: HIT
x-amz-cf-id: rxhi_reH7MI4DuN84_B9CguLND13YiWUF7haDzYPnru5G8abvg6qRw==

GET
H2 200 play99fm.svg
www.walla.co.il/public/assets/homepage2/radio-stations/ 409 B
775 B 428ms
426ms Image
image/svg+xml 52.85.24.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/homepage2/radio-stations/play99fm.svg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.24.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-24-22.cpt52.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: e5bf77a4605d9bb4c0ecfc1127ab95009dc2fa6ec763418424cf36f523db8e08

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 08:34:12 GMT
via: 1.1 ab0eba22e4754ba13cb1d379e26fe642.cloudfront.net (CloudFront)
last-modified: Sun, 02 Oct 2022 08:12:23 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: CPT52-C1
age: 10373
etag: W/"199-18397c0de58"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 409
x-cached: HIT
x-amz-cf-id: 0HWYTmumJyPFakvA-5T-gD_bBuggF0V8LDchpNgKTgn0-vk2-nVRoQ==

GET
H2 200 wallaicons.woff
www.walla.co.il/public/font/fonticon/ 15 KB
15 KB 363ms
359ms Font
font/woff 52.85.24.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.walla.co.il/public/font/fonticon/wallaicons.woff
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.24.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-24-22.cpt52.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 5927b526dea517c6d58a54685beb027c35c2f7dfef38f318d487ff4275d3913a

Request headers

Referer: https://www.walla.co.il/
Origin: https://www.walla.co.il
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 08:34:27 GMT
via: 1.1 ab0eba22e4754ba13cb1d379e26fe642.cloudfront.net (CloudFront)
last-modified: Sun, 02 Oct 2022 08:12:23 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: CPT52-C1
age: 10358
etag: W/"3bdc-18397c0de58"
x-cache: Hit from cloudfront
content-type: font/woff
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 15324
x-cached: HIT
x-amz-cf-id: 0kkXVHAfcAtCMHttBzKkFUcCy7quElrZlfQ3bEGumAj1AZkWadtStw==

GET
H2 200 almoni-neue-aaa-500.woff
www.walla.co.il/public/font/almoni/ 58 KB
58 KB 369ms
365ms Font
font/woff 52.85.24.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.walla.co.il/public/font/almoni/almoni-neue-aaa-500.woff
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.24.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-24-22.cpt52.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 3ce180dce4e114166047284e549a6dae0c28ec609c5539920da8fa3a0c6a9034

Request headers

Referer: https://www.walla.co.il/
Origin: https://www.walla.co.il
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 08:34:27 GMT
via: 1.1 ab0eba22e4754ba13cb1d379e26fe642.cloudfront.net (CloudFront)
last-modified: Sun, 02 Oct 2022 08:12:23 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: CPT52-C1
age: 10358
etag: W/"e7c0-18397c0de58"
x-cache: Hit from cloudfront
content-type: font/woff
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 59328
x-cached: MISS
x-amz-cf-id: rrnq59H-Z5p1cUsHOqLj9TuzZWzKOgqxnOO3Q03pQnvkraQyKId9Ug==

GET
H2 200 almoni-neue-aaa-700.woff
www.walla.co.il/public/font/almoni/ 59 KB
59 KB 390ms
387ms Font
font/woff 52.85.24.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.walla.co.il/public/font/almoni/almoni-neue-aaa-700.woff
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.24.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-24-22.cpt52.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: bfde7d8c3faf39da42713b587dbed55d088a5afc1664a79565a8391735c63df1

Request headers

Referer: https://www.walla.co.il/
Origin: https://www.walla.co.il
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 08:34:27 GMT
via: 1.1 ab0eba22e4754ba13cb1d379e26fe642.cloudfront.net (CloudFront)
last-modified: Sun, 02 Oct 2022 08:12:23 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: CPT52-C1
age: 10358
etag: W/"ea00-18397c0de58"
x-cache: Hit from cloudfront
content-type: font/woff
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 59904
x-cached: MISS
x-amz-cf-id: EgbfD7himAkuwJ9ywCwjkxjMRUgwh_1824HzMXMCryTfHRx97S2cfQ==

GET
H2 403 bdbae668-c577-4545-8fc2-4ad4eab52b2c-web.js
cdn.permutive.com/ 0
0 74ms
19ms Script
text/html 104.19.150.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.permutive.com/bdbae668-c577-4545-8fc2-4ad4eab52b2c-web.js?d=2022-10-02
Requested by: Host: cf.dxmcdn.com
URL: https://cf.dxmcdn.com/dta/wallawb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.150.54 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

GET
H2 200 kahoona-idx-live.js Show response
d2r08ja41ypc0t.cloudfront.net/WALLA/ 13 KB
5 KB 41ms
7ms Script
application/javascript 2600:9000:223e:8000:4:1c73:c740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2r08ja41ypc0t.cloudfront.net/WALLA/kahoona-idx-live.js
Requested by: Host: cf.dxmcdn.com
URL: https://cf.dxmcdn.com/dta/wallawb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:8000:4:1c73:c740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a7366672c7309113ce12beb12478774bc7ed93bc3f066f38bb3bf5c57485e47f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-amz-version-id: fJ6OxwQ2i6ClHgUlktD21ZZFhrK13sEw
content-encoding: gzip
via: 1.1 803246727539350977d724c9e4a027c6.cloudfront.net (CloudFront)
date: Sun, 02 Oct 2022 04:23:46 GMT
last-modified: Sun, 04 Sep 2022 17:48:46 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 25412
etag: W/"3891a35af9cd00643f2e83d64997acba"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: X4QQ4QwcJSJjOGRwibYTJktBf6f2yj2w7VrV1WpyNDdsYcUIqsWUPA==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 101 KB
27 KB 24ms
8ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

00a92494627ed8f758972b7dc47b3af186497c0637ea867a33fdb604c1548674

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 02 Oct 2022 11:27:05 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26840
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: tM69xJJkXpCLdMJ23CNHe3RRDVMlaB2ZyHPftVleXoyU+djGOPU26mNABq9EkTtJIu31Nk1PCl2IunsbtpCfoQ==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 99ms
26ms Script
text/javascript 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T728TH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 02 Oct 2022 10:27:31 GMT
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
server: Golfe2
age: 3574
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19826
expires: Sun, 02 Oct 2022 12:27:31 GMT

GET
H2 200 148_248b4149632420b886ad_248b4149632420b886ad_walla.js Show response
www.walla.co.il/public/ 11 KB
4 KB 263ms
262ms Script
application/javascript 52.85.24.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.walla.co.il/public/148_248b4149632420b886ad_248b4149632420b886ad_walla.js
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.24.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-24-22.cpt52.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: bdf39a7fddcfb048c35c871282ce0f1de7866e18be3cf1353da9262b509fa0e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 08:33:50 GMT
content-encoding: gzip
via: 1.1 ab0eba22e4754ba13cb1d379e26fe642.cloudfront.net (CloudFront)
last-modified: Sun, 02 Oct 2022 08:14:43 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: CPT52-C1
age: 10395
etag: W/"2b34-18397c30138"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=2592000
x-amz-cf-id: XBh68tyVSh5DerYZhztXC0CrM44cDSxfXGqelD1i5Bak40sWwBEhSg==
x-cached: HIT

GET
H2 200 666_ee80dd56f4e3d26ff018_ee80dd56f4e3d26ff018_walla.js Show response
www.walla.co.il/public/ 307 KB
100 KB 268ms
267ms Script
application/javascript 52.85.24.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.walla.co.il/public/666_ee80dd56f4e3d26ff018_ee80dd56f4e3d26ff018_walla.js
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.24.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-24-22.cpt52.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: d361f34d22da1d9d593571234aa964d09c004b8ea4e8ece4cf5fc8a838aae217

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 08:34:02 GMT
content-encoding: gzip
via: 1.1 ab0eba22e4754ba13cb1d379e26fe642.cloudfront.net (CloudFront)
last-modified: Sun, 02 Oct 2022 08:14:43 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: CPT52-C1
age: 10383
etag: W/"4cdba-18397c30138"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=2592000
x-amz-cf-id: dRjY2UaPSGQvfXdNDQatCnyYT8F1tqPMwVI-bH-Kb4YoNNRXinpnLg==
x-cached: HIT

GET
H2 200 main_1977240c1867506304bf_1977240c1867506304bf_walla.js Show response
www.walla.co.il/public/ 1 MB
256 KB 299ms
299ms Script
application/javascript 52.85.24.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.walla.co.il/public/main_1977240c1867506304bf_1977240c1867506304bf_walla.js
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.24.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-24-22.cpt52.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: c825c9d42e462df06f579d4128af979e7617ac409c8f502853628c4e0222e4b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 08:33:29 GMT
content-encoding: gzip
via: 1.1 ab0eba22e4754ba13cb1d379e26fe642.cloudfront.net (CloudFront)
last-modified: Sun, 02 Oct 2022 08:14:43 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: CPT52-C1
age: 10416
etag: W/"11bc72-18397c30138"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=2592000
x-amz-cf-id: gACJQMacTSHZ8Mc8jhQQ-CBob5M3CeAzTqKxaj0t6btOokL07nHfFQ==
x-cached: MISS

GET
H2 200 homepage_5e55292a0b0840ed9713_5e55292a0b0840ed9713_walla.js Show response
www.walla.co.il/public/ 253 KB
49 KB 329ms
328ms Script
application/javascript 52.85.24.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.walla.co.il/public/homepage_5e55292a0b0840ed9713_5e55292a0b0840ed9713_walla.js
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.24.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-24-22.cpt52.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 180e86238c077d98b0839643160c5e53506c0ddb67d10ddbbcac6b8aaa948780

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 08:33:29 GMT
content-encoding: gzip
via: 1.1 ab0eba22e4754ba13cb1d379e26fe642.cloudfront.net (CloudFront)
last-modified: Sun, 02 Oct 2022 08:14:43 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: CPT52-C1
age: 10416
etag: W/"3f357-18397c30138"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=2592000
x-amz-cf-id: F-afUK4iQlTvr-46RlFfI8PmbprOTzqX0mMGzk0wf1NX5pKXr0fEmg==
x-cached: HIT

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ 209 KB
72 KB 159ms
27ms Script
application/x-javascript 184.51.9.223
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/outbrain.js
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.223 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-223.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8e7b937bde4c48bc3e26f33ea667d2141bed5e9e9572c38a98ddd2254bc8059c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:27:06 GMT
content-encoding: gzip
last-modified: Wed, 28 Sep 2022 08:35:48 GMT
etag: "15-d/vHIBjZTqH+B5ZJUJ3dxqNwziI"
vary: Accept-Encoding
edge-cache-tag: widget-cheetah
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET,POST
cache-control: max-age=14400
access-control-allow-credentials: false
x-traceid: 82792329352a2ba56aa16266f650ec0b
timing-allow-origin: *, *
content-length: 73655

GET
H/1.1 200
OK widget_iframe.7dae38096d06923d683a2a807172322a.html Show response
platform.twitter.com/widgets/ Frame 30BC 320 KB
104 KB 8ms
7ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.7dae38096d06923d683a2a807172322a.html?origin=https%3A%2F%2Fwww.walla.co.il
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67DF) /
Resource Hash: 8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 201547
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105445
Content-Type: text/html; charset=utf-8
Date: Sun, 02 Oct 2022 11:27:05 GMT
Etag: "50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
Last-Modified: Wed, 28 Sep 2022 20:04:27 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/67DF)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 45 KB
17 KB 64ms
28ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WGMK7ZS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

44f327eeeb995eabd2810452b355ca82979280a4d7def1bd980d3897e6999af6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:27:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16840
x-xss-protection: 0
server: cafe
etag: 11313833467736987248
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 02 Oct 2022 11:27:05 GMT

GET
H2 200 mab
mabping.chartbeat.net/ping/ 43 B
201 B 294ms
91ms Image
image/gif 34.232.231.107
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=Cpysn_Djn0vXCn2a14&c=0&V=136&x=bTykk0vcF0YAX&v=B&ml=m&sl=COVpTD,COVpTD&e=-1
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.232.231.107 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-232-231-107.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 02 Oct 2022 11:27:06 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H2 200 mab
mabping.chartbeat.net/ping/ 43 B
200 B 294ms
92ms Image
image/gif 34.232.231.107
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=Cpysn_Djn0vXCn2a14&c=0&V=136&x=vP3i7BukO69lj&v=B&ml=m&sl=ZfQyj&e=-1
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.232.231.107 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-232-231-107.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 02 Oct 2022 11:27:06 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H2 200 mab
mabping.chartbeat.net/ping/ 43 B
200 B 295ms
93ms Image
image/gif 34.232.231.107
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=Cpysn_Djn0vXCn2a14&c=0&V=136&x=fP8PNqKYfFWv8&v=A&ml=m&sl=CgPFEZ,CgPFEZ&e=-1
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.232.231.107 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-232-231-107.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 02 Oct 2022 11:27:06 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H2 200 mab
mabping.chartbeat.net/ping/ 43 B
200 B 295ms
94ms Image
image/gif 34.232.231.107
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=Cpysn_Djn0vXCn2a14&c=0&V=136&x=3LLvhxWhqM1yk&v=B&ml=m&sl=DCDSh-,DCDSh-&e=-1
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.232.231.107 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-232-231-107.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 02 Oct 2022 11:27:06 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H2 200 mab
mabping.chartbeat.net/ping/ 43 B
200 B 286ms
93ms Image
image/gif 34.232.231.107
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=Cpysn_Djn0vXCn2a14&c=0&V=136&x=tgOeLXTjCG8t8&v=A&ml=m&sl=B4Upqb&e=-1
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.232.231.107 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-232-231-107.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 02 Oct 2022 11:27:06 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H2 200 mab
mabping.chartbeat.net/ping/ 43 B
200 B 349ms
181ms Image
image/gif 34.232.231.107
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=Cpysn_Djn0vXCn2a14&c=0&V=136&x=qIdzThIgH1dgx&v=B&ml=m&sl=zYxJZ&e=-1
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.232.231.107 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-232-231-107.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 02 Oct 2022 11:27:06 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 445ms
96ms Image
image/gif 34.235.205.35
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=walla.co.il&p=%2F&u=Cpysn_Djn0vXCn2a14&d=walla.co.il&g=20047&g0=%D7%95%D7%95%D7%90%D7%9C%D7%94&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=10798&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=2305&t=CzmJDXChREiBBDJaLB4lG3VDP0My1&V=136&i=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20-%20%D7%94%D7%90%D7%AA%D7%A8%20%D7%94%D7%9E%D7%95%D7%91%D7%99%D7%9C%20%D7%91%D7%99%D7%A9%D7%A8%D7%90%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%9E%D7%A1%D7%91%D7%99%D7%91%20%D7%9C%D7%A9%D7%A2%D7%95%D7%9F&tz=0&sn=1&sv=C3FNfdjno38oYr8YC_nEZhyHoqx&sd=1&im=067b2fff&_
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.235.205.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-235-205-35.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 02 Oct 2022 11:27:06 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H2 200 170717926997655 Show response
connect.facebook.net/signals/config/ 293 KB
85 KB 13ms
12ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/170717926997655?v=2.9.84&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5ab0db64b58cb0a81d96d2fdbf500b4621c559014af05e9da5bd68544af16e79

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 02 Oct 2022 11:27:05 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 86020
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: lj2HJytWX5k832c6oKkhxT4ctGcWRxcVR+mMNHrNin7Ccbt6pUb1LE+ma2f0tOx3eAOaFCAfVsmxC/bV7PdeOw==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 30BC 770 B
643 B 168ms
118ms Fetch
application/json 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=e9c6e35092b59419c2ac4114d7917078e3b4ccb8

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.7dae38096d06923d683a2a807172322a.html?origin=https%3A%2F%2Fwww.walla.co.il

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

9ee10ccd9a93c142b161a6507a9f23cfcd9e279f6b6ae77f35c2fa5ad1d32deb

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-response-time: 110
date: Sun, 02 Oct 2022 11:27:05 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Sun, 02 Oct 2022 11:27:06 GMT
server: tsa_o
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: 35020532494cadfb
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: abcbe9313de15b38c12131c842a15ff2ef8af83b622cfe1390c1dee273458112
content-length: 323

GET
H2

200

map-id
ledger.crowdad.io/
Redirect Chain

https://ib.adnxs.com/getuid?https://ledger.crowdad.io/map-id?publisherId=WALLA&publisherUserId=&kaUserId=a948f123-72ce-4b6c-a280-09b54f9f697e&adnxsUserId=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fledger.crowdad.io%2Fmap-id%3FpublisherId%3DWALLA%26publisherUserId%3D%26kaUserId%3Da948f123-72ce-4b6c-a280-09b54f9f697e%26adnxsUserId%3D%24UID
https://ledger.crowdad.io/map-id?publisherId=WALLA&publisherUserId=&kaUserId=a948f123-72ce-4b6c-a280-09b54f9f697e&adnxsUserId=7541192142968515385

0
38 B

290ms
29ms

Image
text/plain

52.212.114.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ledger.crowdad.io/map-id?publisherId=WALLA&publisherUserId=&kaUserId=a948f123-72ce-4b6c-a280-09b54f9f697e&adnxsUserId=7541192142968515385
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Server: 52.212.114.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-114-253.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:27:06 GMT
content-length: 0

Redirect headers

Pragma: no-cache
Date: Sun, 02 Oct 2022 11:27:06 GMT
AN-X-Request-Uuid: c26aba8e-d61f-44d6-9524-8d4c6945caad
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://ledger.crowdad.io/map-id?publisherId=WALLA&publisherUserId=&kaUserId=a948f123-72ce-4b6c-a280-09b54f9f697e&adnxsUserId=7541192142968515385
Connection: keep-alive
X-Proxy-Origin: 138.199.38.132; 138.199.38.132; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 handshakes Show response
khn.crowdad.io/ 0
105 B 92ms
31ms XHR
text/plain 63.32.245.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://khn.crowdad.io/handshakes
Requested by: Host: d2r08ja41ypc0t.cloudfront.net
URL: https://d2r08ja41ypc0t.cloudfront.net/WALLA/kahoona-idx-live.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.32.245.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-32-245-11.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.walla.co.il
date: Sun, 02 Oct 2022 11:27:06 GMT
access-control-allow-credentials: true
content-length: 0

OPTIONS
H2 200 handshakes
khn.crowdad.io/ Frame 0
0 120ms
28ms Preflight 63.32.245.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://khn.crowdad.io/handshakes
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.32.245.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-32-245-11.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.walla.co.il
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://www.walla.co.il
content-length: 0
date: Sun, 02 Oct 2022 11:27:06 GMT

OPTIONS
H2 200 init
hb-dot-valuad.appspot.com/ Frame 0
0 765ms
657ms Preflight
text/html 2a00:1450:400d:805::2014
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://hb-dot-valuad.appspot.com/init?d=pubsub
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400d:805::2014 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-request-id,x-vad-version
Access-Control-Request-Method: POST
Origin: https://www.walla.co.il
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-request-id,x-vad-version
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin: https://www.walla.co.il
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Sun, 02 Oct 2022 11:27:06 GMT
server: Google Frontend
x-cloud-trace-context: ca7eb99efb226448e1c221e2fadc9450
x-request-id: undefined

POST
H3 200 init Show response
hb-dot-valuad.appspot.com/ 38 B
87 B 711ms
657ms Fetch
application/json 2a00:1450:400d:805::2014
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://hb-dot-valuad.appspot.com/init?d=pubsub
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1664668800000
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:805::2014 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 4fd404a3dd41ba5796289aa477fbab1ca6d8417713f348dc46088f0f304a4c86

Request headers

Content-Type: application/json
Accept: application/json
Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
x-request-id: 3d898466-078e-49bb-84ee-32087e7d6725
x-vad-version: 0.9.9

Response headers

date: Sun, 02 Oct 2022 11:27:07 GMT
content-encoding: gzip
server: Google Frontend
etag: W/"26-mVNvu0agnvYcPb+7WMdjUD1kmNU"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.walla.co.il
x-cloud-trace-context: 82c0b4caf51857cfaf576e09863b2ec7
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64
x-request-id: undefined

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 99ms
47ms XHR
text/plain 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j97&a=619783834&t=pageview&_s=1&dl=https%3A%2F%2Fwww.walla.co.il%2F&ul=en-us&de=UTF-8&dt=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20-%20%D7%94%D7%90%D7%AA%D7%A8%20%D7%94%D7%9E%D7%95%D7%91%D7%99%D7%9C%20%D7%91%D7%99%D7%A9%D7%A8%D7%90%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%9E%D7%A1%D7%91%D7%99%D7%91%20%D7%9C%D7%A9%D7%A2%D7%95%D7%9F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=218376715&gjid=123353181&cid=1337039213.1664710026&tid=UA-4780630-1&_gid=639399191.1664710026&_r=1&gtm=2wg9s0T728TH&cd1=&cd2=173&cd3=&cd4=&cd6=&cd7=&cd8=&cd24=0&cd26=&cd27=&cd28=&cd29=&cd30=&cd31=&cd32=%D7%95%D7%95%D7%90%D7%9C%D7%94&cd33=not&cd34=&cd51=&cd53=&cd54=&cd55=&cd56=&cd59=&cd62=&cd63=&cd65=no&cd69=1&cd76=&cd98=&cd107=&cd108=no&cd109=no&cd110=&cd113=1&cd115=https%3A%2F%2Fwww.walla.co.il&cd116=0&z=1111297154

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.walla.co.il
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 1616785908557850 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 8ms
8ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1616785908557850?v=2.9.84&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

165e3707f337ee7504b8a6c5c4109f7bcaa24c9e2b732b5d6fe225f6e92ab5f4

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 02 Oct 2022 11:27:06 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 86266
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: flVQzbct7NMYA7JCUjYz8Le2Aplm2azqepKseTkZif/DGOCbDxOPo9M6roPzNQ1tz2WGnO3WF3m2mKc9QuFY6w==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
204 B 25ms
7ms Image
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=170717926997655&ev=PageView&dl=https%3A%2F%2Fwww.walla.co.il%2F&rl=&if=false&ts=1664710026059&sw=1600&sh=1200&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.2.1664710026058.1981651504&it=1664710025962&coo=false&rqm=GET

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 02 Oct 2022 11:27:06 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/964224610/ 3 KB
1 KB 63ms
49ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/964224610/?random=1664710026063&cv=9&fst=1664710026063&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.walla.co.il%2F&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20-%20%D7%94%D7%90%D7%AA%D7%A8%20%D7%94%D7%9E%D7%95%D7%91%D7%99%D7%9C%20%D7%91%D7%99%D7%A9%D7%A8%D7%90%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%9E%D7%A1%D7%91%D7%99%D7%91%20%D7%9C%D7%A9%D7%A2%D7%95%D7%9F&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a6cdb87ed38abb6b2485e4351b2e8a2d3685b282169a43e6f3de71c86c75188

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1069
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 18ms
7ms Image
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1616785908557850&ev=PageView&dl=https%3A%2F%2Fwww.walla.co.il%2F&rl=&if=false&ts=1664710026103&sw=1600&sh=1200&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.2.1664710026058.1981651504&it=1664710025962&coo=false&rqm=GET

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 02 Oct 2022 11:27:06 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H/1.1 200
OK d3d3LndhbGxhLmNvLmls Show response
tcheck.outbrainimg.com/tcheck/check/ 16 B
463 B 227ms
18ms XHR
application/json 2.18.69.170
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tcheck.outbrainimg.com/tcheck/check/d3d3LndhbGxhLmNvLmls
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.69.170 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-69-170.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Sun, 02 Oct 2022 11:27:06 GMT
ETag: W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=6195
Access-Control-Allow-Credentials: false
Connection: keep-alive
X-TraceId: 5792950dfa333265c07874b0e0bf46c6
Content-Length: 16
Expires: Sun, 02 Oct 2022 13:10:21 GMT

GET
H2 200 px.gif
widget-pixels.outbrain.com/widget/detect/ 43 B
355 B 148ms
21ms Image
image/gif 184.51.9.223
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.223 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-223.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

unused62: 8096267
date: Sun, 02 Oct 2022 11:27:06 GMT
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 43
expires: Tue, 01 Nov 2022 11:27:06 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
442 B 153ms
18ms XHR
text/plain 2a00:1450:4025:401::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-4780630-1&cid=1337039213.1664710026&jid=218376715&gjid=123353181&_gid=639399191.1664710026&_u=YEBAAEAAAAAAAC~&z=327282484

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:401::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 02 Oct 2022 11:27:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.walla.co.il
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/964224610/ 42 B
548 B 144ms
52ms Image
image/gif 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/964224610/?random=1664710026063&cv=9&fst=1664708400000&num=1&guid=ON&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.walla.co.il%2F&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20-%20%D7%94%D7%90%D7%AA%D7%A8%20%D7%94%D7%9E%D7%95%D7%91%D7%99%D7%9C%20%D7%91%D7%99%D7%A9%D7%A8%D7%90%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%9E%D7%A1%D7%91%D7%99%D7%91%20%D7%9C%D7%A9%D7%A2%D7%95%D7%9F&fmt=3&is_vtc=1&random=2156052276&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:06 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/964224610/ 42 B
548 B 114ms
22ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/964224610/?random=1664710026063&cv=9&fst=1664708400000&num=1&guid=ON&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.walla.co.il%2F&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20-%20%D7%94%D7%90%D7%AA%D7%A8%20%D7%94%D7%9E%D7%95%D7%91%D7%99%D7%9C%20%D7%91%D7%99%D7%A9%D7%A8%D7%90%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%9E%D7%A1%D7%91%D7%99%D7%91%20%D7%9C%D7%A9%D7%A2%D7%95%D7%9F&fmt=3&is_vtc=1&random=2156052276&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:06 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 391_74a7ea0bea4fcf8c460e_74a7ea0bea4fcf8c460e_walla.js Show response
www.walla.co.il/public/ 121 KB
35 KB 195ms
195ms Script
application/javascript 52.85.24.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.walla.co.il/public/391_74a7ea0bea4fcf8c460e_74a7ea0bea4fcf8c460e_walla.js
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/public/main_1977240c1867506304bf_1977240c1867506304bf_walla.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.24.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-24-22.cpt52.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 86fed0f87402ce0fde9cdd3a0023fd4df2f277f5849744e61d4784e6470e02bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 08:34:28 GMT
content-encoding: gzip
via: 1.1 ab0eba22e4754ba13cb1d379e26fe642.cloudfront.net (CloudFront)
last-modified: Sun, 02 Oct 2022 08:14:43 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: CPT52-C1
age: 10359
etag: W/"1e51a-18397c30138"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=2592000
x-amz-cf-id: fESfI3iXu8so3TeV7yjoicTvrPtLiKu_RNh45aIULNd51OmOVOhE5Q==
x-cached: HIT

GET
H2 200 PikudInner_793046046c897b90f78e_793046046c897b90f78e_walla.js Show response
www.walla.co.il/public/ 3 KB
2 KB 199ms
199ms Script
application/javascript 52.85.24.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.walla.co.il/public/PikudInner_793046046c897b90f78e_793046046c897b90f78e_walla.js
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/public/main_1977240c1867506304bf_1977240c1867506304bf_walla.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.24.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-24-22.cpt52.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 32e55f966e5d42979013d87e8a4de77fd04e331af39070fd2f21404a04aae61b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 08:33:34 GMT
content-encoding: gzip
via: 1.1 ab0eba22e4754ba13cb1d379e26fe642.cloudfront.net (CloudFront)
last-modified: Sun, 02 Oct 2022 08:14:43 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: CPT52-C1
age: 10413
etag: W/"cfc-18397c30138"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=2592000
x-amz-cf-id: iwx-UxqzxI3JcwlQhNK_zEdcVHzjo_OAZ4sootvabwhCkLM4lv8UzQ==
x-cached: HIT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
27 KB 111ms
62ms Script
text/javascript 142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/public/666_ee80dd56f4e3d26ff018_ee80dd56f4e3d26ff018_walla.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

327c9445945310e44061898405bdc932ad69635c76ec0a5de3506c387583c910

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:27:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27695
x-xss-protection: 0
server: sffe
etag: "1351 / 298 of 1000 / last-modified: 1664575578"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 02 Oct 2022 11:27:07 GMT

GET
H2 200 close.png
www.walla.co.il/public/assets/ads/ 1 KB
1 KB 197ms
194ms Image
image/png 52.85.24.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/ads/close.png
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.24.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-24-22.cpt52.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 526570790fb55c7376917efb0561bac7302c8946d3cfb0daf15e3669c6ee1ee5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 08:34:28 GMT
via: 1.1 ab0eba22e4754ba13cb1d379e26fe642.cloudfront.net (CloudFront)
last-modified: Sun, 02 Oct 2022 08:12:23 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: CPT52-C1
age: 10359
etag: W/"46c-18397c0de58"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 1132
x-cached: MISS
x-amz-cf-id: IlEo-S7QAOHpEqk7iEdQIxzdfgARPrRvEsh1KWmBJ-xg2nmHaGfD2g==

GET
H2 200 3421426-46.png
images.wcdn.co.il//3/4/2/1/ 6 KB
6 KB 13ms
10ms Image
image/png 18.66.122.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wcdn.co.il//3/4/2/1/3421426-46.png
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-50.fra60.r.cloudfront.net
Software: cloudinary /
Resource Hash: 738d90cda558286a59c2e9d00b43c7d2375b2e010863533804d0de180cfc5339

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 10:30:43 GMT
via: 1.1 varnish, 1.1 1aa52a2a71a599aaf6b3df3a9c53b268.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 4236984
edge-cache-tag: 145767541500621925049705680995819893788,d2bce9e04f88d43dd8350e859c701704
cache-tag: 145767541500621925049705680995819893788,d2bce9e04f88d43dd8350e859c701704
x-cache: Hit from cloudfront
content-length: 5667
x-served-by: cache-iad-kiad7000166-IAD
last-modified: Sun, 14 Aug 2022 10:29:39 GMT
server: cloudinary
x-timer: S1660473043.259951,VS0,VE1
etag: "a299b27a337fe5f8cd65385dbd30d509"
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: uM20GFW_izTIKSbrseXTGvbT2oQ62lj-JB4Q70I8HvIOfOn7eXyM9w==
x-cache-hits: 1

GET
H2 200 3441170-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_600,t_54/3/4/4/1/ 29 KB
30 KB 14ms
11ms Image
image/avif 18.66.122.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wcdn.co.il/f_auto,q_auto,w_600,t_54/3/4/4/1/3441170-46.jpg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-50.fra60.r.cloudfront.net
Software: cloudinary /
Resource Hash: 716553548189864d6fe63e5c995829c55decc201fc85e38903b758042637bb87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 05:31:37 GMT
via: 1.1 varnish, 1.1 1aa52a2a71a599aaf6b3df3a9c53b268.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 21330
edge-cache-tag: 137101411641254095126442955739036668506,312166661980159595920626296514339805193,d2bce9e04f88d43dd8350e859c701704
cache-tag: 137101411641254095126442955739036668506,312166661980159595920626296514339805193,d2bce9e04f88d43dd8350e859c701704
x-cache: Hit from cloudfront
content-length: 30142
x-served-by: cache-iad-kjyo7100174-IAD
last-modified: Sun, 02 Oct 2022 05:31:29 GMT
server: cloudinary
x-timer: S1664688697.426489,VS0,VE1
etag: "4f2b736eaf40d9a7d111d3634c7ac6d9"
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: 5NlfymTzZ_sC7vHxz7eQP4Jg2zoaeDQtmkSetAbZfTE30fR-bzADhg==
x-cache-hits: 1

GET
H2 200 3440889-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_200,t_54/3/4/4/0/ 9 KB
10 KB 16ms
14ms Image
image/avif 18.66.122.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wcdn.co.il/f_auto,q_auto,w_200,t_54/3/4/4/0/3440889-46.jpg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-50.fra60.r.cloudfront.net
Software: cloudinary /
Resource Hash: 13d91fb383c1fcba8db29f12aa21c1d7010104e17156d6b8c76b33cb6ae7f35c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 04:33:10 GMT
via: 1.1 varnish, 1.1 1aa52a2a71a599aaf6b3df3a9c53b268.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 24837
edge-cache-tag: 294936161515513757942448196542575696637,271049015777213030236564670234258799301,d2bce9e04f88d43dd8350e859c701704
cache-tag: 294936161515513757942448196542575696637,271049015777213030236564670234258799301,d2bce9e04f88d43dd8350e859c701704
status: 200 OK
x-cache: Hit from cloudfront
content-length: 9523
x-request-id: da0e40b946ca111c3c07341010a2c46d
x-served-by: cache-lga21951-LGA
last-modified: Sun, 02 Oct 2022 04:33:11 GMT
server: cloudinary
x-timer: S1664685186.943693,VS0,VE4108
etag: "9507747b19725e00c466d453289cae7f"
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: d-pM-VGc1OCpZs2tm0hQA501pw1I__gvfn19NhevOfPSIWAgSAhOQQ==
x-cache-hits: 0

GET
H2 200 3441173-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_200,t_54/3/4/4/1/ 6 KB
7 KB 16ms
14ms Image
image/avif 18.66.122.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wcdn.co.il/f_auto,q_auto,w_200,t_54/3/4/4/1/3441173-46.jpg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-50.fra60.r.cloudfront.net
Software: cloudinary /
Resource Hash: 3ca87b1c89ec01e9db313bc674e9b886c83b882422514176fa99b17b6e353160

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 19:40:49 GMT
via: 1.1 varnish, 1.1 1aa52a2a71a599aaf6b3df3a9c53b268.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 56778
edge-cache-tag: 305130930769700498882775237630796621462,271049015777213030236564670234258799301,d2bce9e04f88d43dd8350e859c701704
cache-tag: 305130930769700498882775237630796621462,271049015777213030236564670234258799301,d2bce9e04f88d43dd8350e859c701704
status: 200 OK
x-cache: Hit from cloudfront
content-length: 6076
x-request-id: eb39ea83b1d6bacd55891cd6df3d1113
x-served-by: cache-iad-kjyo7100028-IAD
last-modified: Sat, 01 Oct 2022 19:40:50 GMT
server: cloudinary
x-timer: S1664653248.058314,VS0,VE1501
etag: "c2f46385e77a1f34b66eca21d3517556"
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: geJjfYAC66h0U_VeAO6-Uo_pQEEeyq0BLWDHj7ELU8hdZTgCz-3f_w==
x-cache-hits: 0

GET
H2 200 3441144-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_200,t_54/3/4/4/1/ 8 KB
9 KB 17ms
15ms Image
image/avif 18.66.122.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wcdn.co.il/f_auto,q_auto,w_200,t_54/3/4/4/1/3441144-46.jpg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-50.fra60.r.cloudfront.net
Software: cloudinary /
Resource Hash: b0de85dc6babcb2a6a4e34da7e73e211eea438b0cee3e3640c47e3effef333a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 20:45:43 GMT
via: 1.1 varnish, 1.1 1aa52a2a71a599aaf6b3df3a9c53b268.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 52884
edge-cache-tag: 235428896846701769905843142814290193412,271049015777213030236564670234258799301,d2bce9e04f88d43dd8350e859c701704
cache-tag: 235428896846701769905843142814290193412,271049015777213030236564670234258799301,d2bce9e04f88d43dd8350e859c701704
x-cache: Hit from cloudfront
content-length: 8362
x-served-by: cache-lga21943-LGA
last-modified: Sat, 01 Oct 2022 20:45:38 GMT
server: cloudinary
x-timer: S1664657144.528122,VS0,VE3
etag: "9c69ed0ddcf68a3bbae5325c062ee362"
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: garhiFUl4utwyw_1Lz1bVGDQAFqd9Nr0SRxdfx6E8NokGiOvWe43OQ==
x-cache-hits: 1

GET
H2 200 2060367-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/2/0/6/0/ 5 KB
6 KB 19ms
17ms Image
image/avif 18.66.122.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/2/0/6/0/2060367-46.jpg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-50.fra60.r.cloudfront.net
Software: cloudinary /
Resource Hash: 4e1e2d80d7e0e7166f88f9971da40abb997291381337bf4c155b57bfe72727db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 10:43:43 GMT
via: 1.1 varnish, 1.1 1aa52a2a71a599aaf6b3df3a9c53b268.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 2604
edge-cache-tag: 357193691107928654445869526942004406558,212496020108147977840311483917559093332,d2bce9e04f88d43dd8350e859c701704
cache-tag: 357193691107928654445869526942004406558,212496020108147977840311483917559093332,d2bce9e04f88d43dd8350e859c701704
x-cache: Hit from cloudfront
content-length: 5469
x-served-by: cache-iad-kiad7000130-IAD
last-modified: Sat, 07 May 2022 04:13:33 GMT
server: cloudinary
x-timer: S1664707423.411942,VS0,VE69
etag: "5b7797500de87e6450d02a24994493de"
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: FWIytH8rZG1RDM5I5y6r3_UkBOgGF-HdpMHBugIvSSDy5HcEiENhJQ==
x-cache-hits: 0

GET
H2 200 3440900-46.jpeg
images.wcdn.co.il/x_0,y_0.57125,w_1,c_crop,f_auto/t_54,f_auto,w_300/3/4/4/0/ 15 KB
16 KB 20ms
18ms Image
image/jpeg 18.66.122.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wcdn.co.il/x_0,y_0.57125,w_1,c_crop,f_auto/t_54,f_auto,w_300/3/4/4/0/3440900-46.jpeg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-50.fra60.r.cloudfront.net
Software: cloudinary /
Resource Hash: 89b7848f1c1c06577e3e411960ce7eae92ebd2500cfecce66545cd59a975f009

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 10:31:29 GMT
via: 1.1 varnish, 1.1 1aa52a2a71a599aaf6b3df3a9c53b268.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 3338
edge-cache-tag: 104845857630803201540864975495503414305,172905191268967986388055465486413858578,d2bce9e04f88d43dd8350e859c701704
cache-tag: 104845857630803201540864975495503414305,172905191268967986388055465486413858578,d2bce9e04f88d43dd8350e859c701704
status: 200 OK
x-cache: Hit from cloudfront
content-length: 15312
x-request-id: b1eda28cca7486c89422cc2438305458
x-served-by: cache-lga21942-LGA
last-modified: Sun, 02 Oct 2022 10:31:30 GMT
server: cloudinary
x-timer: S1664706688.868157,VS0,VE1298
etag: "670fedb2fd7b4a7dbf78fdb0e74f3ceb"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: F8ATB3WJMqRiKU_Hza8uAVRFyNkHKFo6RWQzeXhGcltax-ofKh5wLA==
x-cache-hits: 0

GET
H2 200 3440352-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/4/4/0/ 24 KB
25 KB 22ms
21ms Image
image/avif 18.66.122.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/4/4/0/3440352-46.jpg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-50.fra60.r.cloudfront.net
Software: cloudinary /
Resource Hash: 348fe67d4601f7b74d85db6084f027135ee77ccbb4f3ada71c9f45d5ea569195

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:08:09 GMT
via: 1.1 varnish, 1.1 1aa52a2a71a599aaf6b3df3a9c53b268.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 1138
edge-cache-tag: 209413802140420217551057005510236118930,212496020108147977840311483917559093332,d2bce9e04f88d43dd8350e859c701704
cache-tag: 209413802140420217551057005510236118930,212496020108147977840311483917559093332,d2bce9e04f88d43dd8350e859c701704
status: 200 OK
x-cache: Hit from cloudfront
content-length: 24896
x-request-id: e5e767153dcb879816fe1be62f74d993
x-served-by: cache-lga21954-LGA
last-modified: Sun, 02 Oct 2022 11:08:06 GMT
server: cloudinary
x-timer: S1664708890.628140,VS0,VE1
etag: "a5aadfd5ec6c47bdd0547ef81bd4ab8b"
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: PFY6JIXhoiXj1WsngrwEWDPBPUXtwsh8JUR6yCWnsWGJbwIZOvO8Gw==
x-cache-hits: 1

GET
H2 200 3178764-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_100,t_53/3/1/7/8/ 2 KB
2 KB 23ms
21ms Image
image/avif 18.66.122.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wcdn.co.il/f_auto,q_auto,w_100,t_53/3/1/7/8/3178764-46.jpg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-50.fra60.r.cloudfront.net
Software: cloudinary /
Resource Hash: 4254d6ebdad02b88a8691e71b6b58b19944bce76b249707f8d45e610d7b55f0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 07:00:08 GMT
via: 1.1 varnish, 1.1 1aa52a2a71a599aaf6b3df3a9c53b268.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 18160019
edge-cache-tag: 368907602085661858931500534282242613018,126791851644153346182560705225699570347,d2bce9e04f88d43dd8350e859c701704
cache-tag: 368907602085661858931500534282242613018,126791851644153346182560705225699570347,d2bce9e04f88d43dd8350e859c701704
x-cache: Hit from cloudfront
content-length: 1683
x-served-by: cache-bwi5037-BWI
last-modified: Tue, 28 Dec 2021 13:39:26 GMT
server: cloudinary
x-timer: S1646550009.631172,VS0,VE1
etag: "7cb7520d0554e205a55ef52971b6f150"
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: If1Uvg8ck1ptNJMFDnIDxza0aokbSEBAKvTJNinWTg4Au3PUA70djw==
x-cache-hits: 1

GET
H2 200 3277364-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_100,t_53/3/2/7/7/ 2 KB
2 KB 23ms
22ms Image
image/avif 18.66.122.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wcdn.co.il/f_auto,q_auto,w_100,t_53/3/2/7/7/3277364-46.jpg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-50.fra60.r.cloudfront.net
Software: cloudinary /
Resource Hash: f44bf8dcd3422c7e12c7f8e6c4bb22f462630245424893283d75ed8836ccb4ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 06:31:05 GMT
via: 1.1 varnish, 1.1 1aa52a2a71a599aaf6b3df3a9c53b268.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 1832162
edge-cache-tag: 117811668391355175738003855561666042533,126791851644153346182560705225699570347,d2bce9e04f88d43dd8350e859c701704
cache-tag: 117811668391355175738003855561666042533,126791851644153346182560705225699570347,d2bce9e04f88d43dd8350e859c701704
x-cache: Hit from cloudfront
content-length: 1604
x-served-by: cache-iad-kiad7000130-IAD
last-modified: Thu, 30 Dec 2021 12:00:58 GMT
server: cloudinary
x-timer: S1662877865.446784,VS0,VE65
etag: "8d34ae4493503aa93230d96805a90445"
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: _C9xnSY0_eAG2PwbtleFZSeSqi9Z_fqilRO0p2e71zt54C4tGug60g==
x-cache-hits: 0

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 112ms
64ms Image
image/gif 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-4780630-1&cid=1337039213.1664710026&jid=218376715&_u=YEBAAEAAAAAAAC~&z=653629796

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 68ms
48ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-4780630-1&cid=1337039213.1664710026&jid=218376715&_u=YEBAAEAAAAAAAC~&z=653629796

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/160447/3622/ 262 KB
81 KB 32ms
8ms Script
text/javascript 23.35.228.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/160447/3622/pwt.js
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1664668800000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.228.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-228-201.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 5112533882ea77891976997afbeaf5416df1ac1a423c8177fdfce6d5e4e3bce9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

unused62: 8096267
date: Sun, 02 Oct 2022 11:27:07 GMT
content-encoding: gzip
last-modified: Wed, 14 Jul 2021 08:22:46 GMT
server: Apache/2.2.15 (CentOS)
etag: "1481c32-41771-5c7110f340cdf"
vary: Accept-Encoding
content-type: text/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=92274
accept-ranges: bytes
content-length: 82748
expires: Mon, 03 Oct 2022 13:05:01 GMT

GET
H2 200 / Show response
csync.smilewanted.com/ 6 KB
2 KB 78ms
44ms Script
application/javascript 104.18.24.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1664668800000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.121 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eef3229975dcea05e62c3c6a907c2b9c50a68b07a632ce4fa232a41a0bcb1ad9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:27:07 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-credentials: true
cf-ray: 753d16466f7f910c-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2 200 get Show response
odb.outbrain.com/utils/ 2 KB
1 KB 176ms
108ms Script
text/javascript 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.walla.co.il%2F&idx=0&rand=41522&key=NANOWDGT01&widgetJSId=AR_57&va=true&et=true&format=html&adblck=false&abwl=false&px=0&py=0&vpd=0&cw=1600&activeTab=true&darkMode=false&ab=0&wl=0&settings=true&recs=true&version=2000902&sig=kO6C5lSo&apv=false&false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fwww.walla.co.il%2F
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 9b8f0541e42bc54fd070d0143a5c2744b7ebeb351a0c919e30a19066ad52a05b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-cache-hits: 0, 0
date: Sun, 02 Oct 2022 11:27:07 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, HHN, Europe1
x-timer: S1664710027.315039,VS0,VE101
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-served-by: cache-lga21938-LGA, cache-hhn4020-HHN
x-traceid: cca84611ae6182f773b37dd75fda2b10
accept-ranges: bytes
content-length: 1132
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame A2E0 0
15 B 8ms
8ms Document
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.walla.co.il
Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.walla.co.il
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Sun, 02 Oct 2022 11:27:07 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H3 200 / Show response
www.facebook.com/tr/ Frame A56F 0
15 B 8ms
8ms Document
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.walla.co.il
Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.walla.co.il
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Sun, 02 Oct 2022 11:27:07 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 logo.png
www.walla.co.il/public/assets/pikud/ 21 KB
22 KB 195ms
195ms Image
image/png 52.85.24.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/pikud/logo.png
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.24.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-24-22.cpt52.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 76d0d144cab37ceb245da2686fc8b5188508a91aee42773c8caba340dd7e4309

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 08:34:28 GMT
via: 1.1 ab0eba22e4754ba13cb1d379e26fe642.cloudfront.net (CloudFront)
last-modified: Sun, 02 Oct 2022 08:12:23 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: CPT52-C1
age: 10359
etag: W/"558e-18397c0de58"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 21902
x-cached: MISS
x-amz-cf-id: pSvK3E0w7BxotlU7NYTvn-3l4y_ACExufJcXd5Fu5_4YBkaNfqJikg==

GET
H2 200 decode_consent.js Show response
static.smilewanted.com/js/decode_consent/ 48 KB
12 KB 32ms
23ms Script
application/javascript 104.18.24.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.smilewanted.com/js/decode_consent/decode_consent.js

Requested by

Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.24.121 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:27:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 156438
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Thu, 15 Apr 2021 17:11:55 GMT
server: cloudflare
etag: W/"607873db-c1ce"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=315360000
cf-ray: 753d164779b2910c-FRA
expires: Wed, 29 Sep 2032 11:27:07 GMT

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 468ms
93ms Fetch
text/plain 70.42.32.159
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=af94b29a56a4d4736539697bc15f826f_1769_1664710027368&tm=1315&eT=6&wRV=2000902&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&cheq=0&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.159 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Sun, 02 Oct 2022 11:27:07 GMT
access-control-expose-headers: content-range
content-encoding: gzip
X-TraceId: 20989d41a6424b69960f42dc1a5e7cca
Content-Length: 28
Content-Type: text/plain; charset=UTF-8

GET
H2 200 get Show response
odb.outbrain.com/utils/ 12 KB
4 KB 112ms
112ms Script
text/javascript 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.walla.co.il%2F&idx=1&rand=19973&key=NANOWDGT01&widgetJSId=HPP&va=true&et=true&format=html&t=YWY5NGIyOWE1NmE0ZDQ3MzY1Mzk2OTdiYzE1ZjgyNmY=&adblck=false&abwl=false&px=209&py=1207&vpd=7&cw=282&activeTab=true&darkMode=false&ab=0&wl=0&settings=true&recs=true&version=2000902&sig=kO6C5lSo&apv=false&false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fwww.walla.co.il%2F
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 2c301d00fcff6bec9a8c937d2772a48d316d060da644f77e4baba37b665e0453

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-cache-hits: 0, 0
date: Sun, 02 Oct 2022 11:27:07 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, HHN, Europe1
x-timer: S1664710027.436671,VS0,VE106
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-served-by: cache-lga21979-LGA, cache-hhn4020-HHN
x-traceid: b8af53a5063b4ec3b76ed2186689d86b
accept-ranges: bytes
content-length: 3808
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 drop_cookie_sw.php Show response
csync.smilewanted.com/ Frame 8424 0
337 B 40ms
39ms Document
text/html 104.18.24.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/drop_cookie_sw.php
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.121 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 753d1647aa18910c-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 02 Oct 2022 11:27:07 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2

200

3bafd9781f926aa7b41b62e571382ceb Show response
csync.smilewanted.com/set_partner_userid_get/freewheel/ Frame 2998
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
https://csync.smilewanted.com/set_partner_userid_get/freewheel/3bafd9781f926aa7b41b62e571382ceb

0
393 B

43ms
43ms

Document
text/html

104.18.24.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/freewheel/3bafd9781f926aa7b41b62e571382ceb
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.121 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 753d16486bc7910c-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 02 Oct 2022 11:27:07 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
Date: Sun, 02 Oct 2022 11:27:07 GMT
Expires: Sun, 02 Oct 2022 11:27:07 GMT
Location: https://csync.smilewanted.com/set_partner_userid_get/freewheel/3bafd9781f926aa7b41b62e571382ceb
Pragma: no-cache
Server: nginx
x-sticky-vk: 1664710027511032-577

GET
H2 204 v1
match.sharethrough.com/universal/ Frame 0F0A 0
0 75ms
8ms Document
text/plain 18.198.13.189
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.13.189 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-13-189.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

date: Sun, 02 Oct 2022 11:27:07 GMT

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ 3 KB
3 KB 20ms
19ms Image
image/svg+xml 184.51.9.223
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.223 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-223.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:27:07 GMT
last-modified: Mon, 12 Sep 2022 07:37:47 GMT
server: AkamaiNetStorage
etag: "9d26fa4e7238ed94f1d0d92afb453b3e:1662969032.874716"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2735
expires: Tue, 01 Nov 2022 11:27:07 GMT

GET
H2 200 ob_logo_16x16.svg
widgets.outbrain.com/images/widgetIcons/ 13 KB
14 KB 22ms
21ms Image
image/svg+xml 184.51.9.223
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/ob_logo_16x16.svg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.223 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-223.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: c3c89d5295be3c6415416b83a9e4c0fc67a790e55713ddc3f2d0c07185779acf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:27:07 GMT
last-modified: Mon, 12 Sep 2022 07:37:47 GMT
server: AkamaiNetStorage
etag: "af7be0711fb1cf2f41bb793256c8f148:1662969048.571231"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 13687
expires: Tue, 01 Nov 2022 11:27:07 GMT

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 372ms
94ms Fetch
text/plain 70.42.32.159
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=4e21af34fde4b1e14107664f65cd4f40_1769_1664710027494&tm=1436&eT=0&widgetWidth=282&widgetHeight=36&widgetX=209&widgetY=1216&wRV=2000902&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&rtt=115&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.159 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Sun, 02 Oct 2022 11:27:07 GMT
access-control-expose-headers: content-range
content-encoding: gzip
X-TraceId: be702cbe5fb8c9ded7f96dc07858d67c
Content-Length: 28
Content-Type: text/plain; charset=UTF-8

GET
H2 200 streamFeed.js Show response
widgets.outbrain.com/nanoWidget/2000902/module/ 39 KB
14 KB 24ms
24ms Script
application/x-javascript 184.51.9.223
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/2000902/module/streamFeed.js?e=1
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.223 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-223.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 0c22229dcf68c98c37407a833a55f05b0cee267dc2f71142bd218b930a507d76

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:27:07 GMT
content-encoding: gzip
last-modified: Wed, 28 Sep 2022 08:34:27 GMT
server: AkamaiNetStorage
etag: "ed968a92cdf621baf29c2323ec2b1e6b:1664356213.08557"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 14158
expires: Sun, 02 Oct 2022 15:27:07 GMT

GET
H2 200 get Show response
odb.outbrain.com/utils/ 38 KB
15 KB 286ms
285ms Script
text/javascript 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.walla.co.il%2F&idx=2&rand=3528&key=NANOWDGT01&widgetJSId=HPC_2&va=true&et=true&format=html&t=YWY5NGIyOWE1NmE0ZDQ3MzY1Mzk2OTdiYzE1ZjgyNmY=&adblck=false&abwl=false&px=535&py=4391&vpd=3191&cw=865&activeTab=true&darkMode=false&ab=0&wl=0&settings=true&recs=true&version=2000902&sig=kO6C5lSo&apv=false&false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fwww.walla.co.il%2F
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ee63e947493126f1770ea6dafb10dd69bd86cd227981d237aace9e6e52921464

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-cache-hits: 0, 0
date: Sun, 02 Oct 2022 11:27:07 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, HHN, Europe1
x-timer: S1664710028.557127,VS0,VE279
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-served-by: cache-lga13628-LGA, cache-hhn4020-HHN
x-traceid: e3af7cb50bebe1829393dacb2504534f
accept-ranges: bytes
content-length: 14984
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

zwbEK4O0DGnzVIIUkv3m Show response
csync.smilewanted.com/set_partner_userid_get/rtbhouse/ Frame 2A58
Redirect Chain

https://creativecdn.com/cm-notify?pi=smilewanted
https://creativecdn.com/cm-notify?pi=smilewanted&tc=1
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/zwbEK4O0DGnzVIIUkv3m?pi=smilewanted&tc=1

0
440 B

37ms
37ms

Document
text/html

104.18.24.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/zwbEK4O0DGnzVIIUkv3m?pi=smilewanted&tc=1
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.121 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 753d16491d30910c-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 02 Oct 2022 11:27:07 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
date: Sun, 02 Oct 2022 11:27:07 GMT Sun, 02 Oct 2022 11:27:07 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/zwbEK4O0DGnzVIIUkv3m?pi=smilewanted&tc=1
pragma: no-cache

GET
H2 200 get Show response
mv.outbrain.com/Multivac/api/ 25 KB
10 KB 391ms
352ms Script
text/javascript 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fwww.walla.co.il%2F&settings=true&recs=true&widgetJSId=HPP&key=NANOWDGT01&version=2000902&apv=false&sig=kO6C5lSo&format=html&rand=47465&osLang=en-US&va=true&et=true&cmpStat=0&ccpaStat=0&scrW=1600&scrH=1200&t=YWY5NGIyOWE1NmE0ZDQ3MzY1Mzk2OTdiYzE1ZjgyNmY=&winW=1600&winH=1200&adblck=false&abwl=false&secured=true&feedIdx=1&lastIdx=3&lastCardIdx=0&fAB=11731-42692&layeredTestInfo=11731-42692-&dpr=1&cw=282&darkMode=false&activeTab=true&ogn=https%3A%2F%2Fwww.walla.co.il%2F
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/2000902/module/streamFeed.js?e=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 6418a8287a300290910758dc512479a0802cf4c8defc92507d9029be8d31ae02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-cache-hits: 0, 0
date: Sun, 02 Oct 2022 11:27:07 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, HHN, Europe1
x-timer: S1664710028.628150,VS0,VE345
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-served-by: cache-lga21971-LGA, cache-hhn4020-HHN
x-traceid: ad5ef66c407ab793b4fab7be7756448c
accept-ranges: bytes
content-length: 10105
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

setuid Show response
ib.adnxs.com/prebid/ Frame 0E36
Redirect Chain

https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%...
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=8b0dd08cb2e7c58df73197de7d9c1554

43 B
1 KB

7ms
7ms

Document
image/gif

37.252.173.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=8b0dd08cb2e7c58df73197de7d9c1554

Requested by

Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

AN-X-Request-Uuid: 22e7f26b-8a83-43ea-a246-c846aec595ec
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Sun, 02 Oct 2022 11:27:07 GMT
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma: no-cache
Server: nginx/1.21.3
X-Proxy-Origin: 138.199.38.132; 138.199.38.132; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 753d16489c30910c-FRA
content-type: text/html; charset=UTF-8
date: Sun, 02 Oct 2022 11:27:07 GMT
location: https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=8b0dd08cb2e7c58df73197de7d9c1554
server: cloudflare

GET
H2 200 connectmyusers.php Show response
cdn.connectad.io/ Frame 3A17 1 KB
824 B 70ms
37ms Document
text/html 2606:4700:10::6816:36ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 753d16492d7d9018-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 02 Oct 2022 11:27:07 GMT
server: cloudflare

GET
H/1.1

200
OK

getuid Show response
sync.smartadserver.com/ Frame 4A0B
Redirect Chain

https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]
https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1

0
75 B

17ms
17ms

Document
text/plain

185.86.139.115
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.115 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
date: Sun, 02 Oct 2022 11:27:07 GMT

Redirect headers

cache-control: no-cache,no-store
content-length: 0
date: Sun, 02 Oct 2022 11:27:07 GMT
location: https://sync.smartadserver.com:443/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
pragma: no-cache

GET
H2 204 1
sync-eu.connectad.io/syncer/ Frame 6C6B 0
0 39ms
22ms Document
text/plain 2606:4700:10::6816:36ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by: Host: cdn.connectad.io
URL: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://cdn.connectad.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 753d16498e429018-FRA
date: Sun, 02 Oct 2022 11:27:07 GMT
server: cloudflare
via: 1.1 google

GET
H2

200

aba60665-25e0-4476-82a5-857d57af6300&partner_id=1010 Show response
csync.smilewanted.com/set_partner_userid_get/improve/ Frame 067D
Redirect Chain

https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010
https://ice.360yield.com/ul_cb/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/%7BPUB_USER_ID%7D&partner_id=1010
https://csync.smilewanted.com/set_partner_userid_get/improve/aba60665-25e0-4476-82a5-857d57af6300&partner_id=1010

0
489 B

44ms
44ms

Document
text/html

104.18.24.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/improve/aba60665-25e0-4476-82a5-857d57af6300&partner_id=1010
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.121 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 753d1649feeb910c-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 02 Oct 2022 11:27:07 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

access-control-allow-origin: *
content-length: 0
content-type: text/plain
date: Sun, 02 Oct 2022 11:27:07 GMT
location: https://csync.smilewanted.com/set_partner_userid_get/improve/aba60665-25e0-4476-82a5-857d57af6300&partner_id=1010
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 7951 0
0 54ms
10ms Document
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache,no-store,must-revalidate
Content-Type: image/gif
Expires: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
X-RPHost: 66ef90d06496cfd000aab8206f2b6221

GET
H2 200 ob_logo_67x12.png
widgets.outbrain.com/images/widgetIcons/ 2 KB
3 KB 19ms
18ms Image
image/png 184.51.9.223
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/ob_logo_67x12.png
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.223 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-223.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:27:07 GMT
last-modified: Mon, 12 Sep 2022 07:37:47 GMT
server: AkamaiNetStorage
etag: "c52b07e749f7a09fa7b97b7e195e06ce:1662969049.940408"
access-control-allow-methods: GET,POST
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2326
expires: Tue, 01 Nov 2022 11:27:07 GMT

GET
H2 200 11440607.png
s1.adform.net/Banners/Elements/Files/23740/ 734 KB
735 KB 136ms
18ms Image
image/png 37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/23740/11440607.png?bv=1
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: fa08eb6768fc0ec6cb515ad96a042694b2f3462a5c169e7deec79a0a28cda083

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:27:07 GMT
last-modified: Wed, 22 Jun 2022 13:24:25 GMT
server: nginx
x-amz-request-id: tx00000e76ad1bf8e395f5d-0063395a09-3293bf9a-default
etag: "54a3d92e736e3889f343926d97ef8214"
x-cache-status: HIT
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 751755

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 141ms
93ms Fetch
text/plain 70.42.32.159
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=e630670d87b5ecb08586f50cf1249bf0_1769_1664710027778&tm=1732&eT=0&widgetWidth=865&widgetHeight=259&widgetX=535&widgetY=4412&wRV=2000902&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=258&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.159 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Sun, 02 Oct 2022 11:27:07 GMT
access-control-expose-headers: content-range
content-encoding: gzip
X-TraceId: a56cd38b75da424a1b0f9972fc7fdecb
Content-Length: 28
Content-Type: text/plain; charset=UTF-8

GET
H2 200 obPixelFrame.htm Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame EE78 361 B
583 B 19ms
18ms Document
text/html 184.51.9.223
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.223 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-223.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 271
content-type: text/html
date: Sun, 02 Oct 2022 11:27:07 GMT
etag: "06266b158cc1a0b89268d5a7103a27c4:1503211501"
expires: Sun, 09 Oct 2022 11:27:07 GMT
last-modified: Sun, 20 Aug 2017 06:45:01 GMT
server: AkamaiNetStorage
timing-allow-origin: * *
vary: Accept-Encoding

GET
H2 200 obPixelFrame.htm Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 639B 361 B
583 B 20ms
19ms Document
text/html 184.51.9.223
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.223 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-223.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 271
content-type: text/html
date: Sun, 02 Oct 2022 11:27:07 GMT
etag: "06266b158cc1a0b89268d5a7103a27c4:1503211501"
expires: Sun, 09 Oct 2022 11:27:07 GMT
last-modified: Sun, 20 Aug 2017 06:45:01 GMT
server: AkamaiNetStorage
timing-allow-origin: * *
vary: Accept-Encoding

GET
H2 200 obPixelFrame.htm Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame CD48 361 B
583 B 20ms
20ms Document
text/html 184.51.9.223
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.223 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-223.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 271
content-type: text/html
date: Sun, 02 Oct 2022 11:27:07 GMT
etag: "06266b158cc1a0b89268d5a7103a27c4:1503211501"
expires: Sun, 09 Oct 2022 11:27:07 GMT
last-modified: Sun, 20 Aug 2017 06:45:01 GMT
server: AkamaiNetStorage
timing-allow-origin: * *
vary: Accept-Encoding

GET
H2 200 obPixelFrame.htm Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame AEFD 361 B
583 B 20ms
20ms Document
text/html 184.51.9.223
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.223 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-223.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 271
content-type: text/html
date: Sun, 02 Oct 2022 11:27:07 GMT
etag: "06266b158cc1a0b89268d5a7103a27c4:1503211501"
expires: Sun, 09 Oct 2022 11:27:07 GMT
last-modified: Sun, 20 Aug 2017 06:45:01 GMT
server: AkamaiNetStorage
timing-allow-origin: * *
vary: Accept-Encoding

GET
H2 200 obPixelFrame.htm Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 3FC2 361 B
583 B 21ms
19ms Document
text/html 184.51.9.223
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.223 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-223.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 271
content-type: text/html
date: Sun, 02 Oct 2022 11:27:07 GMT
etag: "06266b158cc1a0b89268d5a7103a27c4:1503211501"
expires: Sun, 09 Oct 2022 11:27:07 GMT
last-modified: Sun, 20 Aug 2017 06:45:01 GMT
server: AkamaiNetStorage
timing-allow-origin: * *
vary: Accept-Encoding

GET
H2 200 get Show response
odb.outbrain.com/utils/ 17 KB
5 KB 112ms
112ms Script
text/javascript 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.walla.co.il%2F&idx=3&rand=8421&key=NANOWDGT01&widgetJSId=HPC&va=true&et=true&format=html&t=YWY5NGIyOWE1NmE0ZDQ3MzY1Mzk2OTdiYzE1ZjgyNmY=&adblck=false&abwl=false&px=535&py=11087&vpd=9887&cw=865&activeTab=true&darkMode=false&ab=0&wl=0&settings=true&recs=true&version=2000902&sig=kO6C5lSo&apv=false&false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fwww.walla.co.il%2F
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 507dc4230c89d72e96277d883568f4149aaa15631d45f819700a25db5d3eeda0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-cache-hits: 0, 0
date: Sun, 02 Oct 2022 11:27:07 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, HHN, Europe1
x-timer: S1664710028.863616,VS0,VE106
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-served-by: cache-lga21966-LGA, cache-hhn4020-HHN
x-traceid: f41d618b892b6277ddde4944758186e9
accept-ranges: bytes
content-length: 4500
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 4EE5 15 KB
6 KB 8ms
7ms Document
text/html 23.35.228.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.228.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-228-201.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=78153
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Sun, 02 Oct 2022 11:27:07 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Mon, 03 Oct 2022 09:09:40 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache/2.2.15 (CentOS)
unused62: 8096267
vary: Accept-Encoding

GET
H2 200 obPixelFrame.js Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame EE78 2 KB
1 KB 19ms
19ms Script
application/x-javascript 184.51.9.223
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.223 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-223.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6acd432b3c0c7b85a1d0d9eddd2522fa557f74a0bf41a45498a78506d92f223e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:27:07 GMT
content-encoding: gzip
last-modified: Wed, 28 Sep 2022 08:34:24 GMT
server: AkamaiNetStorage
etag: "489a639403b1828b9cead4841aae6252:1664356302.028467"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 778
expires: Sun, 02 Oct 2022 15:27:07 GMT

GET
H2 200 obPixelFrame.js Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 639B 2 KB
1 KB 19ms
19ms Script
application/x-javascript 184.51.9.223
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.223 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-223.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6acd432b3c0c7b85a1d0d9eddd2522fa557f74a0bf41a45498a78506d92f223e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:27:07 GMT
content-encoding: gzip
last-modified: Wed, 28 Sep 2022 08:34:24 GMT
server: AkamaiNetStorage
etag: "489a639403b1828b9cead4841aae6252:1664356302.028467"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 778
expires: Sun, 02 Oct 2022 15:27:07 GMT

GET
H2 200 obPixelFrame.js Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame CD48 2 KB
1 KB 19ms
19ms Script
application/x-javascript 184.51.9.223
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.223 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-223.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6acd432b3c0c7b85a1d0d9eddd2522fa557f74a0bf41a45498a78506d92f223e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:27:07 GMT
content-encoding: gzip
last-modified: Wed, 28 Sep 2022 08:34:24 GMT
server: AkamaiNetStorage
etag: "489a639403b1828b9cead4841aae6252:1664356302.028467"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 778
expires: Sun, 02 Oct 2022 15:27:07 GMT

GET
H2 200 obPixelFrame.js Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame AEFD 2 KB
1 KB 19ms
19ms Script
application/x-javascript 184.51.9.223
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.223 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-223.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6acd432b3c0c7b85a1d0d9eddd2522fa557f74a0bf41a45498a78506d92f223e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:27:07 GMT
content-encoding: gzip
last-modified: Wed, 28 Sep 2022 08:34:24 GMT
server: AkamaiNetStorage
etag: "489a639403b1828b9cead4841aae6252:1664356302.028467"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 778
expires: Sun, 02 Oct 2022 15:27:07 GMT

GET
H2 200 obPixelFrame.js Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 3FC2 2 KB
1 KB 21ms
20ms Script
application/x-javascript 184.51.9.223
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.223 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-223.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6acd432b3c0c7b85a1d0d9eddd2522fa557f74a0bf41a45498a78506d92f223e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:27:07 GMT
content-encoding: gzip
last-modified: Wed, 28 Sep 2022 08:34:24 GMT
server: AkamaiNetStorage
etag: "489a639403b1828b9cead4841aae6252:1664356302.028467"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 778
expires: Sun, 02 Oct 2022 15:27:07 GMT

GET
H2

200

Yzl1jET6kH7tABQbQ-Cl4QAA%261178 Show response
csync.smilewanted.com/set_partner_userid_get/indexexchange/ Frame 66D8
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=193216&cb=https://csync.smilewanted.com/set_partner_userid_get/indexexchange/
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Findexexchange%2F&s=193216&C=1
https://csync.smilewanted.com/set_partner_userid_get/indexexchange/Yzl1jET6kH7tABQbQ-Cl4QAA%261178

0
779 B

33ms
33ms

Document
text/html

104.18.24.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/indexexchange/Yzl1jET6kH7tABQbQ-Cl4QAA%261178
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.121 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 753d164baa34910c-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 02 Oct 2022 11:27:08 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 753d164b5e04bba3-FRA
content-length: 0
date: Sun, 02 Oct 2022 11:27:08 GMT
expires: 0
location: https://csync.smilewanted.com/set_partner_userid_get/indexexchange/Yzl1jET6kH7tABQbQ-Cl4QAA%261178
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7YbtH00woexQIFw0SLb1agEUwVj6Rw2mxkV13RrRK9TBd3WZPme6eXvhXvh%2FtTQYy2gknp%2B40fqM96wsN4mYkI9Li%2BirJuLTDAJjifGuYi3ij2d%2FloNW4v0Kcocle9REaI%2BI1DMNW%2BDKRA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 4EE5 2 KB
3 KB 62ms
18ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=26344436&p=158810&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 1f852beec0ef79849b44b661efde74bbbac0ec04e4db6126dd965e1a33daf302

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Sun, 02 Oct 2022 11:27:06 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK pixel
amplify-imp.outbrain.com/ Frame EE78 43 B
256 B 435ms
93ms Image
image/gif 70.42.32.159
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amplify-imp.outbrain.com/pixel?p=MW1qguY4qimC59ZgYvg-V_ftJhThHwZ4gxVO4i0Kh0hYAvoSeT3NciW79NMnBSA0eLXat9MezuGl7ySAmD2FfjYCzjTkAgSaFZ3JV7kMvd2zigDctOnQGFA_-u5EpIppaKvxQyqVusZMXnjRle-9Zi1del0H6gLL-0DtQNJ_i4C_EsuW2ulxNEp4_ZilM1EKlFEkp8u7WbnRxA8M6mbHTMGO_G88TBtZjbAl5a5Z14zbz-QrIlsi8Xq0PDwfwl9HRT37erxye9578RvFkJUOYkSVoEKFiopPpSkwAi-C_JvIRj8AmZc0jD9FyIbKHqgkrue2KQ_2lsHFs402laXRnyrdwONm4wsOKG2f5LoufZ5Fb-6I6kVCxwbDXk0G-LEzr8BZQJg3fa6K6s-DGzv_pCetg8Rc5hllit-oq7oZTkrBvaWgjuFf98rAHnnL4vGI7dJvmzYtRqkpgScLnAhgAkqz7LhuchlZfEL_ceqz6imhJCSQ9WjOrDlDYevm5E_Qebh5NmAl7tJCG8PPSCHkfHXYp5AlhanSKy5CkmGNDsQw8t8hz2sx7DB81A9EHWh4LtY6vaMCTlY7xUwZgx6I4fIMRvOfEutT6-S0eYCepj4ggdNMGHMXys7GT4KvxwkW1gZ2vCiUF7C5FwhkCu76w6aVqyveAYZGN29wBN_u3kFMqF43gNSfVqvd9NEgQXAiUlfNB6J5aELA7R3CQ63IsRLK5hwK4UML6nXlITp5g4D8_T8byHZMqovzKoNhdV0bYwlBs-sLfzvIlFft1bT90XXh_BTvCfKUkRzvo_14SldkrmGNbILEzfDdZzsUoFh76pNMN3urIm9sdOrDw_LcK5gUwjDpJhAuFWSULQM6OO-4A3ZOl08Bz550nPnrf1IkQhX5nzUG1drIQCSdk7NRHwrTX7OnkHNwDIu8xxi_nbrp4Myn2wD3XSqGNFttNWOYiaCcRpMxG7LlNDN7YriROGpJUNde4H-fKM3CmRsoiwJ9pkJUDYiczpXFKXRt1nx7TkYqiNMk2PpAQ0ynFkUyl8b3pMXWXe1Dv1vjSoBmmlDH7b0TcrjnWP573gcrYEpM45MDAym8epFuYzHE9Use_ut6vgCtp__l7nDOKK39V0YXibH3Xb3pplBFOwwki6VxS7xEarvqJtdKDSZR-OZsZMvHn9HyNr_Hl23JV8FaJRTIxl4qEHGbss-g80UoXz17Y2VIY83RTCrteEsdb8yjREG-DgzEuQVfwILKdi0WeS7Fbgn2NtDN8fDc1nzxR6V_X_jHNlc2NWFao_Ymb1HTfE83eHPGhCGmO3xtTiDyEU1hEIUd-a_2D_nW4rrq0ihXaqmFEqusw2lCbVoTP82iFxpl7gg6X3Td3FySP6ooNZtPo4sr5gKEuNW6zMpWcsnuwmzEFyE36rWIAx8F4R4bHvuT7sz1rQAoMYgP6UIaQDkiEByFCtgG1a37ve6EfrX1hRSBvwzyYLTuJrXOhqZJzaCB4Ivq4hpFo0q-QmbREZ84Qem4g3VytDe9CvgyXskbnwLnd8MUuhhRTgb1poac_PjC4_jcmmtMUhkWbVLEHq_g7r1uVvwhdGhQwLEqFZQkbghF-HGNdBxGOSXeh_VYu833CEOixX3Y5uGSvBqiIR4&c=5e276cff&v=3
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.159 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Sun, 02 Oct 2022 11:27:08 GMT
Cache-Control: no-cache
content-encoding: gzip
X-TraceId: f0f3ec5d91172d366d7dcc037188b420
Content-Length: 60
Content-Type: image/gif;

GET
H/1.1 200
OK outbrain_bid
ghent-aws-fr.bidswitch.net/win_notice/ Frame 639B 43 B
168 B 225ms
8ms Image
image/gif 3.120.212.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ghent-aws-fr.bidswitch.net/win_notice/outbrain_bid?rid=8MQYqtB6E7_UaYBBWxPamzXr9mWVNoo3maX-rzqlR1obrW0XBgoIxyYGL6tgUTbaquR3uct6zso6537ZkqsWjwvsOxnMOtPWC7yTbvnn68u7QJIWfhPHcy0kRbaG-pIVKYMA7OJqcGaNCh1nhDbfQNM64HFLbMlhdn-21Sm79W-1DDJBJK5PeFA2tO6RHQIMhYq2RnoKzoJb9jEZEoJ-ROzTXjJ76a_WUP9FrlL_qfbupiTZyL40oHsYIoueJPZJEW5i68bftEhNRdqAa4UJ1XLej2-fHPIC0AztRP6GIMZIrnlWa8hAPe6dZASt_UiJq8pbChStF2DEXL4_8m0fHy2nTqI4o4DRjKit-2Se0Annv2_zihPk7cWVmh_0F8NZWDDoHiHIz9SnTKsHgpvEycO8vfzI6AyAj4wdsxSwrMPQ1M_ceqljf4PGsI5DJrunXwqyde9Hzh2fTw8RpBBpyLA-Z4CFNp854N2gJSGN1AwchblUr_PtrsPVEhNpvnapvKPgivQpoiZfycMwHGWIqy9yXFFLA2y90RjgqYh8g7PaCwPzvKMO5dIO762JDG5ZjjSil7yQOeaKjlonXwx93_g4KNQTkbDO5eHGbGVudu-Or4Nv-i76WrJXcW3s7PTGimp78URHdtJnNyQYhyU2I8YZdvtgzGL4TD0ykZppHQLuExvP7-Fvksh0Q-Reo45ek-HQAMrII99f7mdUHbHW9tqDKGwKbqlqeRShHxtJkE2lCYl5oLom2iddfA3qZmFprgLympyIsVgJI1Wz0tsYwtbJ4froQXK3na-B3heQYohTaW1P14kYOQalgQR6wlf--xtruq1cDlVVlepEo3g9vKA6o6I-FbG9TlYb3oZJmohdpisa3E6cECPaUjexBosPD45FynsML5z9ibT6Ex0N_fwloGZiBdYBUvwQlgMgsxfmV5vgfoRLgeUCPTw7qJ-D5XYx6G3M4ic0DYX5xbJUxTCmbOOqE3Eqm6pQLYznuRwQDeuR3FgMhwojxh9Mu7ssxwitdLZZq2jB3tIhSPF4S93pa5scB4EdfMh6DB8S4FF03SBhAWs2n9eY_xWN5ABP1KRA_Tz-VkZ7gWQh1gJPMDM5_sKwv1DXFsX9udKLbsp3ptNDOPwMSOsgSfBrvswS9UzaBFztrmy3P6HnLDv6xyuf2GnqV7_JAjVqdp3Gj0kSHiJj6WxTToT_D16oYKXNBM9SsuBZ3ImJaKzoOsyg87vb2qYIMkLe18Z1cldvFDu1hUptfHKE3bpk4MrAONUFnes1K4uKxq6b48g5a5DTrqcv6hONariCg9nPvwvoSPkrZskGcldOeRVqRcdhUWZCKciem365Vp6ioX6senYs4opZdK4HYaRsge_ovuBpQKqj2Be5puyvKNGvlknAJJ7KTzAxNt8WN8YdTtBtkNU5WcV6yuY-RydpAbCdQurTaiJRHpDpBHXEGrrEBK-cCYEcm2IMrlzHPXJ8oejb63wR7RLab3ZaaaRGd5wdhujlAuHqkm847186gJMPpEyJVm1-xd16efHQ1IlvfWV9g_CsRYq88qnoXv8X2WAN2WzhbEjZ0ANvryw10cJwsZFs5Std8oZLIIn14puBO7eaNvRng8bHfT9cf2oJ9uMLBASMir4ZZqdh09psfupCuOdBYGpTwNZIMsa6_4D-wYZJZnvdTJeH477sL_GjxjU&p=0.0866&aid=
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.212.74 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-212-74.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Sun, 02 Oct 2022 11:27:08 GMT
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

200

winnotice
track.adform.net/rtb/ Frame CD48
Redirect Chain

https://ghent-aws-fr.bidswitch.net/imp/0.0866/BSWhttps_A_B_Btrack.adform.net_Brtb_Bwinnotice_Cbn_R56167187_Jwinparams_RatC4npiLmPtxURYYTdNpB4p9HM83XWaiy2nYn4UiJoNxC31HnPXspgsptvGhoNX88SToQFloQbO8U7...
https://track.adform.net/rtb/winnotice?bn=56167187&winparams=atC4npiLmPtxURYYTdNpB4p9HM83XWaiy2nYn4UiJoNxC31HnPXspgsptvGhoNX88SToQFloQbO8U7EuhrBf8VX0b5KNHciw286-tUrNWNyoy-4otgeXJ66ULKRXfpdmjmzJ-K_u...

0
190 B

19ms
19ms

Image
text/plain

37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.adform.net/rtb/winnotice?bn=56167187&winparams=atC4npiLmPtxURYYTdNpB4p9HM83XWaiy2nYn4UiJoNxC31HnPXspgsptvGhoNX88SToQFloQbO8U7EuhrBf8VX0b5KNHciw286-tUrNWNyoy-4otgeXJ66ULKRXfpdmjmzJ-K_u3LHcSmlXIxxc_dpCBKuUw0J-68SsLM8zYASHXpd1pXYL-dvbRfqtQqpqndjY050x8ETxUnrGW1eJ_QO8_7rsP1jj0&rtbdata=JM0MzCoBr3psAvogrZU3fGsMJauYuieMeqlQ3xll4Le8ZXHPlvdrTrQSuH5_hfCmh16XdaV2C_nb20X6rUKqap3Y2NOdMfBE09ozZztfyqi3BUbtRNhHAAFeFsp3Z4bOR5uKsSGXkli9_k8A9TkUmSmgMgmJ06dLVpryJusTa0FodOxc2CfdQw2&rtbwp=0.092662&adfrnd=1466876707

Requested by

Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm

Protocol

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 02 Oct 2022 11:27:08 GMT
cache-control: private
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"

Redirect headers

Location: https://track.adform.net/rtb/winnotice?bn=56167187&winparams=atC4npiLmPtxURYYTdNpB4p9HM83XWaiy2nYn4UiJoNxC31HnPXspgsptvGhoNX88SToQFloQbO8U7EuhrBf8VX0b5KNHciw286-tUrNWNyoy-4otgeXJ66ULKRXfpdmjmzJ-K_u3LHcSmlXIxxc_dpCBKuUw0J-68SsLM8zYASHXpd1pXYL-dvbRfqtQqpqndjY050x8ETxUnrGW1eJ_QO8_7rsP1jj0&rtbdata=JM0MzCoBr3psAvogrZU3fGsMJauYuieMeqlQ3xll4Le8ZXHPlvdrTrQSuH5_hfCmh16XdaV2C_nb20X6rUKqap3Y2NOdMfBE09ozZztfyqi3BUbtRNhHAAFeFsp3Z4bOR5uKsSGXkli9_k8A9TkUmSmgMgmJ06dLVpryJusTa0FodOxc2CfdQw2&rtbwp=0.092662&adfrnd=1466876707
Date: Sun, 02 Oct 2022 11:27:08 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 /
track.adform.net/serving/event/ Frame AEFD 35 B
295 B 97ms
21ms Image
image/gif 37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.adform.net/serving/event/?bn=56167187&event=179&rtbdata=JM0MzCoBr3psAvogrZU3fGsMJauYuieMeqlQ3xll4Le8ZXHPlvdrTrQSuH5_hfCmh16XdaV2C_nb20X6rUKqap3Y2NOdMfBE09ozZztfyqi3BUbtRNhHAAFeFsp3Z4bOR5uKsSGXkli9_k8A9TkUmSmgMgmJ06dLVpryJusTa0FodOxc2CfdQw2

Requested by

Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

GET
H2

200

ztpv.php
www.conrad.de/ Frame 3FC2
Redirect Chain

https://www.awin1.com/cshow.php?s=2470167&v=11354&q=377133&r=300627&pv=1&viewref=native
https://www.zenaps.com/cshow.php?pvr=263f6960-4245-11ed-85db-22335d251430&v=11354&r=300627&q=377133&s=2470167&viewref=native&pv=1
https://www.conrad.de/ztpv.php?awc=11354_300627_1664710028_263f6960-4245-11ed-85db-22335d251430&insert=AW&&gdpr=&gdpr_consent=

0
292 B

206ms
55ms

Image
text/html

2606:4700::6812:7f05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.conrad.de/ztpv.php?awc=11354_300627_1664710028_263f6960-4245-11ed-85db-22335d251430&insert=AW&&gdpr=&gdpr_consent=

Requested by

Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm

Protocol

Server

2606:4700::6812:7f05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:27:08 GMT
via: 1.1 varnish (Varnish/6.6)
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=15552000
age: 0
p3p: policyref="http://www.conrad.de/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
x-varnish: 935756083
content-type: text/html; charset=UTF-8
cache-control: no-cache
server-timing: intid;desc=54e14752630e6624
cf-ray: 753d164e787cbbbc-FRA
expires: -1

Redirect headers

Date: Sun, 02 Oct 2022 11:27:08 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://www.conrad.de/ztpv.php?awc=11354_300627_1664710028_263f6960-4245-11ed-85db-22335d251430&insert=AW&&gdpr=&gdpr_consent=
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 94ms
94ms Fetch
text/plain 70.42.32.159
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=ce6eceb6bfd4ebf73596093110874970_1769_1664710027923&tm=1863&eT=0&widgetWidth=865&widgetHeight=44&widgetX=535&widgetY=11146&wRV=2000902&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&rtt=116&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.159 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Sun, 02 Oct 2022 11:27:08 GMT
access-control-expose-headers: content-range
content-encoding: gzip
X-TraceId: 2222e516d08c0c3ab5ba846542800183
Content-Length: 28
Content-Type: text/plain; charset=UTF-8

POST
H2 200 events Show response
khn.crowdad.io/ 0
104 B 46ms
45ms XHR
text/plain 63.32.245.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://khn.crowdad.io/events
Requested by: Host: d2r08ja41ypc0t.cloudfront.net
URL: https://d2r08ja41ypc0t.cloudfront.net/WALLA/kahoona-idx-live.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.32.245.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-32-245-11.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.walla.co.il
date: Sun, 02 Oct 2022 11:27:08 GMT
access-control-allow-credentials: true
content-length: 0

OPTIONS
H2 200 events
khn.crowdad.io/ Frame 0
0 29ms
28ms Preflight 63.32.245.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://khn.crowdad.io/events
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.32.245.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-32-245-11.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.walla.co.il
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://www.walla.co.il
content-length: 0
date: Sun, 02 Oct 2022 11:27:08 GMT

GET
H2 200 singleAnimationOnFeed.js Show response
widgets.outbrain.com/nanoWidget/2000902/module/ 503 B
811 B 19ms
19ms Script
application/x-javascript 184.51.9.223
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/2000902/module/singleAnimationOnFeed.js?e=1
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.223 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-223.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 9492a9a61386b1a6c0a061fff5f1f2ea56fc34b8b05e62d6fd8941fd6ccde457

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:27:08 GMT
last-modified: Wed, 28 Sep 2022 08:34:27 GMT
server: AkamaiNetStorage
etag: "9a0271bbf957b4aba127a804f9d1dbd3:1664356207.560225"
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 503
expires: Sun, 02 Oct 2022 15:27:08 GMT

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 94ms
93ms Fetch
text/plain 70.42.32.159
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=37c7e0d4f1e2e3d8b2b447372fb32aea_1769_1664710027916&tm=1892&eT=0&widgetWidth=282&widgetHeight=200&widgetX=209&widgetY=1260&wRV=2000902&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=143&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.159 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Sun, 02 Oct 2022 11:27:08 GMT
access-control-expose-headers: content-range
content-encoding: gzip
X-TraceId: 3ec025918cf1fc46d5c7af094f05ecf7
Content-Length: 28
Content-Type: text/plain; charset=UTF-8

GET obPixelFrame.htm
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 90A9 0
0

GET obPixelFrame.htm
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 8A2F 0
0

GET obPixelFrame.htm
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame CC51 0
0

GET obPixelFrame.htm
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame B519 0
0

GET obPixelFrame.htm
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 0E8A 0
0

GET
H2 200 obPixelFrame.htm Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 7FB6 361 B
583 B 18ms
18ms Document
text/html 184.51.9.223
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.223 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-223.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 271
content-type: text/html
date: Sun, 02 Oct 2022 11:27:08 GMT
etag: "06266b158cc1a0b89268d5a7103a27c4:1503211501"
expires: Sun, 09 Oct 2022 11:27:08 GMT
last-modified: Sun, 20 Aug 2017 06:45:01 GMT
server: AkamaiNetStorage
timing-allow-origin: * *
vary: Accept-Encoding

GET
H2 200 obPixelFrame.htm Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 479D 361 B
583 B 19ms
18ms Document
text/html 184.51.9.223
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.223 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-223.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 271
content-type: text/html
date: Sun, 02 Oct 2022 11:27:08 GMT
etag: "06266b158cc1a0b89268d5a7103a27c4:1503211501"
expires: Sun, 09 Oct 2022 11:27:08 GMT
last-modified: Sun, 20 Aug 2017 06:45:01 GMT
server: AkamaiNetStorage
timing-allow-origin: * *
vary: Accept-Encoding

GET
H2 200 obPixelFrame.htm Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 6004 361 B
583 B 19ms
19ms Document
text/html 184.51.9.223
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.223 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-223.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 271
content-type: text/html
date: Sun, 02 Oct 2022 11:27:08 GMT
etag: "06266b158cc1a0b89268d5a7103a27c4:1503211501"
expires: Sun, 09 Oct 2022 11:27:08 GMT
last-modified: Sun, 20 Aug 2017 06:45:01 GMT
server: AkamaiNetStorage
timing-allow-origin: * *
vary: Accept-Encoding

GET
H2 200 obPixelFrame.htm Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame BE12 361 B
583 B 19ms
19ms Document
text/html 184.51.9.223
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.223 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-223.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 271
content-type: text/html
date: Sun, 02 Oct 2022 11:27:08 GMT
etag: "06266b158cc1a0b89268d5a7103a27c4:1503211501"
expires: Sun, 09 Oct 2022 11:27:08 GMT
last-modified: Sun, 20 Aug 2017 06:45:01 GMT
server: AkamaiNetStorage
timing-allow-origin: * *
vary: Accept-Encoding

GET
H2 200 obPixelFrame.htm Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 3522 361 B
583 B 26ms
24ms Document
text/html 184.51.9.223
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.223 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-223.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 271
content-type: text/html
date: Sun, 02 Oct 2022 11:27:08 GMT
etag: "06266b158cc1a0b89268d5a7103a27c4:1503211501"
expires: Sun, 09 Oct 2022 11:27:08 GMT
last-modified: Sun, 20 Aug 2017 06:45:01 GMT
server: AkamaiNetStorage
timing-allow-origin: * *
vary: Accept-Encoding

GET
H2 200 get Show response
mv.outbrain.com/Multivac/api/ 88 KB
20 KB 886ms
885ms Script
text/javascript 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fwww.walla.co.il%2F&settings=true&recs=true&widgetJSId=HPC&key=NANOWDGT01&version=2000902&apv=true&sig=kO6C5lSo&format=html&rand=12501&osLang=en-US&va=true&et=true&cmpStat=0&ccpaStat=0&scrW=1600&scrH=1200&t=YWY5NGIyOWE1NmE0ZDQ3MzY1Mzk2OTdiYzE1ZjgyNmY=&winW=1600&winH=1200&adblck=false&abwl=false&secured=true&feedIdx=3&lastIdx=4&lastCardIdx=0&fAB=11741-0&layeredTestInfo=11741-0-&dpr=1&cw=865&darkMode=false&activeTab=true&ogn=https%3A%2F%2Fwww.walla.co.il%2F
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/2000902/module/streamFeed.js?e=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0fc18ae340c578b9e1de7e2478f42f0b7f194c0bed55247b789713e12b07213a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-cache-hits: 0, 0
date: Sun, 02 Oct 2022 11:27:08 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, HHN, Europe1
x-timer: S1664710028.027282,VS0,VE876
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-served-by: cache-lga21965-LGA, cache-hhn4020-HHN
x-traceid: c12c3b498e6c624adda0598747672dca
accept-ranges: bytes
content-length: 20156
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 49ms
32ms XHR
application/json 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20221002

Requested by

Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1664668800000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7d05c6e2a8b56dd34488102a008c4606f7ec6d6694944381b2507b8e2d10c315

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 02 Oct 2022 11:27:08 GMT
x-content-type-options: nosniff
content-encoding: gzip
age: 30371
x-jsd-version: 1.0.1480
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 887
x-served-by: cache-fra19153-FRA, cache-hhn4081-HHN
x-jsd-version-type: version
etag: W/"66b-W3SV49gnnjOX1vpRp2Aa15JmeAg"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 localstore.js Show response
script.4dex.io/ 483 B
868 B 55ms
22ms Script
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1664668800000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:27:08 GMT
x-amz-version-id: 1664182876788516
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: txf5cf154e0392457a9b96f-0063316a9c
age: 527088
x-amz-id-2: txf5cf154e0392457a9b96f-0063316a9c
last-modified: Mon, 26 Sep 2022 09:01:16 GMT
server: cloudflare
etag: W/"922cffdd75f7192f75231d92684885aa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KiIG2pqQX0stjey2YtUyZwkX2MYHVCWBUnbIb3ocrweoaQxnx3QQ6s0grDobTFCgpMyjF6uelOU8hlMNAaUhc%2Ft4tEF%2FiHstgJoPC87VFtCdS3h%2FQYwx4EUJBKbEBk8v82oMDdP2XWkOEdlC"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=1800
cf-ray: 753d164b9b8692a8-FRA

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
362 B 58ms
16ms XHR
application/json 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1664668800000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://www.walla.co.il
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 200 cdb Show response
bidder.criteo.com/ 18 B
313 B 85ms
46ms XHR
application/json 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.29.3&cb=25402929468

Requested by

Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1664668800000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 02 Oct 2022 11:27:07 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.walla.co.il
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
36 B 82ms
69ms XHR
text/plain 104.18.24.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1664668800000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.121 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 02 Oct 2022 11:27:08 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://www.walla.co.il
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 753d164b8a11910c-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
36 B 74ms
62ms XHR
text/plain 104.18.24.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1664668800000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.121 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 02 Oct 2022 11:27:08 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://www.walla.co.il
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 753d164b8a13910c-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
67 B 67ms
55ms XHR
text/plain 104.18.24.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1664668800000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.121 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 02 Oct 2022 11:27:08 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://www.walla.co.il
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 753d164b8a14910c-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
36 B 68ms
56ms XHR
text/plain 104.18.24.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1664668800000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.121 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 02 Oct 2022 11:27:08 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://www.walla.co.il
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 753d164b8a18910c-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 13 KB
7 KB 109ms
109ms XHR
application/json 37.252.173.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1664668800000

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

ec2-35-158-204-42.eu-central-1.compute.amazonaws.com

Software

nginx/1.21.3 /

Resource Hash

5ab5d5acdf8f6b0bd871d8deff081e47491223f63980620a0ab230efabc525c7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 02 Oct 2022 11:27:08 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 138.199.38.132; 138.199.38.132; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 071802fe-4bc2-4b24-9342-3a5e3b49d877
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.walla.co.il
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 24 B
647 B 94ms
33ms XHR
application/json 72.251.249.13
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.29.3
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1664668800000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.13 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: 560cbe0fea8475dc2b1e3829c36e7a3c559be21434f476219e4f5c121b3be6d4

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 02 Oct 2022 11:27:08 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://www.walla.co.il
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 24

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 416 B
1 KB 185ms
125ms XHR
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=9&alt_size_ids=8&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.ref=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.page=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.domain=walla.co.il&tg_i.pbadslot=43010785%2Fwallanews%2Fmain%2Fskyscraper_desktop&tk_flint=pbjs_lite_v6.29.3&x_source.tid=6c8be40c-9668-4193-a199-2c697db8382f&l_pb_bid_id=28237d2cde493a3&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Fmain%2Fskyscraper_desktop&slots=1&rand=0.5361676360767078
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1664668800000
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 6879fca8a9f980cd3bc02cbdddaf662a118569a596746634e72beaeae4509fdf

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 02 Oct 2022 11:27:08 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://www.walla.co.il
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 416
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 402 B
1 KB 123ms
63ms XHR
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=15&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.ref=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.page=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.domain=walla.co.il&tg_i.pbadslot=43010785%2Fwallanews%2Fmain%2Fyad2_rectangle_desktop&tk_flint=pbjs_lite_v6.29.3&x_source.tid=e8d89520-dac6-43f2-b471-85601090c5da&l_pb_bid_id=29b842a0829d4b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Fmain%2Fyad2_rectangle_desktop&slots=1&rand=0.3418145224106657
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1664668800000
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 5d96b8bd0e30fb2b221e06a30706693aec7c95370cbccd07eb39a8abbb329a3c

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 02 Oct 2022 11:27:08 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://www.walla.co.il
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 402
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 398 B
1 KB 117ms
56ms XHR
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=15&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.ref=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.page=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.domain=walla.co.il&tg_i.pbadslot=43010785%2Fwallanews%2Fmain%2Fshopping_rectangle&tk_flint=pbjs_lite_v6.29.3&x_source.tid=ea144d89-4055-4e64-90f9-b6911e01c4d4&l_pb_bid_id=308ed8162bcfaf8&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Fmain%2Fshopping_rectangle&slots=1&rand=0.8803386984490027
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1664668800000
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 4fa7238307f7bab9921c8141f99fd5d8819269e10b45ba07b4c07c9c029b7fd0

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 02 Oct 2022 11:27:08 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://www.walla.co.il
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 398
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 409 B
1 KB 168ms
107ms XHR
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=15&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.ref=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.page=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.domain=walla.co.il&tg_i.pbadslot=43010785%2Fwallanews%2Fmain%2Fsport_small_rectangle_desktop&tk_flint=pbjs_lite_v6.29.3&x_source.tid=3422906a-9c20-4d98-8783-236ebf60654c&l_pb_bid_id=3162c4eca8bc82d&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Fmain%2Fsport_small_rectangle_desktop&slots=1&rand=0.4453441821360733
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1664668800000
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 222b4bb16958cfa3e29b9143fd2c400d4384ca8c2c29b5d504ec3a96b915c3eb

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 02 Oct 2022 11:27:08 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://www.walla.co.il
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 409
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
507 B 260ms
212ms XHR
application/json 35.158.204.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=6.29.3&referrer=https%3A%2F%2Fwww.walla.co.il%2F&tmax=3000

Requested by

Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1664668800000

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.158.204.42 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:08 GMT
accept-ch: user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.walla.co.il
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 57 KB
14 KB 246ms
232ms XHR
application/json 37.252.173.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1664668800000

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

5730751b1981d11ec109c56eb8e0bee4aceaa83be51f8a70f7d3094ab3f6b5a8

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 02 Oct 2022 11:27:08 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 138.199.38.132; 138.199.38.132; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 248cd80a-a63b-4762-9793-d33061df03a9
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.walla.co.il
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 prebid Show response
mp.4dex.io/ 114 B
499 B 101ms
70ms XHR
application/json 2606:4700::6812:272
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1664668800000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31be80d66cda5df586b69c32751c10f65ac8ac26dd5975b049bcf8acac813fc5

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:08 GMT
x-err: Shapings: no adunits with size and seat and mapping
via: 1.1 google
cf-cache-status: DYNAMIC
content-encoding: gzip
server: cloudflare
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.walla.co.il
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 753d164bcb4f9104-FRA
expires: 0

GET
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
569 B 81ms
53ms XHR
application/json 104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=715831&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2248bd9c5704448c1%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.walla.co.il%2F%22%2C%22ref%22%3A%22https%3A%2F%2Fwww.walla.co.il%2F%22%2C%22domain%22%3A%22walla.co.il%22%2C%22publisher%22%3A%7B%22domain%22%3A%22walla.co.il%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A5%2C%22msi%22%3A5%2C%22mfu%22%3A0%2C%22bu%22%3A4%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A4%2C%22ren%22%3Afalse%2C%22version%22%3A%226.29.3%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fwww.walla.co.il%2F%22%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2249255f627f0316f%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A120%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22715831%22%2C%22sid%22%3A%22120x600%22%7D%7D%2C%7B%22w%22%3A160%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22715831%22%2C%22sid%22%3A%22160x600%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%2243010785%2Fwallanews%2Fmain%2Fskyscraper_desktop%22%2C%22gpid%22%3A%2243010785%2Fwallanews%2Fmain%2Fskyscraper_desktop%22%7D%7D%2C%7B%22id%22%3A%22511cd0d5862889c%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22715831%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%2243010785%2Fwallanews%2Fmain%2Fyad2_rectangle_desktop%22%2C%22gpid%22%3A%2243010785%2Fwallanews%2Fmain%2Fyad2_rectangle_desktop%22%7D%7D%2C%7B%22id%22%3A%2252130dd9ea8dc71%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22715831%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%2243010785%2Fwallanews%2Fmain%2Fshopping_rectangle%22%2C%22gpid%22%3A%2243010785%2Fwallanews%2Fmain%2Fshopping_rectangle%22%7D%7D%2C%7B%22id%22%3A%22533b9fb668857bd%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22715831%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%2243010785%2Fwallanews%2Fmain%2Fsport_small_rectangle_desktop%22%2C%22gpid%22%3A%2243010785%2Fwallanews%2Fmain%2Fsport_small_rectangle_desktop%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22valuad.io%22%2C%22sid%22%3A%2215113%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1664668800000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a448d1d6bc6a9d23f85c4d833d47b6eba3479fe9338aae85bdecffd1b2ffd232

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:08 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jhIqFogc7cyWI4jGJVDbUK%2BYLW3%2F0QIMU1%2B6QdoAi4Kav%2Bzomv9lFsqGtQ8G6mNK0jTga%2F0KZGqup6i6sI1jNRi7vjXI3uPXzHDCQJzVBwamU3WLS9eok8IPBLIB191Jsnqk0%2Fol"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.walla.co.il
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 753d164bcae4bbdf-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
expires: 0

GET
H2 200 arj Show response
u.openx.net/w/1.0/ 73 B
378 B 94ms
22ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.walla.co.il%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=6c8be40c-9668-4193-a199-2c697db8382f%2Ce8d89520-dac6-43f2-b471-85601090c5da%2Cea144d89-4055-4e64-90f9-b6911e01c4d4%2C3422906a-9c20-4d98-8783-236ebf60654c&nocache=1664710028097&ph=699eab9c-3b10-4094-afdb-80584fcca830&schain=1.0%2C1!valuad.io%2C15113%2C1%2C%2C%2C&aus=120x600%2C160x600%7C300x250%7C300x250%7C300x250&divids=adSlot-2%2CadSlot-4%2CadSlot-5%2CadSlot-7&aucs=43010785%252Fwallanews%252Fmain%252Fskyscraper_desktop%2C43010785%252Fwallanews%252Fmain%252Fyad2_rectangle_desktop%2C43010785%252Fwallanews%252Fmain%252Fshopping_rectangle%2C43010785%252Fwallanews%252Fmain%252Fsport_small_rectangle_desktop&auid=544104782%2C544104782%2C544104782%2C544104782
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1664668800000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 7cd54757f6878501624365ad73604e7a494fbf41fd4435521711364a7d0ccf37

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:08 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: application/json
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.walla.co.il
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
337 B 124ms
19ms XHR
application/json 185.86.138.123
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1664668800000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.123 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:07 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.walla.co.il
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
337 B 122ms
18ms XHR
application/json 185.86.138.123
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1664668800000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.123 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:07 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.walla.co.il
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
337 B 124ms
19ms XHR
application/json 185.86.138.123
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1664668800000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.123 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:07 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.walla.co.il
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
337 B 123ms
18ms XHR
application/json 185.86.138.123
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1664668800000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.123 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:07 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.walla.co.il
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
170 B 54ms
14ms XHR
text/plain 147.75.85.234
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1664668800000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain

Response headers

x-nbr: 8
date: Sun, 02 Oct 2022 11:27:07 GMT
server: envoy
vary: origin, Accept-Encoding
access-control-allow-origin: https://www.walla.co.il
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
116 B 501ms
52ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1664668800000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.walla.co.il
date: Sun, 02 Oct 2022 11:27:08 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK / Show response
b1h-euc1.zemanta.com/api/bidder/prebid/bid/ 12 KB
6 KB 214ms
142ms XHR
application/json 213.227.153.221
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://b1h-euc1.zemanta.com/api/bidder/prebid/bid/
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1664668800000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.227.153.221 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: v182.ce14.ams-01.nl.leaseweb.net
Software: /
Resource Hash: 08eec20fa14ece31f2d8d3fb4f518bb97136227f305cddd711121a456c194c50

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.walla.co.il
Date: Sun, 02 Oct 2022 11:27:08 GMT
Content-Encoding: gzip
Access-Control-Allow-Credentials: true
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/json

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
337 B 116ms
18ms XHR
application/json 185.86.138.123
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1664668800000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.123 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:07 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.walla.co.il
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
337 B 116ms
19ms XHR
application/json 185.86.138.123
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1664668800000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.123 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:07 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.walla.co.il
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
337 B 135ms
18ms XHR
application/json 185.86.138.123
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1664668800000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.123 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:07 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.walla.co.il
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 200 v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ 16 KB
7 KB 129ms
90ms XHR
application/json 185.255.84.151
IGUANE-

General

Check archive.org

Show headers Download Go to

Full URL

https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.walla.co.il%2F&CanonicalUrl=https%3A%2F%2Fwww.walla.co.il%2F&PublisherDomain=walla.co.il

Requested by

Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1664668800000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.151 Ivry-sur-Seine, France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

5412ae462469652806f14a5646cd2b525510af6d47c0779875db8a69ef0ce291

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ayl-lb-fra02
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.walla.co.il
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 73
vary: Accept-Encoding
access-control-allow-headers: Accept-Encoding, Content-Type
expires: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 121ms
48ms Script
application/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.walla.co.il

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:27:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 114ms
46ms Script
application/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.walla.co.il

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:27:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 48 KB
18 KB 485ms
483ms XHR
text/plain 142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1831061958089898&correlator=4370010800060306&eid=31068501%2C44761477%2C31068356&output=ldjh&gdfp_req=1&vrg=2022092701&ptt=17&impl=fifs&iu_parts=43010785%2Cwallanews%2Cmain%2Cnickbar_desktop%2Ctop_desktop%2Cpremium_rectangle1_desktop%2Cdontmiss_strip_desktop%2Crm1_desktop%2Crm2_desktop%2Crm3_desktop%2Crm4_desktop%2Crm5_desktop%2Crm6_desktop%2Crm7_desktop%2Crm8_desktop%2Crm9_desktop%2Crm10_desktop%2Crm11_desktop%2Crm12_desktop&enc_prev_ius=0%2F1%2F2%2F3%2C0%2F1%2F2%2F4%2C0%2F1%2F2%2F5%2C0%2F1%2F2%2F6%2C0%2F1%2F2%2F7%2C0%2F1%2F2%2F8%2C0%2F1%2F2%2F9%2C0%2F1%2F2%2F10%2C0%2F1%2F2%2F11%2C0%2F1%2F2%2F12%2C0%2F1%2F2%2F13%2C0%2F1%2F2%2F14%2C0%2F1%2F2%2F15%2C0%2F1%2F2%2F16%2C0%2F1%2F2%2F17%2C0%2F1%2F2%2F18&prev_iu_szs=1200x40%2C1x1%7C480x1%7C480x270%7C640x753%7C640x1%7C770x430%7C728x90%7C720x300%7C970x2%7C970x1%7C970x90%7C970x130%7C970x180%7C970x250%7C970x330%7C970x350%7C970x550%7C990x160%7C1200x1%7C1200x90%7C1200x250%7C1200x330%7C1200x350%7C1200x550%2C300x200%2C320x50%7C865x190%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1&fluid=0%2C0%2C0%2Cheight%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ifi=1&adks=1750305995%2C885339185%2C2822717126%2C3185403617%2C581680297%2C3350566118%2C627877340%2C4035892786%2C2413266993%2C3423946703%2C941261747%2C3384287594%2C2655517678%2C199863102%2C41169729%2C2603141497&sfv=1-0-38&ists=4095&fsapi=false&prev_scp=slot_name%3Dnickbar_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Dtop_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Dpremium_rectangle1_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Ddontmiss_strip_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm1_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm2_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm3_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm4_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm5_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm6_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm7_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm8_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm9_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm10_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm11_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm12_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1&eri=1&cust_params=permutive%3D&sc=1&cookie_enabled=1&abxe=1&dt=1664710028129&lmt=1664710028&dlt=1664710025328&idt=346&adxs=200%2C920%2C200%2C535%2C800%2C800%2C800%2C800%2C800%2C800%2C800%2C800%2C800%2C800%2C800%2C800&adys=1200%2C20%2C1192%2C2789%2C11339%2C11339%2C11339%2C11339%2C11339%2C11339%2C11339%2C11339%2C11339%2C11339%2C11339%2C11339&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1%7C0%7C0%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7C10%7C11%7C12%7C13%7C14&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf%7Cg&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.walla.co.il%2F&frm=20&vis=1&psz=0x-1%7C1200x0%7C300x0%7C865x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0&msz=1200x-1%7C480x0%7C300x0%7C865x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0&fws=644%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132&ohw=0%2C1200%2C300%2C865%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600&ga_vid=1337039213.1664710026&ga_sid=1664710028&ga_hid=619783834&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

49.158.204.35.bc.googleusercontent.com

Software

cafe /

Resource Hash

d7efd4498236fbb77551acddefddaf59dfa5729e34e0000371350a25df8a7846

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:27:08 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18106
x-xss-protection: 0
google-lineitem-id: -2,-1,-1,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-1,-1,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.walla.co.il
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3589 6 KB
4 KB 179ms
15ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 02 Oct 2022 11:27:08 GMT
expires: Mon, 02 Oct 2023 11:27:08 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 obPixelFrame.js Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 7FB6 2 KB
1 KB 20ms
19ms Script
application/x-javascript 184.51.9.223
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.223 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-223.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6acd432b3c0c7b85a1d0d9eddd2522fa557f74a0bf41a45498a78506d92f223e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:27:08 GMT
content-encoding: gzip
last-modified: Wed, 28 Sep 2022 08:34:24 GMT
server: AkamaiNetStorage
etag: "489a639403b1828b9cead4841aae6252:1664356302.028467"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 778
expires: Sun, 02 Oct 2022 15:27:08 GMT

GET
H2 200 obPixelFrame.js Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 479D 2 KB
1 KB 19ms
18ms Script
application/x-javascript 184.51.9.223
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.223 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-223.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6acd432b3c0c7b85a1d0d9eddd2522fa557f74a0bf41a45498a78506d92f223e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:27:08 GMT
content-encoding: gzip
last-modified: Wed, 28 Sep 2022 08:34:24 GMT
server: AkamaiNetStorage
etag: "489a639403b1828b9cead4841aae6252:1664356302.028467"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 778
expires: Sun, 02 Oct 2022 15:27:08 GMT

GET
H2 200 obPixelFrame.js Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 6004 2 KB
1 KB 35ms
35ms Script
application/x-javascript 184.51.9.223
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.223 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-223.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6acd432b3c0c7b85a1d0d9eddd2522fa557f74a0bf41a45498a78506d92f223e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:27:08 GMT
content-encoding: gzip
last-modified: Wed, 28 Sep 2022 08:34:24 GMT
server: AkamaiNetStorage
etag: "489a639403b1828b9cead4841aae6252:1664356302.028467"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 778
expires: Sun, 02 Oct 2022 15:27:08 GMT

GET
H2 200 obPixelFrame.js Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame BE12 2 KB
1 KB 30ms
29ms Script
application/x-javascript 184.51.9.223
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.223 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-223.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6acd432b3c0c7b85a1d0d9eddd2522fa557f74a0bf41a45498a78506d92f223e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:27:08 GMT
content-encoding: gzip
last-modified: Wed, 28 Sep 2022 08:34:24 GMT
server: AkamaiNetStorage
etag: "489a639403b1828b9cead4841aae6252:1664356302.028467"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 778
expires: Sun, 02 Oct 2022 15:27:08 GMT

GET
H2 200 obPixelFrame.js Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 3522 2 KB
1 KB 20ms
20ms Script
application/x-javascript 184.51.9.223
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.223 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-223.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6acd432b3c0c7b85a1d0d9eddd2522fa557f74a0bf41a45498a78506d92f223e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:27:08 GMT
content-encoding: gzip
last-modified: Wed, 28 Sep 2022 08:34:24 GMT
server: AkamaiNetStorage
etag: "489a639403b1828b9cead4841aae6252:1664356302.028467"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 778
expires: Sun, 02 Oct 2022 15:27:08 GMT

GET
H2

200

match Show response
c1.adform.net/serving/cookie/ Frame 4BF5
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&cid=ABA4E9BE-9366-46AF-8704-5C27B54DA2E6
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=ABA4E9BE-9366-46AF-8704-5C27B54DA2E6

35 B
468 B

20ms
20ms

Document
image/gif

37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=ABA4E9BE-9366-46AF-8704-5C27B54DA2E6

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
date: Sun, 02 Oct 2022 11:27:08 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 0
date: Sun, 02 Oct 2022 11:27:08 GMT
expires: -1
location: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=ABA4E9BE-9366-46AF-8704-5C27B54DA2E6
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame 9569 43 B
364 B 58ms
17ms Document
image/gif 178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-type: image/gif
cross-origin-resource-policy: cross-origin
date: Sun, 02 Oct 2022 11:27:07 GMT
expires: Sun, 02 Oct 2022 00:00:00 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 1066308
strict-transport-security: max-age=31536000; preload;
x-errorlevel: 0

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame AFC7
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2626054664376082177

0
74 B

13ms
13ms

Document
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2626054664376082177
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 02 Oct 2022 11:27:07 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2626054664376082177
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 39A1
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:b32a6339-758c-4d00-b7ec-6f8554e7664f&gdpr=0&gdpr_consent=

0
74 B

19ms
18ms

Document
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:b32a6339-758c-4d00-b7ec-6f8554e7664f&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 02 Oct 2022 11:27:08 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Content-Type: image/gif
Date: Sun, 02 Oct 2022 11:27:08 GMT
Expires: Sun, 02 Oct 2022 11:27:07 GMT
Keep-Alive: timeout=360
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 4525 e1952b7 master cdg-pixel-x16 config:1.0.0
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:b32a6339-758c-4d00-b7ec-6f8554e7664f&gdpr=0&gdpr_consent=

GET
H2 200 ABA4E9BE-9366-46AF-8704-5C27B54DA2E6 Show response
csync.smilewanted.com/set_partner_userid_get/pubmatic/ Frame 3E0B 0
616 B 44ms
42ms Document
text/html 104.18.24.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/pubmatic/ABA4E9BE-9366-46AF-8704-5C27B54DA2E6
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.121 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 753d164c8c0c910c-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 02 Oct 2022 11:27:08 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 4EE5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=q6TpvpNmRq-HBFwntU2i5g%3D%3D
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

15 KB
15 KB

7ms
7ms

Image
text/html

23.35.228.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol: H2
Server: 23.35.228.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-228-201.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

unused62: 8096267
date: Sun, 02 Oct 2022 11:27:08 GMT
content-encoding: gzip
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
server: Apache/2.2.15 (CentOS)
etag: "1300708-3de4-5d6ef246ef4cf"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type: text/html; charset=UTF-8
cache-control: max-age=78152
accept-ranges: bytes
content-length: 5549
expires: Mon, 03 Oct 2022 09:09:40 GMT

Redirect headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:08 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 4EE5
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=1b746339-758c-4a00-b058-70bfc4850e28

0
179 B

96ms
13ms

Image
text/plain

198.47.127.20
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=1b746339-758c-4a00-b058-70bfc4850e28
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol: H2
Server: 198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:27:07 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Sun, 02 Oct 2022 11:27:08 GMT
Server: MT3 4525 e1952b7 master cdg-pixel-x34 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=1b746339-758c-4a00-b058-70bfc4850e28
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 02 Oct 2022 11:27:07 GMT

GET
H/1.1

200
OK

pixel
ps.eyeota.net/ Frame 4EE5
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=ABA4E9BE-9366-46AF-8704-5C27B54DA2E6
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1&xl8blockcheck=1
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=1bf55afce99a6bd5696fd7538a1b5926&gdpr=1
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=c3511831b9ca450a/gdpr=1/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD/tpid=c3511831b9ca450a/gdpr=1/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdp...
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1&gdpr_consent=${gdpr_consent}
https://pixel.onaudience.com/?partner=190&icm&cver&gdpr=1&gdpr_consent=${gdpr_consent}&smartmap=1&redirect=ps.eyeota.net%2Fpixel%3Fgdpr%3D1%26gdpr_consent%3D${gdpr_consent}%26pid%3D3b2cb90%26t%3Dgi...
https://ps.eyeota.net/pixel?gdpr=1&gdpr_consent=${gdpr_consent}&pid=3b2cb90&t=gif&uid=cc5f7980b35024e5

0
344 B

46ms
8ms

Image
text/plain

3.121.27.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/pixel?gdpr=1&gdpr_consent=${gdpr_consent}&pid=3b2cb90&t=gif&uid=cc5f7980b35024e5
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol: HTTP/1.1
Server: 3.121.27.153 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-27-153.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Sun, 02 Oct 2022 11:27:09 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

location: https://ps.eyeota.net/pixel?gdpr=1&gdpr_consent=${gdpr_consent}&pid=3b2cb90&t=gif&uid=cc5f7980b35024e5
content-length: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 4EE5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QUJBNEU5QkUtOTM2Ni00NkFGLTg3MDQtNUMyN0I1NERBMkU2&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

0
74 B

75ms
16ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Sun, 02 Oct 2022 11:27:07 GMT
cache-control: no-store, no-cache, private
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:08 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 4EE5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDOXfoOxbHOrCxBvh4OLiKY&google_cver=1

0
74 B

75ms
16ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDOXfoOxbHOrCxBvh4OLiKY&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Sun, 02 Oct 2022 11:27:07 GMT
cache-control: no-store, no-cache, private
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:08 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDOXfoOxbHOrCxBvh4OLiKY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 4EE5 43 B
610 B 96ms
29ms Image
image/gif 35.204.158.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:27:08 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Sat, 01 Oct 2022 11:27:08 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 4EE5
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6653584868059426744

0
225 B

82ms
19ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6653584868059426744
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Sun, 02 Oct 2022 11:27:07 GMT
cache-control: no-store, no-cache, private
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6653584868059426744
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 4EE5 70 B
265 B 131ms
32ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 02 Oct 2022 11:27:08 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 4EE5
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7541192142968515385&gdpr=0&gdpr_consent=

0
225 B

109ms
15ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7541192142968515385&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Sun, 02 Oct 2022 11:27:06 GMT
cache-control: no-store, no-cache, private
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Sun, 02 Oct 2022 11:27:08 GMT
AN-X-Request-Uuid: 53e4123a-2ab6-45d4-b97b-3f0867e6a9d0
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7541192142968515385&gdpr=0&gdpr_consent=
Connection: keep-alive
X-Proxy-Origin: 138.199.38.132; 138.199.38.132; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 4EE5
Redirect Chain

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=qC12AKkrfVqzKiMJqytoAf98cA-zfXBa_SnlCIkW

0
74 B

67ms
16ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=qC12AKkrfVqzKiMJqytoAf98cA-zfXBa_SnlCIkW
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Sun, 02 Oct 2022 11:27:07 GMT
cache-control: no-store, no-cache, private
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:08 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=qC12AKkrfVqzKiMJqytoAf98cA-zfXBa_SnlCIkW
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 monitor.html Show response
widgets.outbrain.com/widgetMonitor/ Frame 92C7 4 KB
2 KB 45ms
41ms Document
text/html 184.51.9.223
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/widgetMonitor/monitor.html?name=obm-PixelLoadingError&message={%22url%22:%22https%3A%2F%2Fghent-aws-fr.bidswitch.net%2Fimp%2F0.0866%2FBSWhttps_A_B_Btrack.adform.net_Brtb_Bwinnotice_Cbn_R56167187_Jwinparams_RatC4npiLmPtxURYYTdNpB4p9HM83XWaiy2nYn4UiJoNxC31HnPXspgsptvGhoNX88SToQFloQbO8U7EuhrBf8VX0b5KNHciw286-tUrNWNyoy-4otgeXJ66ULKRXfpdmjmzJ-K__u3LHcSmlXIxxc__dpCBKuUw0J-68SsLM8zYASHXpd1pXYL-dvbRfqtQqpqndjY050x8ETxUnrGW1eJ__QO8__7rsP1jj0_Jrtbdata_RJM0MzCoBr3psAvogrZU3fGsMJauYuieMeqlQ3xll4Le8ZXHPlvdrTrQSuH5__hfCmh16XdaV2C__nb20X6rUKqap3Y2NOdMfBE09ozZztfyqi3BUbtRNhHAAFeFsp3Z4bOR5uKsSGXkli9__k8A9TkUmSmgMgmJ06dLVpryJusTa0FodOxc2CfdQw2_Jrtbwp_R_I_WAUCTION__PRICE_X_Jadfrnd_R1466876707%2F8MQYqtB6E7_UaYBBWxPamzXr9mWVNoo3maX-rzqlR1obrW0XBgoIxyYGL6tgUTbaquR3uct6zso6537ZkqsWjwvsOxnMOtPWC7yTbvnn68u7QJIWfhPHcy0kRbaG-pIVKYMA7OJqcGaNCh1nhDbfQNM64HFLbMlhdn-21Sm79W-1DDJBJK5PeFA2tO6RHQIMhYq2RnoKzoJb9jEZEoJ-ROzTXjJ76a_WUP9FrlL_qfbupiTZyL40oHsYIoueJPZJEW5i68bftEhNRdqAa4UJ1XLej2-fHPIC0AztRP6GIMZIrnlWa8hAPe6dZASt_UiJq8pbChStF2DEXL4_8m0fHy2nTqI4o4DRjKit-2Se0Annv2_zihPk7cWVmh_0F8NZWDDoHiHIz9SnTKsHgpvEycO8vfzI6AyAj4wdsxSwrMPQ1M_ceqljf4PGsI5DJrunXwqyde9Hzh2fTw8RpBBpyLA-Z4CFNp854N2gJSGN1AwchblUr_PtrsPVEhNpvnapvKPgivQpoiZfycMwHGWIqy9yXFFLA2y90RjgqYh8g7PaCwPzvKMO5dIO762JDG5ZjjSil7yQOeaKjlonXwx93_g4KNQTkbDO5eHGbGVudu-Or4Nv-i76WrJXcW3s7PTGimp78URHdtJnNyQYhyU2I8YZdvtgzGL4TD0ykZppHQLuExvP7-Fvksh0Q-Reo45ek-HQAMrII99f7mdUHbHW9tqDKGwKbqlqeRShHxtJkE2lCYl5oLom2iddfA3qZmFprgLympyIsVgJI1Wz0tsYwtbJ4froQXK3na-B3heQYohTaW1P14kYOQalgQR6wlf--xtruq1cDlVVlepEo3g9vKA6o6I-FbG9TlYb3oZJmohdpisa3E6cECPaUjexBosPD45FynsML5z9ibT6Ex0N_fwloGZiBdYBUvwQlgMgsxfmV5vgfoRLgeUCPTw7qJ-D5XYx6G3M4ic0DYX5xbJUxTCmbOOqE3Eqm6pQLYznuRwQDeuR3FgMhwojxh9Mu7ssxwitdLZZq2jB3tIhSPF4S93pa5scB4EdfMh6DB8S4FF03SBhAWs2n9eY_xWN5ABP1KRA_Tz-VkZ7gWQh1gJPMDM5_sKwv1DXFsX9udKLbsp3ptNDOPwMSOsgSfBrvswS9UzaBFztrmy3P6HnLDv6xyuf2GnqV7_JAjVqdp3Gj0kSHiJj6WxTToT_D16oYKXNBM9SsuBZ3ImJaKzoOsyg87vb2qYIMkLe18Z1cldvFDu1hUptfHKE3bpk4MrAONUFnes1K4uKxq6b48g5a5DTrqcv6hONariCg9nPvwvoSPkrZskGcldOeRVqRcdhUWZCKciem365Vp6ioX6senYs4opZdK4HYaRsge_ovuBpQKqj2Be5puyvKNGvlknAJJ7KTzAxNt8WN8YdTtBtkNU5WcV6yuY-RydpAbCdQurTaiJRHpDpBHXEGrrEBK-cCYEcm2IMrlzHPXJ8oejb63wR7RLab3ZaaaRGd5wdhujlAuHqkm847186gJMPpEyJVm1-xd16efHQ1IlvfWV9g_CsRYq88qnoXv8X2WAN2WzhbEjZ0ANvryw10cJwsZFs5Std8oZLIIn14puBO7eaNvRng8bHfT9cf2oJ9uMLBASMir4ZZqdh09psfupCuOdBYGpTwNZIMsa6_4D-wYZJZnvdTJeH477sL_GjxjU%2F%22,%22advId%22:%22%22,%22numberOfPixels%22:%22%22}&referrer=https%3A%2F%2Fwww.walla.co.il%2F
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.223 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-223.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e74aad7eedeb94eab0fbb3d4435ff67c95dee259361fd21effd45bcd64424c24

Request headers

Referer: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 1602
content-type: text/html
date: Sun, 02 Oct 2022 11:27:08 GMT
etag: "9e7d58ad34c85761770fc947d9bee792:1617096471.391057"
expires: Sun, 09 Oct 2022 11:27:08 GMT
last-modified: Tue, 30 Mar 2021 09:27:46 GMT
server: AkamaiNetStorage
timing-allow-origin: * *
vary: Accept-Encoding

GET
H/1.1 200
OK pixel
amplify-imp.outbrain.com/ Frame 7FB6 43 B
256 B 176ms
94ms Image
image/gif 70.42.32.159
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amplify-imp.outbrain.com/pixel?p=MW1qguY4qimC59ZgYvg-V_ftJhThHwZ4gxVO4i0Kh0hYAvoSeT3NciW79NMnBSA0sQJNbnMGYWE5VB1EQ2nLqM131xymtMJsf0cGWhU4NfnmIAHm30t4ckK44nNbE_Kf4Y8l007AsZZ5-2JySCcEzGqf6KvgnhYr3mhErxTVzQ5jXJthD4UDZ7DM1qs8ftoLkbDig5FIx6qUdwmAkejIaf5dMlMhNcAxdiP25k9bTIcQg0ZDJ4jIzQP86dupJ696SWkZphcc9pvFkKBUREdFde32zsJ9cEyu-Pvkgw9WYNsPJmhrhphG_Ntiy2A9O2Z0k2tEkmkM2UaXgiHEWcMZTivhaeDhhH5YznDEBXtmVEeMVuaK1FBfDgKw7Z3S1FnrLwccthzBHj-Ufh7YlzzO3xcyFbOKgzcsDUX6JUV4IzxAE6rnZ7YXNI9lykBAs9IajaHHnXstOGQ4mkAmBQvDrBnnnLxMfYznwY2ViK2D4XeYBluf6RjCo0JRzFz4vnItLBxYgzS7gTDI9WaGjO9baYprGTzrcEmrVQxbBLJ4IWRQ1WD4gvohXqgHlt1KMZZES3OxRfO0VcWNVlwnT_QhABkyxEDoRobwV0ypGBBSUx6RCDFOqFkNXr4xrAj6qDJjQ6VnIiG-y1x9qIx2dx7P6g0NpVF-_b_w08N3UJboSE0QOyRclmb4_xuZUKIhbA6p94sNmfn3APvFF9l1VC3SC4gxt5rQx6eZgefHG3D5EmrPB4M1y2nvhtOtonbh6R5JJIUyjCMvih5sadYFU1mGGznxQoYs95aTPKNykIrgT_JyQ63AVbdlcbtXxp9PsL-z47o9coDia1csH9fRYbfhlWvyemkaP_dYt2NaC-jfhaykZQky519uZpV2gThb_2SW5Uzgm-974OJslj1Ohi0rluLYHB64pG4ht1VIF3plb8nk4qXeB4GXIli1vU7bOZiUyezSclSBDXOlPzF-vs3O2TOirBV-0FNGRhQy2FAJjCyXEk1UdxZLuCyL40uK1UN-25Zex-R0n3PniInSaHwkJpZeUShyQJrmnF_9G9KTng3CSDoPhTAHgtdKfeljkiW0Sft2-LC0Kq0xqDA4UxdDbQ5UzhwSzdgLJcMBrQTQYL9fKS7lOmqJ6hafbX1eTfUj7ornD6hHS6t-K9x8eXc4Ngi2ES-TJH5f4OrO9BMFyci8EvVt24fmJCcVjgee8FhGWqN5HejK2Bk_xehC3i7a7ti6eGHHRSYd77KljKEbaS5F8pUiHB575qPFAwunjWs8OiL1R5dKjDZy1jLkfqN_Ey1Y9NOrVTNhODuQZ29oIKawcJWtJXOTcE5Q45hQVwiFWHz0sa_iqGUS03oirv3NZEwlOujhJITZ72BUahChFW3JN7KSTnUcVe69aySQ1Gn-6y-2QhS9reRpwmzFime7gDmhbMrSwcY_IkCl2QMh0onJiSLRMxLVPyMo7_ihfybbCwvQhiXF8aGAanCthFunCg3Dv3I6N4EIJLVnUK83OZAIesgI4s1akCoYCX6fnUUPoYqKBBYhrQi1j4tOiUBJ6MRa8APCJxE2HUMA90PntJzRr-ssfjNki4mQhwDDdgxyuaxa9zcAE2HlajsWIvecy35zCMkHr-vCivG_Osc4-TvRdy3clv9Cc9QoI03F3PIZBxzrx7TujWiJCh1cJihxexLBIMLe-7E7SYuBMbxcDh5miMW_Mxa5h_hjjoPK0iq7mLgS6Gjlqlc5HyQx3meRz4yP4gVleaaUVmpqtZgPfzoXwIU6uTQauFs80iWWg4ZdV9rCh4alWxR14A6g-ZYOfli05BLaJF0t-XVzUFKeW1tvajcxA4o-I55DrxW7HM2skAejh219Xj06Gtdtf6g9Ly7W0uA2FqfvaQhPNsNY_8OfkipLCJUR2o4eLaEZc4A4Td_GjOO6JsoBRiVqIsWCIgQtOB6toy7OYWOfgHeTcnQ&c=6f88449f&v=3
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.159 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Sun, 02 Oct 2022 11:27:08 GMT
Cache-Control: no-cache
content-encoding: gzip
X-TraceId: dbfd6d8f95c5f4d3968b216e835acd6e
Content-Length: 60
Content-Type: image/gif;

GET
H/1.1 200
OK outbrain_bid
ghent-aws-fr.bidswitch.net/win_notice/ Frame 479D 43 B
168 B 12ms
8ms Image
image/gif 3.120.212.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ghent-aws-fr.bidswitch.net/win_notice/outbrain_bid?rid=gdc59Sn49ctkiihMnpH4c8gq3nALx5_p5UZhcD0NtknkpSXPYo6EF5fgqzwGQWTxNeHg4hmcS4GKqE9yj1NUM-Ri5iJou8JTEj38A5vlk6mQlvxfDb43hESU-z-atkmVGfSDE9xPJGwBmX6j6jwghnZLpWks79DSLbsKAI0kqn7CDNtYY8-6Z8mZ386xWypgE_0qDvUcsAoIcxwW2_kbU_aQcEvp9M7TEnZjxgbrELEvxQzJi1Wtxw27J4FMDR0bd2ZJdrAy3cQMJePue2WBgVC_cvLOnMYCjPPcBE3KOU672XkXbnwyU_H8qPrkGz1A_ZmLmWKzkHZ7TqL1CfSRWileaUEHDrrSH6zdJUlfPH0WPvAmFQkdZYEYSI2tkxvLqwqofN1ikuJf2_rP37hhbUEbw8hEDxju0QBkilrEh4p7FO_GeS81PyONWEhYwXBywopNdHiQ--pPPIk2oCw2YtAoxTobrqdz4MEk7m7sO6rTJ_hY5Uqs-cASfOLkMU8U20njUnLGEs2lIGSUd5DXCjm31UWP9L4U-LpCcnY24Hu5YRLx2z2q6A3V96dOH8d1oUd2QyKGBMWMnV-vzsqZ722Xse40Ge6Ma22A1PcOUHbZ3UO33LxUbUc83DT9cIWbL68tkhGjN3YQZuPT78ZM8Oy2zEzVq12pW_HuuIljTm7HF9ZBNrqeQl7cCg-a8db52Na3FxpiYbC-ySEBYKqqYQRIMip3hJhImsZPC_wTNoruKZfvtVcKaOZdS0T8RaYRjXTKmN4oxSJHpdgpa6kixjnqucplUl2jhR14arBGeKjMSP53y7zGTSFMxGLBLevAy33oQZ-aJF1KAsQpkwXaZvDZu5Ie4p1U4BKsaPqAe2nPFXE7h6-YWaS-8gCzl9SqVgT3i05o0eW4dSLe7lqQHhcjxMiDTxH1bS-mG5CAneiFLZm5GYSL2pl_k3RLKlOzDpLR70YwwbuJwfd0_ln9WBItWwkuz0kHgJR3Fb8MiF5VveHtPtU0kXYj9v2wL3apyZGd_m6riX0avj_PX7eaUn8-EEIAGE8BS77IxCiS4skuaj1wBmz2qGr5vFuXZNY6ei2vttkOIR0lPpwnrvv7WK9ectG8ZR5pIGLPxkRoGAPc5YaW8wqR1M8ktmHskYy-2p22p6DOkLSdHQErSDGF0gRBYgmK0fA62ZprPtMlnB_hSdUCgzAXGJoTc6S64J5N1wejnShq4t8A7SUdGd59wqMNTBA2XKR0ic3RyEyJqhiap5J5UgVVXIR2PG4GWc6qqMaYxPtoyXuIdn-vp3EUoRBC5RJzxxZaACghTytALzWDwww5qj8s8XmyghWK5K3Fdi0lbcDPcZfG6iSqodrygUBIv2PBOUC5wL9fFLN4Sjf_5xR3fwOjzP4F7Qv51v0WBseSZhcCtvxli2b8nB6ZrDTid4HCWJ-A0TW1bT1i8VGLjT30AgJAhtFG73co7Cvxt-7ckRvvUCXeG8DnbbGT2FVXoHeoAUi3d-vXuH4AdVp1s0Oxe5m2g3zhvw4l113QmDeP19bkYhbt-uU7Sboc9lKelrL0deAyQkc0NjnYIE7KgFUKPj0n7uVuuwjHBJI-qY2UlwqCcgFtwlo8trzB7knRvocIsvyX7D1RvUmaoYwGKPu8xPWzCQohg87jXg4HsHExdprwxgVcxX1teRdbVDalshMKNdZpn5oCeVBGx89GZh0BnvSg5c9xnkCqcysBEU8Zb_0FQ4mJ2-Uo5O9D_8s4cgIWN33n&p=0.0866&aid=
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.212.74 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-212-74.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Sun, 02 Oct 2022 11:27:08 GMT
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 adagio.js Show response
script.4dex.io/ 73 KB
23 KB 54ms
34ms Fetch
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8055949c765c65e219aec8e387c224544044c6e38dff199de1c52d8a219addfb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:27:08 GMT
x-amz-version-id: 1664182876082916
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx88c4051b678d4ddfa61de-0063316a9d
age: 527060
x-amz-id-2: tx88c4051b678d4ddfa61de-0063316a9d
last-modified: Mon, 26 Sep 2022 09:01:16 GMT
server: cloudflare
etag: W/"def38d7482d5ca96063df889ba7bcc30"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3lDrbadJs423tDQrwraCrwfb6CxT9Bbl0%2FqrkYkRBRIXaMq22GKToOVd7qpJrE2IDSO0UNCLzwzbY%2FVNr3LcO9a399z1F1VaD9poAN411nU521mHbudmRiO3UR0RhGoc%2BsfGCrplYRaIL2Xb"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=1800
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 753d164d0a7a924f-FRA
access-control-allow-headers: Authorization

GET
H2

200

winnotice
track.adform.net/rtb/ Frame 6004
Redirect Chain

https://ghent-aws-fr.bidswitch.net/imp/0.0866/BSWhttps_A_B_Btrack.adform.net_Brtb_Bwinnotice_Cbn_R56167187_Jwinparams_RUMvTJGRFzntxURYYTdNpB4p9HM83XWaiy2nYn4UiJoNxC31HnPXspgsptvGhoNX88SToQFloQbO8U7...
https://track.adform.net/rtb/winnotice?bn=56167187&winparams=UMvTJGRFzntxURYYTdNpB4p9HM83XWaiy2nYn4UiJoNxC31HnPXspgsptvGhoNX88SToQFloQbO8U7EuhrBf8VX0b5KNHciw286-tUrNWNyoy-4otgeXJ66ULKRXfpdmjmzJ-K_u...

0
190 B

19ms
19ms

Image
text/plain

37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.adform.net/rtb/winnotice?bn=56167187&winparams=UMvTJGRFzntxURYYTdNpB4p9HM83XWaiy2nYn4UiJoNxC31HnPXspgsptvGhoNX88SToQFloQbO8U7EuhrBf8VX0b5KNHciw286-tUrNWNyoy-4otgeXJ66ULKRXfpdmjmzJ-K_u3LHcSmlXIxxc_dpCBKuUw0J-68SsLM8zYASHXpd1pXYL-dvbRfqtQqpqndjY050x8ETxUnrGW1eJ_QO8_7rsP1jj0&rtbdata=Z0UGC82hh1gPN8lzvtOqIb3rj5Itvbvkq0EPG7dRqxOZsajPBu6KKFQjuN26lf39h16XdaV2C_nb20X6rUKqap3Y2NOdMfBE09ozZztfyqj95ZwZ2G--BQFeFsp3Z4bOR5uKsSGXkli9_k8A9TkUmSmgMgmJ06dLVpryJusTa0FodOxc2CfdQw2&rtbwp=0.092662&adfrnd=31441307

Requested by

Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm

Protocol

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 02 Oct 2022 11:27:08 GMT
cache-control: private
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"

Redirect headers

Location: https://track.adform.net/rtb/winnotice?bn=56167187&winparams=UMvTJGRFzntxURYYTdNpB4p9HM83XWaiy2nYn4UiJoNxC31HnPXspgsptvGhoNX88SToQFloQbO8U7EuhrBf8VX0b5KNHciw286-tUrNWNyoy-4otgeXJ66ULKRXfpdmjmzJ-K_u3LHcSmlXIxxc_dpCBKuUw0J-68SsLM8zYASHXpd1pXYL-dvbRfqtQqpqndjY050x8ETxUnrGW1eJ_QO8_7rsP1jj0&rtbdata=Z0UGC82hh1gPN8lzvtOqIb3rj5Itvbvkq0EPG7dRqxOZsajPBu6KKFQjuN26lf39h16XdaV2C_nb20X6rUKqap3Y2NOdMfBE09ozZztfyqj95ZwZ2G--BQFeFsp3Z4bOR5uKsSGXkli9_k8A9TkUmSmgMgmJ06dLVpryJusTa0FodOxc2CfdQw2&rtbwp=0.092662&adfrnd=31441307
Date: Sun, 02 Oct 2022 11:27:08 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 /
track.adform.net/serving/event/ Frame BE12 35 B
303 B 22ms
19ms Image
image/gif 37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.adform.net/serving/event/?bn=56167187&event=179&rtbdata=Z0UGC82hh1gPN8lzvtOqIb3rj5Itvbvkq0EPG7dRqxOZsajPBu6KKFQjuN26lf39h16XdaV2C_nb20X6rUKqap3Y2NOdMfBE09ozZztfyqj95ZwZ2G--BQFeFsp3Z4bOR5uKsSGXkli9_k8A9TkUmSmgMgmJ06dLVpryJusTa0FodOxc2CfdQw2

Requested by

Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

GET
H2

200

ztpv.php
www.conrad.de/ Frame 3522
Redirect Chain

https://www.awin1.com/cshow.php?s=2470167&v=11354&q=377133&r=300627&pv=1&viewref=native
https://www.zenaps.com/cshow.php?pvr=266fef47-4245-11ed-a184-2263aefec425&v=11354&r=300627&q=377133&s=2470167&viewref=native&pv=1
https://www.conrad.de/ztpv.php?awc=11354_300627_1664710028_266fef47-4245-11ed-a184-2263aefec425&insert=AW&&gdpr=&gdpr_consent=

0
654 B

152ms
48ms

Image
text/html

2606:4700::6812:7f05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.conrad.de/ztpv.php?awc=11354_300627_1664710028_266fef47-4245-11ed-a184-2263aefec425&insert=AW&&gdpr=&gdpr_consent=

Requested by

Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm

Protocol

Server

2606:4700::6812:7f05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:27:08 GMT
via: 1.1 varnish (Varnish/6.6)
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=15552000
age: 0
p3p: policyref="http://www.conrad.de/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
x-varnish: 935756081
content-type: text/html; charset=UTF-8
cache-control: no-cache
server-timing: intid;desc=e0b5b8e8a711e185
cf-ray: 753d164e7882bbbc-FRA
expires: -1

Redirect headers

Date: Sun, 02 Oct 2022 11:27:08 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://www.conrad.de/ztpv.php?awc=11354_300627_1664710028_266fef47-4245-11ed-a184-2263aefec425&insert=AW&&gdpr=&gdpr_consent=
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H2 200 monitor.html Show response
widgets.outbrain.com/widgetMonitor/ Frame 6B73 4 KB
2 KB 31ms
30ms Document
text/html 184.51.9.223
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/widgetMonitor/monitor.html?name=obm-PixelLoadingError&message={%22url%22:%22https%3A%2F%2Fghent-aws-fr.bidswitch.net%2Fimp%2F0.0866%2FBSWhttps_A_B_Btrack.adform.net_Brtb_Bwinnotice_Cbn_R56167187_Jwinparams_RUMvTJGRFzntxURYYTdNpB4p9HM83XWaiy2nYn4UiJoNxC31HnPXspgsptvGhoNX88SToQFloQbO8U7EuhrBf8VX0b5KNHciw286-tUrNWNyoy-4otgeXJ66ULKRXfpdmjmzJ-K__u3LHcSmlXIxxc__dpCBKuUw0J-68SsLM8zYASHXpd1pXYL-dvbRfqtQqpqndjY050x8ETxUnrGW1eJ__QO8__7rsP1jj0_Jrtbdata_RZ0UGC82hh1gPN8lzvtOqIb3rj5Itvbvkq0EPG7dRqxOZsajPBu6KKFQjuN26lf39h16XdaV2C__nb20X6rUKqap3Y2NOdMfBE09ozZztfyqj95ZwZ2G--BQFeFsp3Z4bOR5uKsSGXkli9__k8A9TkUmSmgMgmJ06dLVpryJusTa0FodOxc2CfdQw2_Jrtbwp_R_I_WAUCTION__PRICE_X_Jadfrnd_R31441307%2Fgdc59Sn49ctkiihMnpH4c8gq3nALx5_p5UZhcD0NtknkpSXPYo6EF5fgqzwGQWTxNeHg4hmcS4GKqE9yj1NUM-Ri5iJou8JTEj38A5vlk6mQlvxfDb43hESU-z-atkmVGfSDE9xPJGwBmX6j6jwghnZLpWks79DSLbsKAI0kqn7CDNtYY8-6Z8mZ386xWypgE_0qDvUcsAoIcxwW2_kbU_aQcEvp9M7TEnZjxgbrELEvxQzJi1Wtxw27J4FMDR0bd2ZJdrAy3cQMJePue2WBgVC_cvLOnMYCjPPcBE3KOU672XkXbnwyU_H8qPrkGz1A_ZmLmWKzkHZ7TqL1CfSRWileaUEHDrrSH6zdJUlfPH0WPvAmFQkdZYEYSI2tkxvLqwqofN1ikuJf2_rP37hhbUEbw8hEDxju0QBkilrEh4p7FO_GeS81PyONWEhYwXBywopNdHiQ--pPPIk2oCw2YtAoxTobrqdz4MEk7m7sO6rTJ_hY5Uqs-cASfOLkMU8U20njUnLGEs2lIGSUd5DXCjm31UWP9L4U-LpCcnY24Hu5YRLx2z2q6A3V96dOH8d1oUd2QyKGBMWMnV-vzsqZ722Xse40Ge6Ma22A1PcOUHbZ3UO33LxUbUc83DT9cIWbL68tkhGjN3YQZuPT78ZM8Oy2zEzVq12pW_HuuIljTm7HF9ZBNrqeQl7cCg-a8db52Na3FxpiYbC-ySEBYKqqYQRIMip3hJhImsZPC_wTNoruKZfvtVcKaOZdS0T8RaYRjXTKmN4oxSJHpdgpa6kixjnqucplUl2jhR14arBGeKjMSP53y7zGTSFMxGLBLevAy33oQZ-aJF1KAsQpkwXaZvDZu5Ie4p1U4BKsaPqAe2nPFXE7h6-YWaS-8gCzl9SqVgT3i05o0eW4dSLe7lqQHhcjxMiDTxH1bS-mG5CAneiFLZm5GYSL2pl_k3RLKlOzDpLR70YwwbuJwfd0_ln9WBItWwkuz0kHgJR3Fb8MiF5VveHtPtU0kXYj9v2wL3apyZGd_m6riX0avj_PX7eaUn8-EEIAGE8BS77IxCiS4skuaj1wBmz2qGr5vFuXZNY6ei2vttkOIR0lPpwnrvv7WK9ectG8ZR5pIGLPxkRoGAPc5YaW8wqR1M8ktmHskYy-2p22p6DOkLSdHQErSDGF0gRBYgmK0fA62ZprPtMlnB_hSdUCgzAXGJoTc6S64J5N1wejnShq4t8A7SUdGd59wqMNTBA2XKR0ic3RyEyJqhiap5J5UgVVXIR2PG4GWc6qqMaYxPtoyXuIdn-vp3EUoRBC5RJzxxZaACghTytALzWDwww5qj8s8XmyghWK5K3Fdi0lbcDPcZfG6iSqodrygUBIv2PBOUC5wL9fFLN4Sjf_5xR3fwOjzP4F7Qv51v0WBseSZhcCtvxli2b8nB6ZrDTid4HCWJ-A0TW1bT1i8VGLjT30AgJAhtFG73co7Cvxt-7ckRvvUCXeG8DnbbGT2FVXoHeoAUi3d-vXuH4AdVp1s0Oxe5m2g3zhvw4l113QmDeP19bkYhbt-uU7Sboc9lKelrL0deAyQkc0NjnYIE7KgFUKPj0n7uVuuwjHBJI-qY2UlwqCcgFtwlo8trzB7knRvocIsvyX7D1RvUmaoYwGKPu8xPWzCQohg87jXg4HsHExdprwxgVcxX1teRdbVDalshMKNdZpn5oCeVBGx89GZh0BnvSg5c9xnkCqcysBEU8Zb_0FQ4mJ2-Uo5O9D_8s4cgIWN33n%2F%22,%22advId%22:%22%22,%22numberOfPixels%22:%22%22}&referrer=https%3A%2F%2Fwww.walla.co.il%2F
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.223 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-223.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e74aad7eedeb94eab0fbb3d4435ff67c95dee259361fd21effd45bcd64424c24

Request headers

Referer: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 1602
content-type: text/html
date: Sun, 02 Oct 2022 11:27:08 GMT
etag: "9e7d58ad34c85761770fc947d9bee792:1617096471.391057"
expires: Sun, 09 Oct 2022 11:27:08 GMT
last-modified: Tue, 30 Mar 2021 09:27:46 GMT
server: AkamaiNetStorage
timing-allow-origin: * *
vary: Accept-Encoding

GET
H/1.1 200
OK report Show response
widgetmonitor.outbrain.com/WidgetErrorMonitor/api/ Frame 92C7 2 B
261 B 438ms
95ms XHR
application/json 70.42.32.159
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://widgetmonitor.outbrain.com/WidgetErrorMonitor/api/report?name=obm-PixelLoadingError&version=undefined&message=%7B%22url%22%3A%22https%3A%2F%2Fghent-aws-fr.bidswitch.net%2Fimp%2F0.0866%2FBSWhttps_A_B_Btrack.adform.net_Brtb_Bwinnotice_Cbn_R56167187_Jwinparams_RatC4npiLmPtxURYYTdNpB4p9HM83XWaiy2nYn4UiJoNxC31HnPXspgsptvGhoNX88SToQFloQbO8U7EuhrBf8VX0b5KNHciw286-tUrNWNyoy-4otgeXJ66ULKRXfpdmjmzJ-K__u3LHcSmlXIxxc__dpCBKuUw0J-68SsLM8zYASHXpd1pXYL-dvbRfqtQqpqndjY050x8ETxUnrGW1eJ__QO8__7rsP1jj0_Jrtbdata_RJM0MzCoBr3psAvogrZU3fGsMJauYuieMeqlQ3xll4Le8ZXHPlvdrTrQSuH5__hfCmh16XdaV2C__nb20X6rUKqap3Y2NOdMfBE09ozZztfyqi3BUbtRNhHAAFeFsp3Z4bOR5uKsSGXkli9__k8A9TkUmSmgMgmJ06dLVpryJusTa0FodOxc2CfdQw2_Jrtbwp_R_I_WAUCTION__PRICE_X_Jadfrnd_R1466876707%2F8MQYqtB6E7_UaYBBWxPamzXr9mWVNoo3maX-rzqlR1obrW0XBgoIxyYGL6tgUTbaquR3uct6zso6537ZkqsWjwvsOxnMOtPWC7yTbvnn68u7QJIWfhPHcy0kRbaG-pIVKYMA7OJqcGaNCh1nhDbfQNM64HFLbMlhdn-21Sm79W-1DDJBJK5PeFA2tO6RHQIMhYq2RnoKzoJb9jEZEoJ-ROzTXjJ76a_WUP9FrlL_qfbupiTZyL40oHsYIoueJPZJEW5i68bftEhNRdqAa4UJ1XLej2-fHPIC0AztRP6GIMZIrnlWa8hAPe6dZASt_UiJq8pbChStF2DEXL4_8m0fHy2nTqI4o4DRjKit-2Se0Annv2_zihPk7cWVmh_0F8NZWDDoHiHIz9SnTKsHgpvEycO8vfzI6AyAj4wdsxSwrMPQ1M_ceqljf4PGsI5DJrunXwqyde9Hzh2fTw8RpBBpyLA-Z4CFNp854N2gJSGN1AwchblUr_PtrsPVEhNpvnapvKPgivQpoiZfycMwHGWIqy9yXFFLA2y90RjgqYh8g7PaCwPzvKMO5dIO762JDG5ZjjSil7yQOeaKjlonXwx93_g4KNQTkbDO5eHGbGVudu-Or4Nv-i76WrJXcW3s7PTGimp78URHdtJnNyQYhyU2I8YZdvtgzGL4TD0ykZppHQLuExvP7-Fvksh0Q-Reo45ek-HQAMrII99f7mdUHbHW9tqDKGwKbqlqeRShHxtJkE2lCYl5oLom2iddfA3qZmFprgLympyIsVgJI1Wz0tsYwtbJ4froQXK3na-B3heQYohTaW1P14kYOQalgQR6wlf--xtruq1cDlVVlepEo3g9vKA6o6I-FbG9TlYb3oZJmohdpisa3E6cECPaUjexBosPD45FynsML5z9ibT6Ex0N_fwloGZiBdYBUvwQlgMgsxfmV5vgfoRLgeUCPTw7qJ-D5XYx6G3M4ic0DYX5xbJUxTCmbOOqE3Eqm6pQLYznuRwQDeuR3FgMhwojxh9Mu7ssxwitdLZZq2jB3tIhSPF4S93pa5scB4EdfMh6DB8S4FF03SBhAWs2n9eY_xWN5ABP1KRA_Tz-VkZ7gWQh1gJPMDM5_sKwv1DXFsX9udKLbsp3ptNDOPwMSOsgSfBrvswS9UzaBFztrmy3P6HnLDv6xyuf2GnqV7_JAjVqdp3Gj0kSHiJj6WxTToT_D16oYKXNBM9SsuBZ3ImJaKzoOsyg87vb2qYIMkLe18Z1cldvFDu1hUptfHKE3bpk4MrAONUFnes1K4uKxq6b48g5a5DTrqcv6hONariCg9nPvwvoSPkrZskGcldOeRVqRcdhUWZCKciem365Vp6ioX6senYs4opZdK4HYaRsge_ovuBpQKqj2Be5puyvKNGvlknAJJ7KTzAxNt8WN8YdTtBtkNU5WcV6yuY-RydpAbCdQurTaiJRHpDpBHXEGrrEBK-cCYEcm2IMrlzHPXJ8oejb63wR7RLab3ZaaaRGd5wdhujlAuHqkm847186gJMPpEyJVm1-xd16efHQ1IlvfWV9g_CsRYq88qnoXv8X2WAN2WzhbEjZ0ANvryw10cJwsZFs5Std8oZLIIn14puBO7eaNvRng8bHfT9cf2oJ9uMLBASMir4ZZqdh09psfupCuOdBYGpTwNZIMsa6_4D-wYZJZnvdTJeH477sL_GjxjU%2F%22%2C%22advId%22%3A%22%22%2C%22numberOfPixels%22%3A%22%22%7D&env=undefined&url=https%3A%2F%2Fwidgets.outbrain.com%2FnanoWidget%2Fexternals%2FobPixelFrame%2FobPixelFrame.htm&referrer=https%3A%2F%2Fwww.walla.co.il%2F&agent=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F106.0.5249.61%20safari%2F537.36&stack=undefined&errorEleUrl=&pId=&sId=&dId=
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetMonitor/monitor.html?name=obm-PixelLoadingError&message={%22url%22:%22https%3A%2F%2Fghent-aws-fr.bidswitch.net%2Fimp%2F0.0866%2FBSWhttps_A_B_Btrack.adform.net_Brtb_Bwinnotice_Cbn_R56167187_Jwinparams_RatC4npiLmPtxURYYTdNpB4p9HM83XWaiy2nYn4UiJoNxC31HnPXspgsptvGhoNX88SToQFloQbO8U7EuhrBf8VX0b5KNHciw286-tUrNWNyoy-4otgeXJ66ULKRXfpdmjmzJ-K__u3LHcSmlXIxxc__dpCBKuUw0J-68SsLM8zYASHXpd1pXYL-dvbRfqtQqpqndjY050x8ETxUnrGW1eJ__QO8__7rsP1jj0_Jrtbdata_RJM0MzCoBr3psAvogrZU3fGsMJauYuieMeqlQ3xll4Le8ZXHPlvdrTrQSuH5__hfCmh16XdaV2C__nb20X6rUKqap3Y2NOdMfBE09ozZztfyqi3BUbtRNhHAAFeFsp3Z4bOR5uKsSGXkli9__k8A9TkUmSmgMgmJ06dLVpryJusTa0FodOxc2CfdQw2_Jrtbwp_R_I_WAUCTION__PRICE_X_Jadfrnd_R1466876707%2F8MQYqtB6E7_UaYBBWxPamzXr9mWVNoo3maX-rzqlR1obrW0XBgoIxyYGL6tgUTbaquR3uct6zso6537ZkqsWjwvsOxnMOtPWC7yTbvnn68u7QJIWfhPHcy0kRbaG-pIVKYMA7OJqcGaNCh1nhDbfQNM64HFLbMlhdn-21Sm79W-1DDJBJK5PeFA2tO6RHQIMhYq2RnoKzoJb9jEZEoJ-ROzTXjJ76a_WUP9FrlL_qfbupiTZyL40oHsYIoueJPZJEW5i68bftEhNRdqAa4UJ1XLej2-fHPIC0AztRP6GIMZIrnlWa8hAPe6dZASt_UiJq8pbChStF2DEXL4_8m0fHy2nTqI4o4DRjKit-2Se0Annv2_zihPk7cWVmh_0F8NZWDDoHiHIz9SnTKsHgpvEycO8vfzI6AyAj4wdsxSwrMPQ1M_ceqljf4PGsI5DJrunXwqyde9Hzh2fTw8RpBBpyLA-Z4CFNp854N2gJSGN1AwchblUr_PtrsPVEhNpvnapvKPgivQpoiZfycMwHGWIqy9yXFFLA2y90RjgqYh8g7PaCwPzvKMO5dIO762JDG5ZjjSil7yQOeaKjlonXwx93_g4KNQTkbDO5eHGbGVudu-Or4Nv-i76WrJXcW3s7PTGimp78URHdtJnNyQYhyU2I8YZdvtgzGL4TD0ykZppHQLuExvP7-Fvksh0Q-Reo45ek-HQAMrII99f7mdUHbHW9tqDKGwKbqlqeRShHxtJkE2lCYl5oLom2iddfA3qZmFprgLympyIsVgJI1Wz0tsYwtbJ4froQXK3na-B3heQYohTaW1P14kYOQalgQR6wlf--xtruq1cDlVVlepEo3g9vKA6o6I-FbG9TlYb3oZJmohdpisa3E6cECPaUjexBosPD45FynsML5z9ibT6Ex0N_fwloGZiBdYBUvwQlgMgsxfmV5vgfoRLgeUCPTw7qJ-D5XYx6G3M4ic0DYX5xbJUxTCmbOOqE3Eqm6pQLYznuRwQDeuR3FgMhwojxh9Mu7ssxwitdLZZq2jB3tIhSPF4S93pa5scB4EdfMh6DB8S4FF03SBhAWs2n9eY_xWN5ABP1KRA_Tz-VkZ7gWQh1gJPMDM5_sKwv1DXFsX9udKLbsp3ptNDOPwMSOsgSfBrvswS9UzaBFztrmy3P6HnLDv6xyuf2GnqV7_JAjVqdp3Gj0kSHiJj6WxTToT_D16oYKXNBM9SsuBZ3ImJaKzoOsyg87vb2qYIMkLe18Z1cldvFDu1hUptfHKE3bpk4MrAONUFnes1K4uKxq6b48g5a5DTrqcv6hONariCg9nPvwvoSPkrZskGcldOeRVqRcdhUWZCKciem365Vp6ioX6senYs4opZdK4HYaRsge_ovuBpQKqj2Be5puyvKNGvlknAJJ7KTzAxNt8WN8YdTtBtkNU5WcV6yuY-RydpAbCdQurTaiJRHpDpBHXEGrrEBK-cCYEcm2IMrlzHPXJ8oejb63wR7RLab3ZaaaRGd5wdhujlAuHqkm847186gJMPpEyJVm1-xd16efHQ1IlvfWV9g_CsRYq88qnoXv8X2WAN2WzhbEjZ0ANvryw10cJwsZFs5Std8oZLIIn14puBO7eaNvRng8bHfT9cf2oJ9uMLBASMir4ZZqdh09psfupCuOdBYGpTwNZIMsa6_4D-wYZJZnvdTJeH477sL_GjxjU%2F%22,%22advId%22:%22%22,%22numberOfPixels%22:%22%22}&referrer=https%3A%2F%2Fwww.walla.co.il%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.159 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 02 Oct 2022 11:27:08 GMT
Connection: close
X-TraceId: 2ab58e5fac7bd125c0976844ac1b3775
ETag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Content-Length: 2
Content-Type: application/json; charset=utf-8

GET
H2 200 monitor.html Show response
widgets.outbrain.com/widgetMonitor/ Frame E3DF 4 KB
2 KB 19ms
18ms Document
text/html 184.51.9.223
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/widgetMonitor/monitor.html?name=obm-PixelLoadingError&message={%22url%22:%22https%3A%2F%2Fwww.awin1.com%2Fcshow.php%3Fs%3D2470167%26v%3D11354%26q%3D377133%26r%3D300627%26pv%3D1%26viewref%3Dnative%22,%22advId%22:%22%22,%22numberOfPixels%22:%22%22}&referrer=https%3A%2F%2Fwww.walla.co.il%2F
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.223 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-223.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e74aad7eedeb94eab0fbb3d4435ff67c95dee259361fd21effd45bcd64424c24

Request headers

Referer: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 1602
content-type: text/html
date: Sun, 02 Oct 2022 11:27:08 GMT
etag: "9e7d58ad34c85761770fc947d9bee792:1617096471.391057"
expires: Sun, 09 Oct 2022 11:27:08 GMT
last-modified: Tue, 30 Mar 2021 09:27:46 GMT
server: AkamaiNetStorage
timing-allow-origin: * *
vary: Accept-Encoding

OPTIONS
H3 200 analytics
hb-dot-valuad.appspot.com/ Frame 0
0 712ms
650ms Preflight
text/html 2a00:1450:400d:805::2014
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://hb-dot-valuad.appspot.com/analytics?d=pubsub
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:805::2014 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-request-id,x-vad-version
Access-Control-Request-Method: POST
Origin: https://www.walla.co.il
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-request-id,x-vad-version
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin: https://www.walla.co.il
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Sun, 02 Oct 2022 11:27:09 GMT
server: Google Frontend
x-cloud-trace-context: 52fc4abc0e486996be6f47da99d74293
x-request-id: undefined

POST
H3 200 analytics Show response
hb-dot-valuad.appspot.com/ 16 B
35 B 757ms
755ms Fetch
application/json 2a00:1450:400d:805::2014
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://hb-dot-valuad.appspot.com/analytics?d=pubsub
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1664668800000
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:805::2014 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Content-Type: application/json
Accept: application/json
Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
x-request-id: 321c033e-ac22-467a-8107-d82f64ff9a81
x-vad-version: 0.9.9

Response headers

date: Sun, 02 Oct 2022 11:27:10 GMT
server: Google Frontend
etag: W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.walla.co.il
x-cloud-trace-context: 71f73e48eec4125b24c9fbc1a5344488
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16
x-request-id: undefined

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 99ms
45ms Script
application/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.walla.co.il

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:27:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 96ms
49ms Script
application/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.walla.co.il

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:27:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 77 KB
28 KB 545ms
544ms XHR
text/plain 142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1831061958089898&correlator=4322738357506918&eid=31068501%2C44761477%2C31068356&output=ldjh&gdfp_req=1&vrg=2022092701&ptt=17&impl=fifs&iu_parts=43010785%2Cwallanews%2Cmain%2Cskyscraper_desktop%2Cyad2_rectangle_desktop%2Cshopping_rectangle%2Csport_small_rectangle_desktop&enc_prev_ius=0%2F1%2F2%2F3%2C0%2F1%2F2%2F4%2C0%2F1%2F2%2F5%2C0%2F1%2F2%2F6&prev_iu_szs=120x600%7C160x600%2C320x50%7C300x400%2C320x50%7C300x250%7C300x260%2C320x50%7C300x250&fluid=0%2Cheight%2Cheight%2Cheight&ifi=17&adks=2273020712%2C1194681899%2C1073900268%2C2033830821&sfv=1-0-38&fsapi=false&prev_scp=slot_name%3Dskyscraper_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%26vad_status%3Dtrue%26vad_pb%3D0.04%26vad_adid%3D97d7ee6b75e07b3%7Cslot_name%3Dyad2_rectangle_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%26vad_status%3Dtrue%26vad_pb%3D0.04%26vad_adid%3D9435b8edcebcab4%7Cslot_name%3Dshopping_rectangle%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%26vad_status%3Dtrue%26vad_pb%3D0.04%26vad_adid%3D995638ceb9a4781%7Cslot_name%3Dsport_small_rectangle_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%26vad_status%3Dtrue%26vad_pb%3D0.04%26vad_adid%3D100018c611560ed4&eri=1&cust_params=permutive%3D&sc=1&cookie_enabled=1&abxe=1&dt=1664710028636&lmt=1664710028&dlt=1664710025328&idt=346&adxs=1480%2C200%2C200%2C200&adys=290%2C1484%2C1499%2C2418&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C15%7C16%7C17&ucis=h%7Ci%7Cj%7Ck&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.walla.co.il%2F&frm=20&vis=1&psz=0x0%7C300x0%7C300x0%7C300x0&msz=120x0%7C300x0%7C300x0%7C300x0&fws=132%2C132%2C132%2C132&ohw=0%2C300%2C300%2C300&ga_vid=1337039213.1664710026&ga_sid=1664710028&ga_hid=619783834&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9dda96412b38adce222d86ee0a06eb48cfabd8dd6ce8ccc6c24c2fda6d9ff74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:27:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28396
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.walla.co.il
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 monitor.html Show response
widgets.outbrain.com/widgetMonitor/ Frame F4B4 4 KB
2 KB 25ms
24ms Document
text/html 184.51.9.223
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/widgetMonitor/monitor.html?name=obm-PixelLoadingError&message={%22url%22:%22https%3A%2F%2Fwww.awin1.com%2Fcshow.php%3Fs%3D2470167%26v%3D11354%26q%3D377133%26r%3D300627%26pv%3D1%26viewref%3Dnative%22,%22advId%22:%22%22,%22numberOfPixels%22:%22%22}&referrer=https%3A%2F%2Fwww.walla.co.il%2F
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.223 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-223.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e74aad7eedeb94eab0fbb3d4435ff67c95dee259361fd21effd45bcd64424c24

Request headers

Referer: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 1602
content-type: text/html
date: Sun, 02 Oct 2022 11:27:08 GMT
etag: "9e7d58ad34c85761770fc947d9bee792:1617096471.391057"
expires: Sun, 09 Oct 2022 11:27:08 GMT
last-modified: Tue, 30 Mar 2021 09:27:46 GMT
server: AkamaiNetStorage
timing-allow-origin: * *
vary: Accept-Encoding

GET
H3 200 container.html Show response
99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CEBD 6 KB
3 KB 30ms
13ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 02 Oct 2022 11:27:08 GMT
expires: Mon, 02 Oct 2023 11:27:08 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5CB6 6 KB
3 KB 26ms
14ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 02 Oct 2022 11:27:08 GMT
expires: Mon, 02 Oct 2023 11:27:08 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame FE32 624 B
297 B 114ms
48ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYw9PDmAEwAQ&v=APEucNWEXt2qva0CWikde2IWyurbrAVAu9gkFvOSQSqmfbid0FhPD7fkrg9MvJtvBjkrSFP30KDouy82EdNU3j4W-1HU4hThwK4NpofTZMjW3UmAkyDCTCs4WRt3ru-7QeWberLf_7NlbTWF1JUxz7Fi-5c4evo5kDp9sEl3dhHpM4XnNHGIqnk

Requested by

Host: 99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com
URL: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 02 Oct 2022 11:27:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame CEBD 80 KB
34 KB 159ms
95ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CfmxaWsgS2QEaz0BWcIof6mfC6CVwg4G3KnhRlqXDbcXOXJh1SbZcz_jl3AivFLze4bqU3vGwM8CWEqW6upKvhYcBN4Q&cry=1&dbm_d=AKAmf-AhN9AYWVW4T5hezmSOHZcagBgub98xJJP8GTP8LF1ynQE3Y-wvuYWdR5JK-MQznQ7qGrOwLWKH9wyASkWIBPYJowPl9LmuPVbvrKI0wqbx_mWjq7GxgHW0b-MZu8GcdJY_huiRgDt3j2VG8mpC_L-DVDdf5NImsFvbhDGgdoPe0ecVWuIrpa-AAgwsMVdJvaDEWHn0d6pU-iLu2jgRz3CpeIqVa6G4m6llt7IduJTvOJwyrdDstsgZM7_8yEmjnSe3JYjZf1Z5xPcnhiq0E36JyN2_Cz7RDcEGxhL9Pr0XDRh_kuinZ-n3tgktEOe4DUtBplUv6_C8jX8wCgO2GxhbXmMVXmXjit_M24k4S3zPHkh2g-auKZe1jlr-UuR7-NC7b7yLkxBXuPxhDzmL0VXn_LmKmRi1Z79gmv4BeDS1_cxzGjiKEhRLGtxaeGFuiY7PIA1ULeRXCZBFYz0UawSPUxfYfnNq-qlaNrSKuiUF0av2z3SDl6sfHyt1YjGf3Bq0_iECisehUPnKSKl7Dwu6MCNg5j0a6f5vJ_CX_xyewNaNe4g-TWMmYjatiyoPp_a0-UkCXFmUYAeIBr5tHVJu_csFsONMgCh6xsTMCOzrWKz5GN4KxIHDEgyR_FmDHhwTJboqQJO5i5P5VXXWq7MZr4y7sEgq_ErdZ6nahyDzSKWfa0mhBbx3Ps0RFqhGY9hML4Zrp_Bc3Sx093AJKvpeQL6zPrpDdRlWOIU4e4boHr8YS6YJKFM7nscEVUQUJ5Un4NQ1oRKKbasEz-jvy2dkDuayDxDNfFeYbdiHadt3i6ZwmDe7cMwCcCJ8wFAoQfiF5e5UGEHyG2IkF0RLAMkT5XsCCU6PzSDQmfXc6kiOgFTCtpPdg8VTQ9lWYup5cbESVeDfmB5lnrhG1lPxi-mcpbF5uHcy6EpOcT0ETrNOshp5B_f3eHrXfPG1OvZ0K4aNZK-QzFTdg6eEppW8BAd-ZaVw7-gkjex6T1yiXsgO_3Bpg4kuf-UrhQdalajob8kD_Eaoa8B7q9s5bYupXVbqv_I50Lr3bdHFdTw9e5Td1xgADM0S8AdG0bVZdqfPJxK2qbfbIglwfM-Ds72f4S6ZBeMwRduPAXvVt6XIWcMOBHuKRGE3ENA-YxLPOuJAAShNSl2EfodypXd8FdTR9_aKh9RGlzGHjNe4OQIs1-BbUenRHfojl2N9YkqTcIxgtyaaYGuzJ5VQaczRiUm06tkiaSYt7hyCB29XAQ04vR_e_IQFVmB3cSMWy3T-Qet3BF1ghusnMVy4vsn5P-d051q8MYgz3ysz5c9IvVSpx-A9dgsdkFqzuFyDbUYsRnVBJebAu7Ady92g0SWIhlUfRlwzFpEUhRg3QPFI5_KsOB_0Z5uxTd8eio0JIR2tyDUDCcLKK10_SbNTj4jvq-Ch9fFoxXtpwrFEK-nIW9mR5A5HYEnYR9zbvFSZFa5j75zDJOR5Y9-JEtU2tvpnXaUsqygX75iXnNo5l4-6QTxhv9_kSizIX1J44lZytowJwwETPUNioRxiuQmhLP56ULUHesL4JDnN2WkFOQddff0dYGJiAhrdEX7-sHAinI08LwQqUeoptZNB2whGTGyijJfX4SzjJfCCd9A5fdCsyEbpzlmU9kwUsS4766W5mZ94ELpyT9Z1725zfZQGwkMdEDovBbqbu0K8FnlAJ4xnp_RCPGqnhHwA-iVeYFsUZtywx93J3QpcKgQ9rOggShiq-KUYG_X7Z9m7sgsL1nFoFZFMMFePx2LjrheyhM4zQ5rZGVMuBh7wtjC00P3JismrRFGd6j_DZa4RCreF6fFitdqdzX_-2Zt9rbyCMYgaKA-nXFjgxY6x4L27BflSyuDd3Hyb0e7G2cB7hF-D_2XvwK6MC1NFrEm3L5DYICW_Od1eqNnXSZSYPCf4IJWEqh6GW4nNSycwToP_uQTnr16IgRCQFnTuFHiFluv5cMhf2RCDPMk8T7O3YexIIDvLAm-hvufuP-Ewnr1dDV7iNwMSuVR9fOl31fLR2q9zGAPygz7SxR5t3kKovLyk6FGeNxuE7_XgHFAN39wEmubp9JRF4HXW71G7YLxLIXqnBuUIEbLx0fHtoond7m_O6XNuF4GY3paFlWUhngXZXPPbPTIFgknDzO2EGN9gFJVWiKQVAizUwArkB-i2OgD_j_YI_iaVoUT8lb4Jw-agOagn50ONXEHXMdcFN6M6O4ZrJKOCox1aJDiqvXOVuzxOSCG0ka5HAdgudLvZoyBQ8C0yaGGWQLoDFWnWw_LmetwBZMM_ZrUUfY8YksKTPk9HO04n4885ve4WjhYPdrrccM9NlTCuPWd4arBrJTKrvV22BqTpKBSzS2UZVmdCwADgaltQNUVjSX0NxzsAbZhu8WKOpCaaeNeEia36F3QagknQOiUKCpJ6VbG4h1W3IssRfen1H-uFnra5q1XmQcwef2ImmZNdUjzMTbJIKMecrKCtn66Ejyeq-0CB__RzMVhF51HMPkDo6RbQ7sbj7EUlNpa515gV0ihfT4RFUIhEnUHdcTyKcSoUoTIzG6Fe3AHnHIj3eJNdTiaLSOYFdeP1RCICqh6Ndn4ML6ujBsvaYTMtVN41g9i0LuwuNvwWhAKs7xnxKWhighOub7ecevCoPqbNFf9cjjQOmjgvSEs0ur8CIjyHJmk5Q5iZelz9J5jxclkh7nadIOA2aWIXIsN_39kFUIoUbQBVFD6deMn4eBwqLtD4w5GC_O54OFCIOcuOzN_59OMN8KKt1I9Fvm4JimHi-WZ8zJbgMeUxq1uzeU-aDNJ2x3ARlugp7XCxU88v5Ol_tvR_9wQvxYbeveAk2-h71gZSvfla5vOhPKf3NzyweVfJLgbjgAUwLEDw1uZqPr7QzSfDC-b_tGb5-sr3XwysSy8UvotJHADK7GsxIbbHwEsK-gF42KmlYhzEUcbK2aLoA32iFvsy73LMxmbCXvk5Sv3HziAX93Dkx_e9mjldZKKnDxWCS0obrb39RRS5&cid=CAASJeRoS8kAsPW6BhbumEOoIjWBcZSWOKrTa4pTZpShxjePXjRcaqo&rfl=1%2Chttps%253A%252F%252Fwww.walla.co.il%252F%240

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7480510805d69099293ed82e175a3b12e3d9480e3ddff124445a4b3c78928bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34381
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame CEBD 42 B
173 B 136ms
55ms Image
image/gif 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D71GprA6UDQ-JZ35qX5tYUT4l4S3XDpw5JS1qsQl_ELDf7hkw198oYzEFzXMBAuMDFyYKK9nReiTxYoxEfzVXOqzl0x4HEfG51CBUVarHOgel3eMI

Requested by

Host: 99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com
URL: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame CEBD 3 KB
1 KB 120ms
44ms Script
text/javascript 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/window_focus_fy2021.js

Requested by

Host: 99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com
URL: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 10:56:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1821
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Oct 2022 10:56:47 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame CEBD 17 KB
8 KB 100ms
24ms Script
text/javascript 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com
URL: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86d8e892ceacd8c8a7e7125c68dd0e1b311f8399871b6d64b8b6795f0235c1d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:10:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 980
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7559
x-xss-protection: 0
server: cafe
etag: 15289875785628835784
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Oct 2022 11:10:48 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CEBD 140 KB
44 KB 129ms
76ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com
URL: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da8438b81e390283f6eb8cc9cf49ccde3d00c954b4fbccdf6372c162c4b58ab2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:27:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44530
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664365478704152"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 02 Oct 2022 11:27:08 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 5CB6 0
0 65ms
64ms Fetch
text/html 142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cu38rjHU5Y-yNE8-QiM0P_JGO4AzJntKxXPXqoYaIAcCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyoAHVttLqA8gBCakCFoTab7hxsD7gAgCoAwGqBIICT9Cs_VlFMxfcVirHHG8O9wgaus2aXLvHf8z7ic36ZFx5FubNpBO9SRhO8ZSW_-Q9PGDC0YHZI99jN1DiDyKuIaNGRHF0Mr0r6ebBuSCdu9Asbo83NMTZGRGhLwLBvbM2Vnymad-WM2foWBUz7LcglU_-Ui-eJxody3-RyhhXhysww2FwkYu57eZTsQAb0XGEP9MzJ-ijJ3ZG5YUKYlDbVATVD2Jvv88CGT4cq9hBtih54MKz2DZnXMP3RNpsnE6ywQ_FjL44yLDkgHknJCTlZXKRb6ZKFZ4vys6lqGd6TKnfTTb4YLVyGicwJ0K9QHkhpMcKGRGIdMyl9NL79mIwpLzK4AQBgAbHzc-Y357tqfkBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi00NDkxNjU5NDk2MzcyMTcyGPHmEw&sigh=tgQfbJYMcdw&uach_m=[UACH]&cid=CAQSPACsnQUxTt6n4Tw5-mTOiJ0HgXbHc07FyZqpOFre7GM3bjugkQope_MZZCU98Xm7PHdSeS7I8GVWYadDxxgBIBM
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.39.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bud02s39-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame 5CB6 0
0 88ms
19ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=k5CTFJPxG6wCyAGdg2ICAgAAAI9v_qchM8M6UwfGnGMh-yoQjHU5Y67Rc3QolY7wnAMBABIAAA&wp=Yzl1jAAExuwDoghPAAOI_Fc0VzSK8rWEBj8Ikg

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:27:08 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 336941
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame EB46 136 KB
46 KB 159ms
87ms Document
text/html 2a02:2638::b
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Yzl1jAAExuwDoghPAAOI_Fc0VzSK8rWEBj8Ikg&u=%7CEwSj7nQvqNTJF%2BapTj%2Fs8VxJpxKrjF5XKQgB8Gkuzsg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANfex4IY_JXoTDaPxAARcpbPoxbZrMVDvGb3h98Wznuy9ZJ7QMyBkIkunVE1cCC_N9ZYS7UEetJCEZbOXUBrxP1DOtnIe82u7lmxTHY_cQIECkPFgs1Pj4HQZAh0AVXXRlG0wXe--dopyXMcp76Pt2oXRjmE5JRDxTtL_ZHFnZBAYmM-Frz5_u9eJeuieuyBdUQeGbqCxdfUBnSd8QEV0QGxkPWUETuwRY1hRYKqD5MUYU70JRocdasLSp6I2q2IsSL9KBoVp_unfHlKHtDOWx0iBTvIG3-Gg_ck1Z0UCDpFz6MrHEQP6ZdM2SIGmr8k9a-vR-Kca0OjsaSOYucDo-0-PO0ZPJinra_dIWn57lTcUO0-QI7FJxtjOZoZwx3Zr9jMwdoC533hiAVLO-lQqonaV4dttAxRYavBARUQneUBi59mZjDYayZbpfcDEp2dICOZFgLstGmKRLq1XKqcs2dt_GVURp7UGhwiUhpGPHayzUR7wVPkrBUF88LljNOFKL9j-1LcCN6e63a-GXE2ClayTGY7xW59ccNurvTM2QXNy&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCU3_jjHU5Y-yNE8-QiM0P_JGO4AzJntKxXPXqoYaIAcCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyoAHVttLqA8gBCakCFoTab7hxsD7gAgCoAwGqBIUCT9Cs_VlFMxfcVirHHG8O9wgaus2aXLvHf8z7ic36ZFx5FubNpBO9SRhO8ZSW_-Q9PGDC0YHZI99jN1DiDyKuIaNGRHF0Mr0r6ebBuSCdu9Asbo83NMTZGRGhLwLBvbM2Vnymad-WM2foWBUz7LcglU_-Ui-eJxody3-RyhhXhysww2FwkYu57eZTsQAb0XGEP9MzJ-ijJ3ZG5YUKYlDbVATVD2Jvv88CGT4cq9hBtih54MKz2DZnXMP3RNpsnE6ywQ_FjL44yLDkgHknJCTlZXKRb6ZKFZ4vys6lqCV4bTtYwqrr3ylmufcNgbq0VHOXrukSm6VASWpXS8zX7ueaIK91324A4AQBgAbHzc-Y357tqfkBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1OCSxXI4or6wbfJIfMDtqNANZKvA%26client%3Dca-pub-4491659496372172%26adurl%3D

Requested by

Host: 99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com
URL: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

83c74f797740c9e843bf9d3226d6783310b408518b6d9c0421b8ef57c3866268

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sun, 02 Oct 2022 11:27:08 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=1btwF_xZROO2KeeuJ_tYRhCCBxpBGzG1buDSdCe6fC_exWUtLxCKyXkoJHZIMDR7IJKYE6_I-z0jDgbC8YUqGASUonUxQXmPaR_Te9wDKBh8eFpApaorVXZ4mrwtS6WFh5UwKzTEhdb0IuwV623iZcVJZH_F7MaHAxMaDgxt6FA-DHjvaxQgxKwXPvrSVK3tz12cLQ82HLLW585CIjW2YQJic3OH2k2DjH7Iv0CkEqC5pzhXwyG-_tRtTAnTv7WeanTX4g"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 70174906
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame 5CB6 3 KB
1 KB 114ms
46ms Script
text/javascript 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/window_focus_fy2021.js

Requested by

Host: 99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com
URL: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 10:56:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1821
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Oct 2022 10:56:47 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 65FD 1 KB
1 KB 92ms
23ms Document
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com
URL: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 14196
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 02 Oct 2022 07:30:32 GMT
etag: 48472445140208031
expires: Mon, 03 Oct 2022 07:30:32 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame 5CB6 17 KB
7 KB 94ms
27ms Script
text/javascript 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com
URL: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86d8e892ceacd8c8a7e7125c68dd0e1b311f8399871b6d64b8b6795f0235c1d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:10:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 980
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7559
x-xss-protection: 0
server: cafe
etag: 15289875785628835784
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Oct 2022 11:10:48 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 5CB6 0
0 47ms
44ms Image
text/html 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRhhEMN1slTsV77-MobW_IQ7VABnFwUWw4xn3issHFxPPpkDuafT_1FtWk6fQCElRP_OE3osWb8VfcMGJyVWixGC3xHSQ
Requested by: Host: 99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com
URL: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 5CB6 22 KB
7 KB 96ms
31ms Script
text/javascript 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com
URL: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 15:28:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 244709
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 29 Sep 2023 15:28:39 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5CB6 140 KB
44 KB 161ms
118ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com
URL: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da8438b81e390283f6eb8cc9cf49ccde3d00c954b4fbccdf6372c162c4b58ab2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:27:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44530
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664365478704152"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 02 Oct 2022 11:27:08 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CEBD 0
58 B 109ms
55ms Ping
image/gif 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=jca&jc=75&version=r20220928&sample=0.01

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame FE32
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEtSO64Yh9yARPwdbck-XGs&google_cver=1

43 B
647 B

45ms
45ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEtSO64Yh9yARPwdbck-XGs&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYw9PDmAEwAQ&v=APEucNWEXt2qva0CWikde2IWyurbrAVAu9gkFvOSQSqmfbid0FhPD7fkrg9MvJtvBjkrSFP30KDouy82EdNU3j4W-1HU4hThwK4NpofTZMjW3UmAkyDCTCs4WRt3ru-7QeWberLf_7NlbTWF1JUxz7Fi-5c4evo5kDp9sEl3dhHpM4XnNHGIqnk
Protocol: H2
Server: 104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:09 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BxRDr0mZfLjBFvl9ZnTCyvwNqeed6kVtQZjrORi2onVsnyEsGs60zN9goWuHzszAwiWLYV%2FHRr6vFZnnbIqDka03mMS7vGrBArcvGt7hD8tnnDeU3USYqRr457tqYGQ1WdMYWn0%2Bp1qQhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 753d16511f4f9b67-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:08 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEtSO64Yh9yARPwdbck-XGs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame FE32
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yzl1jET6kH7tABQbQ-Cl4QAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEtSO64Yh9yARPwdbck-XGs&google_cver=1

43 B
885 B

71ms
56ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEtSO64Yh9yARPwdbck-XGs&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYw9PDmAEwAQ&v=APEucNWEXt2qva0CWikde2IWyurbrAVAu9gkFvOSQSqmfbid0FhPD7fkrg9MvJtvBjkrSFP30KDouy82EdNU3j4W-1HU4hThwK4NpofTZMjW3UmAkyDCTCs4WRt3ru-7QeWberLf_7NlbTWF1JUxz7Fi-5c4evo5kDp9sEl3dhHpM4XnNHGIqnk
Protocol: H3
Server: 104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:09 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wiNUFe8R1QsrCDVP4ufaisQBrWiZxu%2F1WIowg36%2BZMu1qGGxjwbZeg%2FDdM%2FIUM%2FCiF1mf4EV1LpLXCrmiIqGY3iganGTYmBRD%2F4KjPYkwLCMhd3%2BWuNV%2Bf3merWCBRgY2NwgfgdcoFJ3hA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 753d1651cf95bbdd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:09 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEtSO64Yh9yARPwdbck-XGs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame FE32
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEIzcM-GDu1TW9df8ikQmfbQ&google_cver=1

43 B
1 KB

7ms
7ms

Image
image/gif

37.252.173.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEIzcM-GDu1TW9df8ikQmfbQ&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYw9PDmAEwAQ&v=APEucNWEXt2qva0CWikde2IWyurbrAVAu9gkFvOSQSqmfbid0FhPD7fkrg9MvJtvBjkrSFP30KDouy82EdNU3j4W-1HU4hThwK4NpofTZMjW3UmAkyDCTCs4WRt3ru-7QeWberLf_7NlbTWF1JUxz7Fi-5c4evo5kDp9sEl3dhHpM4XnNHGIqnk

Protocol

HTTP/1.1

Server

37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 02 Oct 2022 11:27:08 GMT
AN-X-Request-Uuid: 2d02daac-fc84-4fe2-987b-d26cbf585226
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 138.199.38.132; 138.199.38.132; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:08 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEIzcM-GDu1TW9df8ikQmfbQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FE32
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzU0MTE5MjE0Mjk2ODUxNTM4NQ%3D%3D

170 B
188 B

22ms
21ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzU0MTE5MjE0Mjk2ODUxNTM4NQ%3D%3D

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 02 Oct 2022 11:27:08 GMT
AN-X-Request-Uuid: 890ceea9-c114-4023-bf7a-a548acb5f1e0
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzU0MTE5MjE0Mjk2ODUxNTM4NQ%3D%3D
Connection: keep-alive
X-Proxy-Origin: 138.199.38.132; 138.199.38.132; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 65FD
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESECzdVNfMAs2eqyhysPB-sm0&google_cver=1&google_push=AZmPxg8fvE_NR4M5dmP4TCpEY1VjS49JzRfc9sOGaGYSuiSwOBA_GIGjEZiLo48aS1XIwf6pXI4m1aFCpwVeH8epvCIhQSYeT6HY
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mzc5OTU4OTczNzc1OTEzNTU2Nw==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESECzdVNfMAs2eqyhysPB-sm0&google_cver=1

43 B
398 B

145ms
17ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESECzdVNfMAs2eqyhysPB-sm0&google_cver=1
Requested by: Host: 99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com
URL: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 02 Oct 2022 11:27:08 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:09 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESECzdVNfMAs2eqyhysPB-sm0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 65FD 70 B
264 B 35ms
31ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEBw_6LIPeaajXlRQLldrhh0&google_cver=1&google_push=AZmPxg8-bYLF9dqDtP71yQIlZ7PUaiTSNpsW3YnEKjrx6YU93rdA5qGjGWmZmlWhWeCkh9iAh9as8EKuUTQ2EapquiaArgXghLcA
Requested by: Host: 99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com
URL: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 02 Oct 2022 11:27:08 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 65FD
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEEIMii81dQrs1px35LCiAEE&google_cver=1&google_push=AZmPxg-jBdr7QK8UjDjTZSXRJegbB-es6-_pD-0m1WvL693Q7e0KQPuckoM1Sfu6poC5tUJxc5uIL1OTymICY8qu...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=6gWFlwfRS9S73ABajTqvFA2&google_push=AZmPxg-jBdr7QK8UjDjTZSXRJegbB-es6-_pD-0m1WvL693Q7e0KQPuckoM1Sfu6poC5tUJxc5uIL1OTymICY8quLJeZpb5i_4cl

170 B
188 B

18ms
18ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=6gWFlwfRS9S73ABajTqvFA2&google_push=AZmPxg-jBdr7QK8UjDjTZSXRJegbB-es6-_pD-0m1WvL693Q7e0KQPuckoM1Sfu6poC5tUJxc5uIL1OTymICY8quLJeZpb5i_4cl

Requested by

Host: 99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com
URL: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 02 Oct 2022 11:27:09 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=6gWFlwfRS9S73ABajTqvFA2&google_push=AZmPxg-jBdr7QK8UjDjTZSXRJegbB-es6-_pD-0m1WvL693Q7e0KQPuckoM1Sfu6poC5tUJxc5uIL1OTymICY8quLJeZpb5i_4cl
x-host: tde-deliveryengine-production-b869b47b-t5xqz
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

sync
odr.mookie1.com/t/v2/ Frame 65FD
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEA02kehyb-Hx1y8sx6LUWxI&google_cver=1&google_push=AZmPxg_bzcprriZxljZRU0xddMo5wqkdVQLElDptrarT3OHYSyOdyX9VyuP1Xu4hIrp8eNejLvTxT0m3wi7TLt1PRIIa...
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=7f7495f7-28fe-461f-8799-6a5d3797d4e7&ssp=google&gdpr=&gdpr_consent=

43 B
356 B

130ms
34ms

Image
image/gif

34.98.67.61
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=7f7495f7-28fe-461f-8799-6a5d3797d4e7&ssp=google&gdpr=&gdpr_consent=
Requested by: Host: 99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com
URL: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Server: 34.98.67.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:09 GMT
via: 1.1 google
server: Apache
content-type: image/gif;charset=UTF-8
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: //odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=7f7495f7-28fe-461f-8799-6a5d3797d4e7&ssp=google&gdpr=&gdpr_consent=
Date: Sun, 02 Oct 2022 11:27:08 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 65FD
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEO_NATA7KAid_Mzo-yvQfVA&google_cver=1&google_push=AZmPxg_lRW86xgABs6oULPG7t0fLpUudORlEnRN7bfsu1MPFTxmcb8YrwCqRzA5I2_CaRYZAcWD8ovB5...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjY1MzU4NDg2ODA1OTQyNjc0NA&google_push=AZmPxg_lRW86xgABs6oULPG7t0fLpUudORlEnRN7bfsu1MPFTxmcb8YrwCqRzA5I2_CaRYZAcWD8ov...

170 B
188 B

18ms
18ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjY1MzU4NDg2ODA1OTQyNjc0NA&google_push=AZmPxg_lRW86xgABs6oULPG7t0fLpUudORlEnRN7bfsu1MPFTxmcb8YrwCqRzA5I2_CaRYZAcWD8ovB56c3YGOsvSozmRtpWmiFf

Requested by

Host: 99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com
URL: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjY1MzU4NDg2ODA1OTQyNjc0NA&google_push=AZmPxg_lRW86xgABs6oULPG7t0fLpUudORlEnRN7bfsu1MPFTxmcb8YrwCqRzA5I2_CaRYZAcWD8ovB56c3YGOsvSozmRtpWmiFf
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 sync
ssbsync.smartadserver.com/api/ Frame 65FD 0
45 B 277ms
16ms Image
text/plain 185.86.139.101
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEDc_PW1d6vHn6xTw9fqgAQ8&google_cver=1&google_push=AZmPxg-f6el2Cf3rVLw67nt9e7XW0UW6MRKC7ysPX6hqC8sfnJ0QFPgrP-IiIBz5YVYvIpnTF2NrmT0nb40ghagFEui2qOz0dl3m
Requested by: Host: 99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com
URL: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.101 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:27:09 GMT
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 65FD
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEBpRar886cSRItwcriyf810&google_cver=1&google_push=AZmPxg_goKa0dOeZhszfxJ3QIIONsUUTkRTI_OejAfWZTQ-ayFVkzW3hAgjoKKn02oLH8U0tig...
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEBpRar886cSRItwcriyf810&google_cver=1&google_push=AZmPxg_goKa0dOeZhszfxJ3QIIONsUUTkRTI_OejAfWZTQ-ayFVkzW3hAgjoKKn02oLH8U0tig...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1VT3FkbjdCRTJ1Ry4uWnEydk5nMU13VUtpbjRfRnhrY35B&google_push=AZmPxg_goKa0dOeZhszfxJ3QIIONsUUTkRTI_OejAfWZTQ-ayFVkzW3hA...

170 B
188 B

17ms
17ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1VT3FkbjdCRTJ1Ry4uWnEydk5nMU13VUtpbjRfRnhrY35B&google_push=AZmPxg_goKa0dOeZhszfxJ3QIIONsUUTkRTI_OejAfWZTQ-ayFVkzW3hAgjoKKn02oLH8U0tigWAS9vg1xj2cJcUQUuu8ssFDsPNcQ

Requested by

Host: 99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com
URL: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1VT3FkbjdCRTJ1Ry4uWnEydk5nMU13VUtpbjRfRnhrY35B&google_push=AZmPxg_goKa0dOeZhszfxJ3QIIONsUUTkRTI_OejAfWZTQ-ayFVkzW3hAgjoKKn02oLH8U0tigWAS9vg1xj2cJcUQUuu8ssFDsPNcQ
date: Sun, 02 Oct 2022 11:27:09 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 65FD 0
12 B 26ms
17ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LNlRzTWVVbpLBQVStEGKIDMYIAVIx_p24xC2k62r3XPC126F77HLpgVjm5xe9dI_L-GU9erw

Requested by

Host: 99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com
URL: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:27:08 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 5CB6 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 68cc44d92f74c48ae7931db967bed4b5410b335e05a8775b67484456e8979d15

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 95ms
94ms Fetch
text/plain 70.42.32.159
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=3b25ee0704c10a67a1684254671ff6a3_1769_1664710028329&tm=2822&eT=0&widgetWidth=865&widgetHeight=99&widgetX=535&widgetY=11355&wRV=2000902&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=910&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.159 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Sun, 02 Oct 2022 11:27:08 GMT
access-control-expose-headers: content-range
content-encoding: gzip
X-TraceId: a5a379a39b4c13df2365142995301a19
Content-Length: 28
Content-Type: text/plain; charset=UTF-8

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 98ms
95ms Fetch
text/plain 70.42.32.159
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=ebf550bcc422cd20e97db64d5adbb223_1769_1664710028558&tm=2830&eT=0&widgetWidth=865&widgetHeight=99&widgetX=535&widgetY=11478&wRV=2000902&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=910&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.159 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Sun, 02 Oct 2022 11:27:08 GMT
access-control-expose-headers: content-range
content-encoding: gzip
X-TraceId: 60916cdc1a3fc152888dc5ced2a74af1
Content-Length: 28
Content-Type: text/plain; charset=UTF-8

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 109ms
102ms Fetch
text/plain 70.42.32.159
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=959eb9058477fbbaa9541e1cdcc6e0b0_1769_1664710028787&tm=2831&eT=0&widgetWidth=865&widgetHeight=99&widgetX=535&widgetY=11600&wRV=2000902&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=910&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.159 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Sun, 02 Oct 2022 11:27:09 GMT
access-control-expose-headers: content-range
content-encoding: gzip
X-TraceId: 841d3265171f55c3f90c9d8e241d1484
Content-Length: 28
Content-Type: text/plain; charset=UTF-8

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 186ms
94ms Fetch
text/plain 70.42.32.159
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=c3854669e32840104c7b0bdbae167ea2_1769_1664710028845&tm=2833&eT=0&widgetWidth=865&widgetHeight=97&widgetX=535&widgetY=11723&wRV=2000902&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&rtt=910&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.159 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Sun, 02 Oct 2022 11:27:09 GMT
access-control-expose-headers: content-range
content-encoding: gzip
X-TraceId: 284b938a70c8945b4bef9706012debc5
Content-Length: 28
Content-Type: text/plain; charset=UTF-8

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame EB46 2 KB
1 KB 58ms
16ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yzl1jAAExuwDoghPAAOI_Fc0VzSK8rWEBj8Ikg&u=%7CEwSj7nQvqNTJF%2BapTj%2Fs8VxJpxKrjF5XKQgB8Gkuzsg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANfex4IY_JXoTDaPxAARcpbPoxbZrMVDvGb3h98Wznuy9ZJ7QMyBkIkunVE1cCC_N9ZYS7UEetJCEZbOXUBrxP1DOtnIe82u7lmxTHY_cQIECkPFgs1Pj4HQZAh0AVXXRlG0wXe--dopyXMcp76Pt2oXRjmE5JRDxTtL_ZHFnZBAYmM-Frz5_u9eJeuieuyBdUQeGbqCxdfUBnSd8QEV0QGxkPWUETuwRY1hRYKqD5MUYU70JRocdasLSp6I2q2IsSL9KBoVp_unfHlKHtDOWx0iBTvIG3-Gg_ck1Z0UCDpFz6MrHEQP6ZdM2SIGmr8k9a-vR-Kca0OjsaSOYucDo-0-PO0ZPJinra_dIWn57lTcUO0-QI7FJxtjOZoZwx3Zr9jMwdoC533hiAVLO-lQqonaV4dttAxRYavBARUQneUBi59mZjDYayZbpfcDEp2dICOZFgLstGmKRLq1XKqcs2dt_GVURp7UGhwiUhpGPHayzUR7wVPkrBUF88LljNOFKL9j-1LcCN6e63a-GXE2ClayTGY7xW59ccNurvTM2QXNy&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCU3_jjHU5Y-yNE8-QiM0P_JGO4AzJntKxXPXqoYaIAcCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyoAHVttLqA8gBCakCFoTab7hxsD7gAgCoAwGqBIUCT9Cs_VlFMxfcVirHHG8O9wgaus2aXLvHf8z7ic36ZFx5FubNpBO9SRhO8ZSW_-Q9PGDC0YHZI99jN1DiDyKuIaNGRHF0Mr0r6ebBuSCdu9Asbo83NMTZGRGhLwLBvbM2Vnymad-WM2foWBUz7LcglU_-Ui-eJxody3-RyhhXhysww2FwkYu57eZTsQAb0XGEP9MzJ-ijJ3ZG5YUKYlDbVATVD2Jvv88CGT4cq9hBtih54MKz2DZnXMP3RNpsnE6ywQ_FjL44yLDkgHknJCTlZXKRb6ZKFZ4vys6lqCV4bTtYwqrr3ylmufcNgbq0VHOXrukSm6VASWpXS8zX7ueaIK91324A4AQBgAbHzc-Y357tqfkBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1OCSxXI4or6wbfJIfMDtqNANZKvA%26client%3Dca-pub-4491659496372172%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:27:09 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 27 Sep 2023 11:27:09 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame EB46 2 KB
1 KB 62ms
20ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:27:09 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 27 Sep 2023 11:27:09 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame EB46 308 B
636 B 47ms
20ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:27:09 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Wed, 27 Sep 2023 11:27:09 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame EB46 293 B
621 B 45ms
18ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:27:09 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Wed, 27 Sep 2023 11:27:09 GMT

GET
H2 200 lg.php
cat.fr.eu.criteo.com/delivery/ Frame EB46 43 B
348 B 338ms
19ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=t3wQEiF2bVG4jTuYXFWpuO2vew52E_fRss2koOONcV_pgsc_Qn5xGku726rUuUSv0zXCz4bhiLlz2bvCD_vyUQbxTgEVZ7u0FB_mgDOzaDZBvMLage4OCecJKthVQdQtpgpRnupmbUilhV6X8yCEVXPU___NUaSTTWgOUafW27i5wM73gEX68PkX5-DsHeBB-EjVeg5MIwArmxURp_HJsa4e_nFjouBHDUN3GhHGKAfug7xm4qdsnejzDGlJ2R9tEftAEQAQXo9plZFCteXhJNvgJ3fE36-7eOSgLxcpsPtgNKs8E2-Syt5mv1yHGYuXBFM2DcZrK8LHHOgJiShPGbHVF-RCS1dcKadAUphWMJXfvl_LKwdqJFBmKbMoQV8FpVJBdRh-g0CFfZhrFo2Fk7SutCMSZLfBC1d_YSidTAYyXHPE

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:08 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3407363
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 m
secure-gl.imrworldwide.com/cgi-bin/ Frame EB46 44 B
752 B 194ms
99ms Image
image/gif 2600:9000:2394:6800:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1664710028
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yzl1jAAExuwDoghPAAOI_Fc0VzSK8rWEBj8Ikg&u=%7CEwSj7nQvqNTJF%2BapTj%2Fs8VxJpxKrjF5XKQgB8Gkuzsg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANfex4IY_JXoTDaPxAARcpbPoxbZrMVDvGb3h98Wznuy9ZJ7QMyBkIkunVE1cCC_N9ZYS7UEetJCEZbOXUBrxP1DOtnIe82u7lmxTHY_cQIECkPFgs1Pj4HQZAh0AVXXRlG0wXe--dopyXMcp76Pt2oXRjmE5JRDxTtL_ZHFnZBAYmM-Frz5_u9eJeuieuyBdUQeGbqCxdfUBnSd8QEV0QGxkPWUETuwRY1hRYKqD5MUYU70JRocdasLSp6I2q2IsSL9KBoVp_unfHlKHtDOWx0iBTvIG3-Gg_ck1Z0UCDpFz6MrHEQP6ZdM2SIGmr8k9a-vR-Kca0OjsaSOYucDo-0-PO0ZPJinra_dIWn57lTcUO0-QI7FJxtjOZoZwx3Zr9jMwdoC533hiAVLO-lQqonaV4dttAxRYavBARUQneUBi59mZjDYayZbpfcDEp2dICOZFgLstGmKRLq1XKqcs2dt_GVURp7UGhwiUhpGPHayzUR7wVPkrBUF88LljNOFKL9j-1LcCN6e63a-GXE2ClayTGY7xW59ccNurvTM2QXNy&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCU3_jjHU5Y-yNE8-QiM0P_JGO4AzJntKxXPXqoYaIAcCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi00NDkxNjU5NDk2MzcyMTcyoAHVttLqA8gBCakCFoTab7hxsD7gAgCoAwGqBIUCT9Cs_VlFMxfcVirHHG8O9wgaus2aXLvHf8z7ic36ZFx5FubNpBO9SRhO8ZSW_-Q9PGDC0YHZI99jN1DiDyKuIaNGRHF0Mr0r6ebBuSCdu9Asbo83NMTZGRGhLwLBvbM2Vnymad-WM2foWBUz7LcglU_-Ui-eJxody3-RyhhXhysww2FwkYu57eZTsQAb0XGEP9MzJ-ijJ3ZG5YUKYlDbVATVD2Jvv88CGT4cq9hBtih54MKz2DZnXMP3RNpsnE6ywQ_FjL44yLDkgHknJCTlZXKRb6ZKFZ4vys6lqCV4bTtYwqrr3ylmufcNgbq0VHOXrukSm6VASWpXS8zX7ueaIK91324A4AQBgAbHzc-Y357tqfkBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1OCSxXI4or6wbfJIfMDtqNANZKvA%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2394:6800:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:27:09 GMT
via: 1.1 4a3271596b4750a635e84d92a47448bc.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-cache: Miss from cloudfront
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
cross-origin-resource-policy: cross-origin
content-length: 44
pragma: no-cache
server: nginx
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods: POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
x-amz-cf-id: wnNrs-jUPOLQs4-napgL_noV44dxVnZhLP6jWEBOoeZRQF-qC9bTLA==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame CEBD 106 KB
38 KB 104ms
23ms Script
text/javascript 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/
Origin: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 07:30:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14210
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 03 Oct 2022 07:30:19 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220928/r20110914/elements/html/ Frame CEBD 8 KB
3 KB 74ms
26ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220928/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CfmxaWsgS2QEaz0BWcIof6mfC6CVwg4G3KnhRlqXDbcXOXJh1SbZcz_jl3AivFLze4bqU3vGwM8CWEqW6upKvhYcBN4Q&cry=1&dbm_d=AKAmf-AhN9AYWVW4T5hezmSOHZcagBgub98xJJP8GTP8LF1ynQE3Y-wvuYWdR5JK-MQznQ7qGrOwLWKH9wyASkWIBPYJowPl9LmuPVbvrKI0wqbx_mWjq7GxgHW0b-MZu8GcdJY_huiRgDt3j2VG8mpC_L-DVDdf5NImsFvbhDGgdoPe0ecVWuIrpa-AAgwsMVdJvaDEWHn0d6pU-iLu2jgRz3CpeIqVa6G4m6llt7IduJTvOJwyrdDstsgZM7_8yEmjnSe3JYjZf1Z5xPcnhiq0E36JyN2_Cz7RDcEGxhL9Pr0XDRh_kuinZ-n3tgktEOe4DUtBplUv6_C8jX8wCgO2GxhbXmMVXmXjit_M24k4S3zPHkh2g-auKZe1jlr-UuR7-NC7b7yLkxBXuPxhDzmL0VXn_LmKmRi1Z79gmv4BeDS1_cxzGjiKEhRLGtxaeGFuiY7PIA1ULeRXCZBFYz0UawSPUxfYfnNq-qlaNrSKuiUF0av2z3SDl6sfHyt1YjGf3Bq0_iECisehUPnKSKl7Dwu6MCNg5j0a6f5vJ_CX_xyewNaNe4g-TWMmYjatiyoPp_a0-UkCXFmUYAeIBr5tHVJu_csFsONMgCh6xsTMCOzrWKz5GN4KxIHDEgyR_FmDHhwTJboqQJO5i5P5VXXWq7MZr4y7sEgq_ErdZ6nahyDzSKWfa0mhBbx3Ps0RFqhGY9hML4Zrp_Bc3Sx093AJKvpeQL6zPrpDdRlWOIU4e4boHr8YS6YJKFM7nscEVUQUJ5Un4NQ1oRKKbasEz-jvy2dkDuayDxDNfFeYbdiHadt3i6ZwmDe7cMwCcCJ8wFAoQfiF5e5UGEHyG2IkF0RLAMkT5XsCCU6PzSDQmfXc6kiOgFTCtpPdg8VTQ9lWYup5cbESVeDfmB5lnrhG1lPxi-mcpbF5uHcy6EpOcT0ETrNOshp5B_f3eHrXfPG1OvZ0K4aNZK-QzFTdg6eEppW8BAd-ZaVw7-gkjex6T1yiXsgO_3Bpg4kuf-UrhQdalajob8kD_Eaoa8B7q9s5bYupXVbqv_I50Lr3bdHFdTw9e5Td1xgADM0S8AdG0bVZdqfPJxK2qbfbIglwfM-Ds72f4S6ZBeMwRduPAXvVt6XIWcMOBHuKRGE3ENA-YxLPOuJAAShNSl2EfodypXd8FdTR9_aKh9RGlzGHjNe4OQIs1-BbUenRHfojl2N9YkqTcIxgtyaaYGuzJ5VQaczRiUm06tkiaSYt7hyCB29XAQ04vR_e_IQFVmB3cSMWy3T-Qet3BF1ghusnMVy4vsn5P-d051q8MYgz3ysz5c9IvVSpx-A9dgsdkFqzuFyDbUYsRnVBJebAu7Ady92g0SWIhlUfRlwzFpEUhRg3QPFI5_KsOB_0Z5uxTd8eio0JIR2tyDUDCcLKK10_SbNTj4jvq-Ch9fFoxXtpwrFEK-nIW9mR5A5HYEnYR9zbvFSZFa5j75zDJOR5Y9-JEtU2tvpnXaUsqygX75iXnNo5l4-6QTxhv9_kSizIX1J44lZytowJwwETPUNioRxiuQmhLP56ULUHesL4JDnN2WkFOQddff0dYGJiAhrdEX7-sHAinI08LwQqUeoptZNB2whGTGyijJfX4SzjJfCCd9A5fdCsyEbpzlmU9kwUsS4766W5mZ94ELpyT9Z1725zfZQGwkMdEDovBbqbu0K8FnlAJ4xnp_RCPGqnhHwA-iVeYFsUZtywx93J3QpcKgQ9rOggShiq-KUYG_X7Z9m7sgsL1nFoFZFMMFePx2LjrheyhM4zQ5rZGVMuBh7wtjC00P3JismrRFGd6j_DZa4RCreF6fFitdqdzX_-2Zt9rbyCMYgaKA-nXFjgxY6x4L27BflSyuDd3Hyb0e7G2cB7hF-D_2XvwK6MC1NFrEm3L5DYICW_Od1eqNnXSZSYPCf4IJWEqh6GW4nNSycwToP_uQTnr16IgRCQFnTuFHiFluv5cMhf2RCDPMk8T7O3YexIIDvLAm-hvufuP-Ewnr1dDV7iNwMSuVR9fOl31fLR2q9zGAPygz7SxR5t3kKovLyk6FGeNxuE7_XgHFAN39wEmubp9JRF4HXW71G7YLxLIXqnBuUIEbLx0fHtoond7m_O6XNuF4GY3paFlWUhngXZXPPbPTIFgknDzO2EGN9gFJVWiKQVAizUwArkB-i2OgD_j_YI_iaVoUT8lb4Jw-agOagn50ONXEHXMdcFN6M6O4ZrJKOCox1aJDiqvXOVuzxOSCG0ka5HAdgudLvZoyBQ8C0yaGGWQLoDFWnWw_LmetwBZMM_ZrUUfY8YksKTPk9HO04n4885ve4WjhYPdrrccM9NlTCuPWd4arBrJTKrvV22BqTpKBSzS2UZVmdCwADgaltQNUVjSX0NxzsAbZhu8WKOpCaaeNeEia36F3QagknQOiUKCpJ6VbG4h1W3IssRfen1H-uFnra5q1XmQcwef2ImmZNdUjzMTbJIKMecrKCtn66Ejyeq-0CB__RzMVhF51HMPkDo6RbQ7sbj7EUlNpa515gV0ihfT4RFUIhEnUHdcTyKcSoUoTIzG6Fe3AHnHIj3eJNdTiaLSOYFdeP1RCICqh6Ndn4ML6ujBsvaYTMtVN41g9i0LuwuNvwWhAKs7xnxKWhighOub7ecevCoPqbNFf9cjjQOmjgvSEs0ur8CIjyHJmk5Q5iZelz9J5jxclkh7nadIOA2aWIXIsN_39kFUIoUbQBVFD6deMn4eBwqLtD4w5GC_O54OFCIOcuOzN_59OMN8KKt1I9Fvm4JimHi-WZ8zJbgMeUxq1uzeU-aDNJ2x3ARlugp7XCxU88v5Ol_tvR_9wQvxYbeveAk2-h71gZSvfla5vOhPKf3NzyweVfJLgbjgAUwLEDw1uZqPr7QzSfDC-b_tGb5-sr3XwysSy8UvotJHADK7GsxIbbHwEsK-gF42KmlYhzEUcbK2aLoA32iFvsy73LMxmbCXvk5Sv3HziAX93Dkx_e9mjldZKKnDxWCS0obrb39RRS5&cid=CAASJeRoS8kAsPW6BhbumEOoIjWBcZSWOKrTa4pTZpShxjePXjRcaqo&rfl=1%2Chttps%253A%252F%252Fwww.walla.co.il%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:18:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 524
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 10699485926258732851
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Oct 2022 11:18:25 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220928/r20110914/ Frame CEBD 30 KB
11 KB 67ms
24ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220928/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f03f34a896200ac3d36794a86a5b23d054f1982d05740b454078c8526a33b631

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:22:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 273
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11727
x-xss-protection: 0
server: cafe
etag: 4188671789125589074
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Oct 2022 11:22:36 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame EB46 12 KB
6 KB 16ms
16ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:27:09 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 27 Sep 2023 11:27:09 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame EB46 19 KB
20 KB 157ms
21ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=96&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F79f2c646e3f74b54931cff1f39d769d0_blue.png&v=3&w=596&s=KScezSIvtzeBsv_k-DaI1HkO

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

077deca4d6403481d09410f5975dba17e496fc18fb1af7eb875c53c404a757ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:27:08 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=29190389
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 19853
expires: Tue, 05 Sep 2023 07:53:39 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame EB46 1 KB
2 KB 172ms
36ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F1%2Flogohidden-professionals-GmbH-97267DE.gif%3Feb%3D1&v=3&w=400&s=SY31qpkHa_4W904lxzxOMzNE&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

3871e6719f71319cad9f0c2b4f262518c8deb142d03078bd7539e5d72da33de5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:27:08 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=611332
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1306
expires: Sun, 09 Oct 2022 13:16:01 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame EB46 2 KB
2 KB 171ms
36ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FD%2FlogoDZH-GmbH-71233DE-2201071435.gif%3Feb%3D1&v=3&w=400&s=GdGTAr7UZCrAyx1v0-prh3mc&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

65e821b53990c7e875f3a0c2ed1d78d9aaf42a0ac22e5befe5903e4e87faf931

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:27:08 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1738783
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1540
expires: Sat, 22 Oct 2022 14:26:52 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame EB46 0
128 B 53ms
15ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=1btwF_xZROO2KeeuJ_tYRhCCBxpBGzG1buDSdCe6fC_exWUtLxCKyXkoJHZIMDR7IJKYE6_I-z0jDgbC8YUqGASUonUxQXmPaR_Te9wDKBh8eFpApaorVXZ4mrwtS6WFh5UwKzTEhdb0IuwV623iZcVJZH_F7MaHAxMaDgxt6FA-DHjvaxQgxKwXPvrSVK3tz12cLQ82HLLW585CIjW2YQJic3OH2k2DjH7Iv0CkEqC5pzhXwyG-_tRtTAnTv7WeanTX4g&sds=2&rev=82884&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 02 Oct 2022 11:27:08 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame EB46 2 KB
1 KB 17ms
16ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:27:09 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 27 Sep 2023 11:27:09 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame EB46 2 KB
1 KB 16ms
15ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:27:09 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 27 Sep 2023 11:27:09 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame CEBD 41 KB
15 KB 76ms
24ms Script
text/javascript 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com
URL: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 18:03:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 408238
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Sep 2023 18:03:11 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 36A8 1 KB
749 B 23ms
22ms Document
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com
URL: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 14197
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 02 Oct 2022 07:30:32 GMT
etag: 48472445140208031
expires: Mon, 03 Oct 2022 07:30:32 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame CEBD 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7d267706e22f2005d1354a95da7e577f62c2e0521691e4d56a508003bc00e74f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/16599807781199218099/ Frame 4B28 24 KB
5 KB 81ms
28ms Document
text/html 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16599807781199218099/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0b15107c5614294d64e837ac09d5bfdf9dda1e645f820edd750bede7292735c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 427992
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5271
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 27 Sep 2022 12:33:57 GMT
expires: Wed, 27 Sep 2023 12:33:57 GMT
last-modified: Tue, 27 Sep 2022 10:00:07 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame CEBD 0
622 B 92ms
55ms Ping
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst6Jnc3xquKVswGmFjmtAkp3nw8clE7_94tytIYTBgAvB0pePfNUNGXAsG--E2SqKhAgwDxtJVjAOqtFN7DuLcsu7UfcyLBNO7ijVGI-BAT2JvLh8p8qhwY2brSX6Vq4eeS5C4MTBjfSDwqqqq_2lNyDftnIpRY_3F10SijiGteimSBUk1lMWVdlFsyXy_1l2f2Cb3XVlUdRO_4PCSg6eRt5RgQeUlr6cisZNWYxsgR8Z1T_oyRUuDWVa1xt92qpYM4CnXWs5Z7WwyITN8LA_BunuQZbMcvn0ET6MwE6rKZqYkfAVqm_tS0uLmSHAS3OCxpbZ1k63BQf7OHYYMI2ZzX0sCjJ3cMo2qWY_CylJ-25qKBqx1cz6t65tFHHiRKOIAPnezWz_c-gc0yg5Cfs5GPkVbQ-HIPuW4TyFr7ICELRmqCdpx3nDMv30-ysQCMib1QD4RCsixoyp0o8NiS5q5Ruunn8K1PS9zy2fLoZjvpYDIJlZd8r8j5rJZzdj2RtwXNmOd_cHKu2eAy4T7yQ2TDmmEFelDHm5wpgHYU82m7_TQp5OCni42WJV2LS2yQ0YV5zVIuMvGranuyKMajSA65KE864VLePgu8Lx9Y9TgBtoYh7SvpFpZqYNRAETulyaDowCLcrLhX6diDlICq-HaxLmoI_TpzkiF_S5rvJGWpYhDOngSdYXV6FxaUHJVzW__k2XSSdNxELW98Tptk4eq-yqCiyfkFUfR2n-Xi8ZD7hPh1Uhyg99JAuRRshMWxOW5r2QeNei6rrtMyYN7yEaefinuZ3hTpStt87Sw5k1sIFQO6gGPCLuSxrLKNmz2N-B2K66_vLWk00A0dJ-TAd3qSTyXVLOFt6_HdL0__vK_hymXyCHPLwHChOy_e8mqTXoXRw1podsFVxro9CA1SsU41k18igWvA2RZUPAPhBRJMOhNeYZaWvcnD_mlwu5nNQqt6lvZQM36BHC-VkLHe5lfy-ceIBFgLeFPL66tzZ87okqfmYBCkjKnyZMPZ532Pn8vj2bK1EX93hJ8MiDaDTiuYJ39g_CUC0A3Elqo50YcayHuTR-n-NIwmCn0CPccRHHJkVpn8SBkXtWltog0FGtYg063FCtlnx04SDzoJy93S3cP4wlXvJeNIwpgFk0CFecSgZX4WbUHIa4zlTQ6cJTvWfmO6K7oxGz-sCqaaZ-J1HB3Y_ovQ6nPqwpo7iwMD_ZRBS_bOxC9JajZsOseSjCES6JRue0Sk1RGx&sai=AMfl-YQB8eCFZviYdDkyG6t6m4gjhF_fbOitvH7zt2TBGNrHghCgsl0JZ56a98VtSzrIz6pvgZWrB5gv1wgv6EP7tkObYsFew2aIIPoUAFMUu3Bzl6Y6H0KRblSivt9DdW3iqINtMukmF4LgHkNx88S8GWT3Ji6amH-qzf-HNld8F4P2Lg-FxqJ38WEw-_h0mrPncQECh3BtFT0yK9uX5f22TR21rNq9kkKR6Utr4VEujz9CPbrPxw&sig=Cg0ArKJSzK7gYDb06RJkEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=158&cbvp=1&cstd=155&cisv=r20220928.46186&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 02 Oct 2022 11:27:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 36A8
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMRYilfUNuxI9AMASZojQkw&google_cver=1&google_push=AZmPxg-rAKl0eIM0tHm5ELLZj_yaNOuFYu5hty8zxlmR2zLSXh10lv-EPq...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg-rAKl0eIM0tHm5ELLZj_yaNOuFYu5hty8zxlmR2zLSXh10lv-EPqQb3PUm_tLMBX6OMXGREpG_1gbXED-GMDv2WEAugboI&google_hm=GJ_ft5pcHWXr...

170 B
188 B

18ms
18ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg-rAKl0eIM0tHm5ELLZj_yaNOuFYu5hty8zxlmR2zLSXh10lv-EPqQb3PUm_tLMBX6OMXGREpG_1gbXED-GMDv2WEAugboI&google_hm=GJ_ft5pcHWXrwBQowb-1kg

Requested by

Host: 99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com
URL: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:09 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg-rAKl0eIM0tHm5ELLZj_yaNOuFYu5hty8zxlmR2zLSXh10lv-EPqQb3PUm_tLMBX6OMXGREpG_1gbXED-GMDv2WEAugboI&google_hm=GJ_ft5pcHWXrwBQowb-1kg
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 36A8 0
104 B 171ms
24ms Image
text/plain 2a02:fa8:8806:20::2040
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEATJnN3DzzAVvToIp-L85Z4&google_cver=1&google_push=AZmPxg_igKeN4M5KUEtkDzJxGQOpVm8_B6GC8c1uXuNsTw1CtoSiL04zPhTJ99zxCqcdp6mEWUwEhV2TFyOjBUmSIvAAsUqMqGED
Requested by: Host: 99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com
URL: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2040 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:09 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 36A8
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESED0QkvWjSar4C4T-2IHn4JI&google_cver=1&google_push=AZmPxg9id4V_4OK5wqgR30RlXM_M2r6s2-9-KMGv1S-o7EaVgU45-PHRH6A-O-gKW0vf3ingLi2DZgpjMfEYUxcKcGFZQQga-ic
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=BB5F013D0844418D8818FA1B516D05E0&google_push=AZmPxg9id4V_4OK5wqgR30RlXM_M2r6s2-9-KMGv1S-o7EaVgU45-PHRH6A-O-gKW0vf3ingLi2DZgpjMfEYUxc...

170 B
188 B

18ms
17ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=BB5F013D0844418D8818FA1B516D05E0&google_push=AZmPxg9id4V_4OK5wqgR30RlXM_M2r6s2-9-KMGv1S-o7EaVgU45-PHRH6A-O-gKW0vf3ingLi2DZgpjMfEYUxcKcGFZQQga-ic

Requested by

Host: 99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com
URL: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 02 Oct 2022 11:27:09 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=BB5F013D0844418D8818FA1B516D05E0&google_push=AZmPxg9id4V_4OK5wqgR30RlXM_M2r6s2-9-KMGv1S-o7EaVgU45-PHRH6A-O-gKW0vf3ingLi2DZgpjMfEYUxcKcGFZQQga-ic
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 01 Oct 2022 11:27:09 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 36A8 70 B
264 B 34ms
32ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEBw_6LIPeaajXlRQLldrhh0&google_cver=1&google_push=AZmPxg_0IDKyyMoZep0tBjMjwLGcLU52yv7yaR18kgBGZeK4E7dSc9hvUCZvE0be4uYsw4dc7tYWwOjH6BNZ5bLAgDPA-5g8K6wg
Requested by: Host: 99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com
URL: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 02 Oct 2022 11:27:09 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 36A8
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESENyPRTlrx5vMxG7mx_a3J4c&google_cver=1&google_push=AZmPxg9AOxf_undECKo4_F6IM0zu1HuR3CHGpNNz10v0GtMC6JkDnx7XhMdyyKNbWM5Db3zVNzSOMx-zuCfxVUhg3ofxsUg...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg9AOxf_undECKo4_F6IM0zu1HuR3CHGpNNz10v0GtMC6JkDnx7XhMdyyKNbWM5Db3zVNzSOMx-zuCfxVUhg3ofxsUgUSJBO&google_hm=NDcwODQ5NjY2MDEzNTg4MD...

170 B
188 B

18ms
17ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg9AOxf_undECKo4_F6IM0zu1HuR3CHGpNNz10v0GtMC6JkDnx7XhMdyyKNbWM5Db3zVNzSOMx-zuCfxVUhg3ofxsUgUSJBO&google_hm=NDcwODQ5NjY2MDEzNTg4MDU4Ng%3D%3D

Requested by

Host: 99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com
URL: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 02 Oct 2022 11:27:09 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg9AOxf_undECKo4_F6IM0zu1HuR3CHGpNNz10v0GtMC6JkDnx7XhMdyyKNbWM5Db3zVNzSOMx-zuCfxVUhg3ofxsUgUSJBO&google_hm=NDcwODQ5NjY2MDEzNTg4MDU4Ng%3D%3D
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 36A8
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEHOowOi1ef0QI5teBzLTMCs&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEHOowOi1ef0QI5teBzLTMCs&google_hm=Yzl1jET6kH7tABQbQ_Cl4QAABJoAAAIB&google_nid=index&google_push=AZmPxg980ES9llccx3OgcAGLKiBF-F-OYreuq...

170 B
188 B

18ms
18ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEHOowOi1ef0QI5teBzLTMCs&google_hm=Yzl1jET6kH7tABQbQ_Cl4QAABJoAAAIB&google_nid=index&google_push=AZmPxg980ES9llccx3OgcAGLKiBF-F-OYreuqfx6atmO98Bh_FtPWZwikeBbKEOlnbVthVOtiJdXK8mzNJuPws8X1l3szQVY3jWi

Requested by

Host: 99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com
URL: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:09 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=os%2FeGJs2qOaXHMq96Of0EFkfe8UCVMuvpC9CBevd3JdLNe55eCPRzyig7E3fevZ4GaWuO5WagYK4T47AOGpL8QF7X1VFemD7fdVpl%2FBUi3oyRTCmabissl65FNZ4Tdy7HdTOzHnd%2Bi3vEg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEHOowOi1ef0QI5teBzLTMCs&google_hm=Yzl1jET6kH7tABQbQ_Cl4QAABJoAAAIB&google_nid=index&google_push=AZmPxg980ES9llccx3OgcAGLKiBF-F-OYreuqfx6atmO98Bh_FtPWZwikeBbKEOlnbVthVOtiJdXK8mzNJuPws8X1l3szQVY3jWi
cache-control: no-cache
cf-ray: 753d16524f2bbba3-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 36A8
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEPSvrVU07Y9spM1UQELzNmQ&google_cver=1&google_push=AZmPxg-RizerpOiQZXap9OI-23tCZdgq1m9Wz3fGqdoPNQJPZxcMdQcYsssb_tSpuJkwggg2NxDqayfr-ArR...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg-RizerpOiQZXap9OI-23tCZdgq1m9Wz3fGqdoPNQJPZxcMdQcYsssb_tSpuJkwggg2NxDqayfr-ArR9X2p719SDllV3saL

170 B
188 B

19ms
18ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg-RizerpOiQZXap9OI-23tCZdgq1m9Wz3fGqdoPNQJPZxcMdQcYsssb_tSpuJkwggg2NxDqayfr-ArR9X2p719SDllV3saL

Requested by

Host: 99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com
URL: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg-RizerpOiQZXap9OI-23tCZdgq1m9Wz3fGqdoPNQJPZxcMdQcYsssb_tSpuJkwggg2NxDqayfr-ArR9X2p719SDllV3saL
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 36A8 0
12 B 16ms
15ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KUw4RucRhsHtJ7JXc_D7Sf8uv8dL71hzSIdb-6a0gN8crIAz6HPgjHxhcnigZ8rrxJd-1B

Requested by

Host: 99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com
URL: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:27:09 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 26D7 22 KB
8 KB 27ms
26ms Document
text/html 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 273741
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 29 Sep 2022 07:24:48 GMT
expires: Fri, 29 Sep 2023 07:24:48 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2CDF 6 KB
3 KB 10ms
7ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 02 Oct 2022 11:27:08 GMT
expires: Mon, 02 Oct 2023 11:27:08 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E272 6 KB
3 KB 8ms
7ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 02 Oct 2022 11:27:08 GMT
expires: Mon, 02 Oct 2023 11:27:08 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8D40 6 KB
3 KB 8ms
7ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 02 Oct 2022 11:27:08 GMT
expires: Mon, 02 Oct 2023 11:27:08 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DFDB 6 KB
3 KB 8ms
7ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 02 Oct 2022 11:27:08 GMT
expires: Mon, 02 Oct 2023 11:27:08 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 f73c45457c22640d145cf3a5c331a2b3.js Show response
s0.2mdn.net/sadbundle/16599807781199218099/ Frame 4B28 87 KB
24 KB 27ms
26ms Script
application/x-javascript 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16599807781199218099/f73c45457c22640d145cf3a5c331a2b3.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16599807781199218099/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e62c1ce9ebf68046610cd9b8236a32acce413a73191e18ddaf1a27e2c408f9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16599807781199218099/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 12:33:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 427992
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25021
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 10:00:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 27 Sep 2023 12:33:57 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 3E50 640 B
316 B 56ms
56ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNXBERCuvK_DAhjZk-7LATAB&v=APEucNXnYmxZYaabI2pLjNt_Z3oQRai1k7I9TuM0D6A_Opnx9Idh5j2QDis8zmCK0DdVtbWAGDSj9-Xnmv35caZ_VEgpltQpt0QwGHTklM3evPR2X53EFTkQtpaR6I7ZU16C3bcCo2b_caKqt_4boNnTWc32O-VGGZ7bJwiUP0p6hqiRlmvVFkc

Requested by

Host: 99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com
URL: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 295
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 02 Oct 2022 11:27:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 2CDF 84 KB
35 KB 104ms
103ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C_UAvSqWftVwsJUIFJ59t5fPGmkNuVTF-rt08n-kj8ueBFqlwLoXAKWS3090LQR9nBaQ5csK_udsd_0T1nIwBz-ErzDu1MMP_vT2ZFB3tvcEM_OgwUjeqM2U8F73azd2bZEiDAPMvrwXNsjvkJjumHbDbLDzpriOINIlkur76bLNPBPoY&dbm_d=AKAmf-CZx3JNmA3nRNg0xHw_Uifek38P9EIRJ4WO49sFQ7O73RIJH77Hx91Nb0TX5ERshIuPqJ1HQxjybFqYQ1MeFIU8o14g0ZK_0ZnNj7pX6gNBCEnraGJ1X4mCHI2-2sHVejPlcSCE-OSGftpGwxpjrJO8YDpiZexRYspe5tlCpfrs3Kc4T9pwUSc3BtvtID1ky97160aBMHI7od2rFczCJZ3W5Dapf_FlX5Fe3ZWnTHTdLZWzN4vtXF41xEEq-vSNkY-LNbsSwcdUXfoq1NuD3wFY7F-BFcPbLB6l2IXHjdEV4KvcmnCB_l4e9Yp-B-wsMwB0uXHTQyS8_IxnO8m7AmxfKVVdhwBIohWcm1F6czP10DwtEPGungcxEnqusCV_CHf0JF-IjxleXyfthG3BkLSZCd1wtnuKPbBNw8hAv7ERIAv4-MqFYIBUFZf6ugHnGFBjm0Q7EH-wV5kb6hFFkwZM3NfTFa9taGQAtW1X7LcBLm5RUkM7bcSmaHDRZuzIFk7320Eo6BG98JBkRMg-yJAM-4poREGFQ1xNEcqnb_Td-YBbNDWVoH_RUYfp_DZhFFxDabkQpoNcDxyHG2isUTgmNSwrKNxaKOkzoGtbcp_hm4q5kYC02ue2UiA2hV33QXxcyozX2NJVDBMVnwHr8ui-m90nhh_zutwVqGoD51szqsRzbiL0f598e4RZoroRvswA6rurzJcUnBgVgOVJyu8ZtXkOOKhldsvJypeIFRJagHJ2sWIcq9V7Wq2qP0SM70PoINX-xaITan_nfnIk4muOADSkA_GepNn7JF1cGwNqzKsHGJ_wrzXSXrtCE8fVYxS3FMyzyCp_MjLU8Gu8BelD0Ci1GbcyVxLA8pHL-eObaLhAZZ48mBbr0DTJnMcaMx21J9fQ5_nMQdJV0OAc_QIK216ebTPh9Pu9RYAKNVe67NAkzuPj_vB_VPGNGCaGSdKVXonBZ06ysVjgQmRrI-CpB_rskR5rC6ZZqAhb-3vsl4G8LisKe5Kr-6_CCshFMF3oiTrlaYfTicBRUcwZqJZE912DwzdF7T75yGZnrtrXR1bLl7_PDYBEn3Sj-N4GxZVARth5jrpJHZQw3hbYmur6tulBXsg9FL6VHPQ0lQVs4nWLky2FEMLw3iwbwEHgFj3-FJWJUCavwyCnpL5bHsXzA2M5nuez-PyvAnx_mj9_HEkgWb3LsT95wVxiTKeb2jVMWYxClFIbx7jJtsbG5F8D848l-6FWw9JBLNttCDLE3D0nAdVnLO3BX72i6YgFvr3nqkqHPJrW84OaNkPW6ZXJYKMEovCkFnJxqmTVzuoNRFTK67Eo79J-DsqQAmpOrRuR28gDXW69Ne-tq5D5cxaIuSPrB6OgFILNtJB7dAdR33I9Mad3mGi4HRqIPQa6vcVfiNvvDfz9lKJgWXj_fuEhivVbeSqWdflTtfQXmT0eOzXI4lQYjzjn_a_-1R-VLRu-lnLJ_3emo8fnDiMd0nLS_OqvyRjexvXKH8vvdZnHdGaxrvV2ntUh7dyHEp2WRLgrgBSE_ezDoMOp3PQPng78ymsQAtupMAIeeNYuXYxMsjsal2-XeZubT_WHC6iu31MdEe4z2nBzQBn4Zp_jmHtut48RkMCgV_WIjAk_KiDK9-Av1xi3A0Bo4lfABoIKO0Stmfusj5C9a9C7_Aa--vWDA9v4Scj85Zht1ZUv6s3XbIkCIgU8lVjGdZrYF-01uczQyu89NNpouUCojEZ7-2UhyGIWoZjMM-l_18iH7XsDjLmUBWsBeZxoty6oG8lJl3te1wkJDL6U-FbzC1lQhugEgId8NPMBdPiXOJwaBbYfdgfl_CFlOOkIFbc8_1EQg0xmD8_jDK5dt9YnQrUGYJY2NbcMrNtFsPTIlEMw3FklcoFYcSyTDJcVkhA0RnQo_UXHFeDwMv4cVIKs6ZkdsEdGr02oTXKPKLx4aNeJkb633zcEvFQa32QT5Hh9KDJtCnc36KgaMnH2wK-zLbntaB9-rDFvimTjrF_GI5_mz68PeK2U8iKOeDlGpYKcKTZRF89jPmItQMyDm89lAWM0BD1oEXSbBQLBb-c5TJNI84-rlBF0mbXwUI_vN7Y9FYHO83Lvz233ds5uK-s54q0m_tRx01kTn4BdLnr4VG2f8RndH3lGYSN43UbZzt-RdlG8SRZE1YRmYHFQJdM1PAhJN-XYYWgvxjEgKIKr4JLnLExMC6qEvMjSYHr1Ad97WLCb6Fq_Vcyq4w2ncSARFyzbyNODnGVDDVuHLWhVi4GvBFZ5gho7MploeczvyGQ3HJIljMOcnunOs97hPZKyytWTaCJnwqDKNApSwJiB2vDNiScuOhEaqpCcnKNQKEr3ru29Pu4mSC6XIIIcz9WmJ9b6L2wWvlQdfS8TH18usoxVv9aEQBZSJh1c6NuOGpH5z_SDYPicHHgIk_LamxmjuJJlQTc3FHA-WLnTXsXbFYz3UqdCqLPy8xa8ornRBWdumQgK7iXqtRqaE9AE9Yjut_B0zxcutIKSkYY7eiA5ujaA8H7nVDq-qUeRi4dIuvJp6zTAUqj0-F-0scF2Kk3noTEPDpn4qxIvkmMNcn9Ncf8pk1SwvVoqXciWIjSYHC5F7qmw3UJj86z6yKci9TeZdWEv8tpfF_PAt5TZaZeggvu_1YgMDJVDNaDQgJotgzRoqd9ttx40kOQy6FFvznWUMz2G8h6v6e7IEKlM_Vo15viJBrgyzbBrhD_rbl8rWGAiLoOJV5_3CNnOZ-zGILq4O1eQ89m8B5GUFHJ3QbAV8EKo-K6qUI20vU4wn1dJEqJ90wR42NbKdTqnkPFeV2DepTgc8M5bvvHN9mMFssgU7S6qo7XBoNyU_cInPWlvwF2Mc-IIC_Kv_3jDeQF8pMCFyF2N7mDfmIitMliqcl3xIcJ4xFa3i0_BldFNOuREexysctJlaqynSHBNgEdewwSV5LZH589qMVMB0hYPrM73iSjIl1tvEg3bV3PdBNCjHHFWMWmoWHWUZkfuf8s_2-Yeb-VyXTrbOi8Gx5ZnCJ6fIrlnUIT-X0-cFHnP_CHiNqJewEHWH5ygxWwYDPXTnHpUYdFVA2KKWPClyYTo_MjaTTgUq1bh-3MVVYfGfstnUlqnhdgrlmzgrjPJbPwV_UuvK7JCRXW3E9Rm8A&cid=CAASJeRoGsVDiShraDazuIpa_dt4j8LS-A9qZ-P5wuzViFo-pjQnhTA&rfl=1%2Chttps%253A%252F%252Fwww.walla.co.il%252F%240

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c01e4a2a6450de9cdbad7b924133b85b8e15178ece6c6c3b181852d61f876ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35332
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2CDF 42 B
63 B 56ms
55ms Image
image/gif 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A4hHsosZUimNnp-etpAfHs6vLety9pHJ_4XfPhs1ClZwFJMv19ZceVQhBoFUPxveXFX1mJ3-t4ZNlei3hXToA_ZIQlr4SZeEml3un78bhkUQna9EE

Requested by

Host: 99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com
URL: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame 2CDF 3 KB
1 KB 25ms
24ms Script
text/javascript 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/window_focus_fy2021.js

Requested by

Host: 99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com
URL: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 10:31:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3365
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Oct 2022 10:31:04 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame 2CDF 17 KB
7 KB 26ms
25ms Script
text/javascript 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com
URL: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86d8e892ceacd8c8a7e7125c68dd0e1b311f8399871b6d64b8b6795f0235c1d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:10:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 981
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7559
x-xss-protection: 0
server: cafe
etag: 15289875785628835784
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Oct 2022 11:10:48 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 2CDF 0
0 44ms
43ms Image
text/html 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSOP9lCuCbOMqgM5C9Ll0qUXpf09K9sQ_A3BHmP2Sy14wSjt-R1qveqX5yvmrSsMZiEMJULruIiH1ZupqsU875EkAZp3w
Requested by: Host: 99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com
URL: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2CDF 140 KB
44 KB 116ms
115ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com
URL: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da8438b81e390283f6eb8cc9cf49ccde3d00c954b4fbccdf6372c162c4b58ab2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:27:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44530
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664365478704152"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 02 Oct 2022 11:27:09 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 8205 170 KB
52 KB 105ms
103ms Document
text/html 2a02:2638::b
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Yzl1jAALaa4KGB2UAAv9UOJBOzUGXRKFUp5U0A&u=%7CEwSj7nQvqNRxxavMM12zGjX9ilcTnDglNURaLKMjxmg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T_7v7MIbxeCIjSgfvZLBL8YjAjDYKP7n41DcP1gPNJLGrwwfD4wQfIxYe5AW6QngModQTWxCkXoz5pqlNFft6rqV9mmWxzVbUCKYYy6OjqqNkA3H0EObGas6UqeipthUgWKg-yHy2HCwguzZ3-XFCc1bTRZWii7VFaX7x65L3W7FwMmnXx5NM-q9aFJsiQWGPmfGa1fw901zDZAfQZqpJt5VsYAlsAB9sBDJn-qX98I-aqLy2TSHODSycvMYZ3t0fXnyZJQqYk1beSnaU4AAEMjwbWpfFy-xdogwwg1gXcZ-_ex30vGrsGc_sKiNFZXS9YSaGhcfBalofezw8o2z8pA3rwhG3DYeEm_iEP4QT_d9PYWRlNNpvbCnQ4hFJ4p5qgqSpm5QVy2KmbUZ8GWly5L1-Q56rCPuP3DzPcHIm7gcAsrwCv6UmYpU9L8sNyeURN0WUlY6Q2RC93K4ZmCxygaAFH6PicV74yMWfCxQ2caneREP4ZFUwwo3SjYLad5_JKw5tKz7E8-hcEQcLQuw0ujm-uew9V5XTlCX-mzdusMgJ5r_xoS1i78&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVCI8jHU5Y67TLZS7YND6r8gGyZ7SsVzV9uLWkwHAjbcBEAEgAGCVgoCAsAeCARdjYS1wdWItNDQ5MTY1OTQ5NjM3MjE3MqAB1bbS6gPIAQmpAhaE2m-4cbA-4AIAqAMBqgT9AU_QBbtIBsVHiFfCzJbvdbM93KPRcnZMyXuSpjFbP6qAh1G9jRdkQharrFVLk0VK4_b-zfSDBSvqXUE94lqSd17UwPIgGfiCc6XFNsYUdkUo29YxN8Vtlc1o8D8XeIJ1_64LaOQs2Z2-PiHpZahoySTrd4rvL9N-QqixNEl1zlrIi7DuZs-zWDOhkcieNZYFCbbq1iEWOEOHUY2aFCFN4TmAjN9ovc8htgeWCHx8rj724tY-uFKEneCGJA-mQv0XRJcVEAqwkyi7A94-vwtYjCcCd6sg7aL7JgPFqQcskvrN54krX31-di3ovkDw75rK-9ZWouSCFBo5dMrI7ArgBAGABsfNz5jfnu2p-QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3CruQxdxqHTOSJfcMcPp23WawTvA%26client%3Dca-pub-4491659496372172%26adurl%3D

Requested by

Host: 99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com
URL: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

7f92f686742cccb104a91283a723ef0a5980217cbec2a01bff91666363b02e7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sun, 02 Oct 2022 11:27:08 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=n7cN6vxZROO2KeeuC_rz_a2c6czvjYmt6YMBwfTG0gMRiw05Ao5z7J1bKn7ciLiQcUVhedVfn5AItbssnQOM7q0EVoGsXTNHAbiTXjSuVDthYHFlFLnZyay-FLfCOYcDecO1JEgJJyjYc6azl9Gw3e5XLHtjGmpGliJOOCXoNonsiclTzc99y8zktqwc7vQzf6yOEeaERS0-4teWmzzV36hIWBqB91dpDYGPmBmHCVUU1d6HV-p8KtoZDK-dYfhdC1VUZQ"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 86348572
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame E272 3 KB
1 KB 24ms
24ms Script
text/javascript 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/window_focus_fy2021.js

Requested by

Host: 99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com
URL: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 10:31:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3365
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Oct 2022 10:31:04 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame EE6C 1 KB
749 B 24ms
23ms Document
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com
URL: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 14197
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 02 Oct 2022 07:30:32 GMT
etag: 48472445140208031
expires: Mon, 03 Oct 2022 07:30:32 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame E272 17 KB
7 KB 26ms
24ms Script
text/javascript 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com
URL: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86d8e892ceacd8c8a7e7125c68dd0e1b311f8399871b6d64b8b6795f0235c1d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:10:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 981
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7559
x-xss-protection: 0
server: cafe
etag: 15289875785628835784
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Oct 2022 11:10:48 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame E272 0
0 46ms
44ms Image
text/html 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQNcSUjCmlHGIH9uheVhhb-RdgyrX7oJwpfbMz15pQ5Nk6RoPYYU3X5S783NixcA-e034rnTOMAqYz0YybyJ5bSJwytYw
Requested by: Host: 99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com
URL: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame E272 22 KB
7 KB 27ms
26ms Script
text/javascript 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com
URL: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 15:28:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 244710
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 29 Sep 2023 15:28:39 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E272 140 KB
44 KB 220ms
219ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com
URL: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da8438b81e390283f6eb8cc9cf49ccde3d00c954b4fbccdf6372c162c4b58ab2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:27:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44530
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664365478704152"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 02 Oct 2022 11:27:09 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame A511 640 B
316 B 47ms
46ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYqOH4xgEwAQ&v=APEucNXOi9L-bzlsPLM7pGKE_zhGrxeXUQXOBu4xXIYTqvZXT57b_PCEjB7r4Ixp8OKpfgiG3Qrwlr8ffUDCNRMwhfCFDExLur4fvvotDOXZaHe6UyErm5b8PeID4vhGAPdKsm2O8zoAZuw9qjpBnH8LLCr6sDuz-_Ci9etv-0OebXPKOut7Dgo

Requested by

Host: 99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com
URL: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 295
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 02 Oct 2022 11:27:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 8D40 85 KB
35 KB 211ms
210ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B2IBBR_6poSDz2k92heKQ5r4YFaXxhiRRH5i0njags_c4tanRe6NzZD3biebQH38xjxvHvpGPlm7ZZ1utW7g34tUjwAi5h9VidEovrky2WSVsfeyx5M1IxwEzq4C_GQwjrMo8qe6i5NDIRSB8Eojl5Gj9biDxSnyFofTqaAPgrbWx6M5s&dbm_d=AKAmf-B4ULEswE4RvExpqWhoiVAZzyXjWrZSEaeFlaTJwXI-PMv2ktCRyul5FXoVINVbKkf3YftuwWejn-buQVUSBEQ9t0ZI1G6wdfJ1NMoVz2kIiVFNRUtPkYkX-odQcxGoMPEkmyV3-x3bJf1NSIRS3y8JINTKANbYiIF1pdg2pyUwN15OjR_92eAIoRCx4c4EYGb7e3KwM9V1tgf9lycwvAddlfeloY5SJlycG_J3Eoldusz6H1UHZjFcZLsLsrSZT7TiydS6HT8ucDI7Rk2AbzBnqIEuM_QWRbhjn6xC7N_vOUWVbRBVwJ4bj7IwY5Ef4aY0ScGy36zgZLW2L75O19NQOgho-DjNxRJq7fyD_ynqSFJauAZQc-Y9h0aHTuj9GthNh8QuqCgruwa8xcr2SHGtYOmgOmBCzsMuET5km8qyaU7JxYM3KFFjcqxaYCA2aZD1ZG1YrQP2zmyGB4P1ul6CdIAaf44gQs3iANeeVUsNll0tlFnM3Pc2ZXHAK-DXprbxW6t25YYhGdwSChF_wCS1d-KKJk84fNbnXXugYcbvSlYGThhrGShEK9cbyTHzpl5lBywuywYu0-Kjv7rLAZyJAYr5H8Imi96pTWuFS48eA92LWZO48VhGWx4UXUt1rsbDL90BESAQnsPX8ftrIL4oQQJ-0lLROudzye5fBgvLw3X8i2p-SXTv1wfCzwajapjq5yI7H-Z-d77HdWc5MlszQ1878iaZUAd3g55Tb6-6cTh480JQgbT83gvQHnPWgnI-PTvA3DBGgJbRJIhfelh-WAM-kBRP1FD3uD0jHkMHQANDqD1yHzGt6gB1rlkRLIvA_RoSyQ3frN1WEoX1165bQz_Y_XQlykPP3DPDhf7Td-lYK2uBIrWNcLhiVX1H1-_qJ2p2PwhOH00PWc0jaXFfuHfPdbbJ7w0qJ2X8RyLfQxRYqsx0OD2RhIgSX_xerBBCfLh8BOaexmwbOKFzXgN_ungPod2Q-VbINUC9ZAjs18XgyWRGP25tEwZ-hbIHsyNIk6Pq5PT9_TQkcBxafUztNqiscEXbG1LgoZHAdmW-LCIzAAUaT7tt78o2gy8mY6ekmURihoh22fGZiGUb9sD8LqLLsJ0k8m7lETCcv4MK4hwp4ZAaJ8k5caKrAOZgbpKj0QoyebSES9CDFQMFQANWw9zR6n8vbSMNNCC3t7vUS-0PzcCJ9XRRYStrqPY9RpX7MJHMw5O4EblLpQ5H5I2rnnE1X30SdJ0mnHyO2ZxDHvNwnrzNV-TDO0os4P9JjRw3LOOJeXPGP41AT3efi5x7C0prRC5DQfDI64advYf2b9OpRLXMlVabHl3rvpO6pG-1ws_fFilxStLKwZ-meT9YlSeC6joi7vYKLjh56a1Ip056Qf4E-70GMwhxLXUN0GlclUkmcoQKETX4WNvzHMQdBp5NYyI7P3Ha7yjhq9VHb6E-Lmt7JTyN31YKBXA4PINRlbZrJxo6uZ_vcZZoMU7aqaMBFZbHT6erXq2RBZAemNdQ--YBceWxMdWcFUzXcDd-XfF8Jn0GIPF5sMpUV9zL_cD2bAkvDSF_eME2P5zt3XEjqYJCo-0ZroVA6TfUh7lLIsF_9g1S6cOtrllAVjx1Pst9GzqyIryiGU5c1xQBHuF8bxKaodpR5mFptdN7Z9tPmOJ5TEPYWSxP9I1oXnRbqlbmI3APfEoI-G7KMexkKKPv_Q2OTkvgepgbZjSY9InxhlMJpHNxcB8zHZr7bw-F2CklMEiZnzw3YGmHhI9gXO5yHHLUml3aXuGh3UjZqM11EHlwyTjTzKiMjZcAt54cyDqqap1YUG3kv9H2UMM1tcedRdY2QUQ6PK6oH-m9yPFzm3iAn4vGZif4ZstrnSk91Cc7MTAq97NrTJ9jIcF4cj2yggJKEBQZlbrbg8mUnETK5GxgpzvBQn07s5WTgQyakTI5mPs1tMqQUaDCkHK9n7h3urWJbRRBfZJbdAC4o9ZAi7gQwKaU5kq_Lb6RtCEF42BkorfMWybIvwaBRcvK1habZoTzLG_WA8cZtSlvxeOlDU1YAEqCMKpHlpQZT0KSYcF1aq3WRWJWNbHi8BdhfnoC6tfVyY5RomiZyEFg_vQHzrjoT8pA7Riq-ZmdIcgJRITcUCJJd2llFtzaqAPLnqPrby3lkQJmFeCKHwHWLHAhoY1B7QZvj3FxqDe4CnbeuARwTfb9jxGY5-RB1M-SY8WMEWpK2iQtGMGJ1krb75cRRhhnbD0zrK3KbkLjpyUfCYP3eL-95h39J0-3mLtsnOmrLy9HODSuDeshyFXR4WFe7vH8tHgR4pcgGhBgkN2H-4ekPP5NWnzxPQbjvs-BozeOELP6FCo98IJQzhy4JBRldXkibbPzZvR12CK1O9m0pBxwsa5em4NZkC5DWMJYVN0VmIyGDygUFCnKlJrBht0N9jv5N5bLeN0r8Ywh97Pxi32Np1W5OBvaSyRrSAPZPexP045sq7XMMQJask5JraB6WbtN6AhN9tzX3oc7F1ENTbRNP5LFT7X05YyGGgWdlrAaZ7H_vZQNMIlQchfeJgipIa9x7dzQG7Iy7LAyge0a_CQgAI-4P2B7QvN-BWnKFpL-48oeEEFSu2-OWKWu5zBa5M3imq_ZTx8MKUCFfiDMnOrPqpVe4FlnEzf3T8SW9rke0PnYL40UVbMK39lyq38cNrRjk1JcG1tJOvL6ceGE-VoXhvyOafF6GWJxgKbeo8I5rPf2imsiFIPYzEwnCmm4bSyI4bE2njbR7-MAakBt6qDd7unUA1HX7lP1ZOiU8306REvvKYJ6cmQQeMiu7VSCxL8FebRPxFa_-yR5t5v8Qk9diUPEVju4JzfxtxhPHOuqW9Fd6YBM0n44SWNP-T-gvdL4K6Trsv2fQp2c0K7TLdNqlj7cZenMLnTZLkAe1_M9aUSYWijzhf6zWC9aMa2xkNVutNcsQmbhm2ecgabqEGXyjiScxo2m97moGzjvvBLgmRWMqOYQ5b3rdHmHsgBogdaB9p7TwUWLXvVQkpPm9kATsqsIRu5ULqi3nl7U5GjNI3UecllLuZBu5dwX7KprQDxeMRjMRnWcoY9l_WT2MMiNTQZIvnvzeN7Mt_39-7VLJsypDw0suMTEEsW8460lOK8jTtjuJe0j55cQ_jzbzhafV_JrHrGh_yN-9q7dyR2_kwfqg5tTezqa9VgZPFRxmDA1GPnXe39R1ucZBYOXHneN_FeMg4baIubwat7c0mA6UcqNaJZjuo8RYJcgXLScoT_tk_DPmV0i_jZZG-DFnG0V-F4Qo-FocFsPFvDEs1isPe4yTJZhfYEuHk1cDGPT-H0wuLLLfhjgqmY_wiZ1US4Nl63-Cna7rGJmkLSTmi22drsig5ieV3uptPO6wkuSIIDZBWo3hFFGvfS3wEvpVORGpQ&cid=CAASJeRoLk7P-nBw5GpwE4SXCQriWIJaukigfu8b7oRyAPWxnxPXYrI&rfl=1%2Chttps%253A%252F%252Fwww.walla.co.il%252F%240

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dc0e2d09a7a39266009e09153b74555d2c43529fbf07b6b8f6f2eec6532ce9c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35353
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8D40 42 B
63 B 56ms
55ms Image
image/gif 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CHbSTlXR2yJDHcQQpg4Jlj4zaeJiHtMnEQ2g_qXCW54hvHlQ_esdaGE4zD_W0YAhJnt92YKOzmWFMSoqGLX-oKgzBDL6NGRmmNK79gIyUk1EZYJgY

Requested by

Host: 99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com
URL: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame 8D40 3 KB
1 KB 36ms
35ms Script
text/javascript 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/window_focus_fy2021.js

Requested by

Host: 99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com
URL: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 10:31:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3365
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Oct 2022 10:31:04 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame 8D40 17 KB
7 KB 29ms
27ms Script
text/javascript 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com
URL: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86d8e892ceacd8c8a7e7125c68dd0e1b311f8399871b6d64b8b6795f0235c1d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:10:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 981
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7559
x-xss-protection: 0
server: cafe
etag: 15289875785628835784
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Oct 2022 11:10:48 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 8D40 0
0 44ms
43ms Image
text/html 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQw_V0jsPlcgZyrTH20NPfxqOY-CzgCBVt0uodhmt4Kp2VOPQgm0bMu6BknN4i2y86LCyYJkW0Z8XEdB-8s4cvjAhx_iQ
Requested by: Host: 99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com
URL: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8D40 140 KB
44 KB 213ms
212ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com
URL: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da8438b81e390283f6eb8cc9cf49ccde3d00c954b4fbccdf6372c162c4b58ab2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:27:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44530
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664365478704152"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 02 Oct 2022 11:27:09 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 74F6 640 B
316 B 48ms
48ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLO_UBCb3VAY98qx0AEwAQ&v=APEucNWaxaMpCZqUAq5Gp4GAcxkQ8ld0dJNeSOopLA3kndCdHFsXhg4W0Fsz1wMk8deh30RjBuYuKz0Na2KBqzLPR7bYAu942_Ebs9pQ7HLARJ1JDwB_2SGZAAzkrPs2nb4ytGYz4UE4GtHOUrHIFPMfWK0cOP9ZfBnUMQDCBK8bxH7NYv9BdHE

Requested by

Host: 99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com
URL: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 295
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 02 Oct 2022 11:27:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame DFDB 80 KB
33 KB 190ms
188ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ANnvYdjFzDCORqp2EV7xjc2zEnVbMmzkwK7vMwhTpfZ-DwPeYOHPooHiPHJc0RLcNKgL9WC2YRppu5WiL5U7egr1yZCQ&cry=1&dbm_d=AKAmf-CNPct4xOLKdPvFYqwvZfEBP-IGkDyKSG6ePH7kjOCCN79Twz0ZKshWUSjQ-idXBxPTy7D6u9W9xEmmoDDnVHadfhhZhupy3uD95mPKR_kxV3RGVBT2urPnTlWJkDKCvUnSUSDkY-mb0yBbSFC1JQ0wK-8g3xgUmNgB9os18laZlu4CYJqTI9nueYHxbnSndF0fA0l1yWTzCBle09xi-6q0Eel-kodAJ8DZcxeOBXkFzG2xgIsZXV2c-lgI-832rPnRS6FxJa3Cgc12Z_cUkj7ma1C349GcgWNmsfoSAZvBG0I1WfzabH2O6ErMlwIZkBNyJtZlEPbqFT0RWtFAaU7Ly8q7MTTgdUIxEMlf1uuYCs5OgLTpFqOwft_48t_OLAOHhHTv9cy8og7OXo-EOZGwIHQBR_Yb02R8m0ICx_BNJG6ipJzW_lkssBiUDCc4zFZwlpLBaO_fC7PnL-axo3GGuKzXwquZHd9sXX01nCGS6Zt-mZV9pZd17pDxAHrB1-rPz05rp5d976JLGkAOvPI1kWs0zXRDA3sVc_SDCr0d44wTXbzCXLaTvczpXi7E_enzAbHv5wc_Ab_L-YRD4EDIwrOsxU3SIIKBAQv23Av5EputGNEwWdOSZMCWp0yyRB3E9QvmC2Yib7ncw8AVKWgu-GgrEu2oh9BWQHit93HRFGXSEzL6Rbb8vdw27_v6ZaE9Vi3NDncPoiCjdsJeTDE-jW7QwbXSj8NiVoWNeKTzFTICupzxdq7m_jIsz0DVSTnT8J4KsQZVRF7IXNfezqBsfSTpsAEYOWWzt9IhlLvdf_Wb4FoZ6xFlKdQaPEx8kniW29-s9VywHeGoS7X8TWJJXfyIgYOvBS1dAbGkk0MFuVna3pWeZp3L_xbaiRvnom46GG3R89OnMlHyuZ5X4elIt4xcIefXSRvvt65Ux6mGGsqzzvjE7Z6D6WAXSvDZGOkq5RR7lZHqMiXKIx0nQsdv0G9EbeRBO9PdWbMopvtMdSuAgiOPIUM2uQhi29GrjzP52EFim09OrMU1jL322sSoCgvSADSaubD_-xKPSF_P3oozyooD0sAShEAeEeHvukf2N6bXLGOXwneEG_xZtLQ0tYgvrnZZpHgGaWMLCwLYb7U0LtSrpClF8e_sRsn4GUE2jvAw88-761Q9MYN_LPkG6bMJ2Jvv-oDcp-S8y8QpqAHWX3jY7_2kRh-w-wFYvLyssXIvEJk9S_YM0dD2iEEiNA2tzg9ouyErX6Wp50c7o5FsS1X-ZL64FmlcVlKYCVhOjwF3nBiqs06bku4MOWHKyP7JSkXsxlumqsfaZV5VTx1NNR5K9BveYjhzCbyeHWrbx2fg1daruD0VF10byTAZW7G84NhgReQksr-Vkn1lfUGpGvxyznNLlGHN_onpx4-CuxmTG1wAIVyGtZ9bWvq_TnFDzZZoQSPS0ylnzgBFOpTWcnAJvzysy1vHRdOtQM1Re7h2-lKrfA6XQwP0Ws7hVPanK2a10p40LyMsuZBEbQeFS5sy0U7TaRvElXFb9at0FfBEpAJYZT2Xl0lwq7c3Qa5QOMGFjWlt_0JWL385k1RMn5XaVWym7WiJnJxsyhB2p_gItATdmUbYPnCR7IQAw9ohgCda_Yz-j1J5-TzpwNt0ygFA5DU6iSbcZ8N-NEOO800pBM0761SohJaFJm5Qn7hhK6a79QD7jkbTRwTXdTGdZjD0O9nLGUppQewwfNsbr22U9huBxKNRdzJz78NDYsevRVlpKCOBCCMRoujuN7gZcte97_JhMYB0LaMGxpUIvHUXJwbp2Lq9kHVJKcL8TrVZvGOVhOuksBd7u4A9vO2BPLNTW4FvASHAIdcKraDqBnny9sevSVqKI5hWOJ-Q6iyAon8UIBJZzyLW1BF4BC-rB0f69jaX-5Zv5sZsE_ga7MMIBjRqLlEX9GTxwr4-pqOrCHgYgI4NaVxY2rmUhCsE-kUhIH-UruduzAe55k5caBr8ZQ2-rW7WPbEqU11rIjiYRCwSicnJowPTfLB9Vcn6UypCocJDn2U0xs7THcC8nCoJ_j69sWcKO1Vv3nfBAY4NXbDpGwFo1_M8CId-0OOsrnlsD-RzIZAyXxHGXbgWGm4Ae9dL-UZSRk_4L-31zIuBkLExv6hnUL5ET9CL4N5HmHWCvCr81fcUBRNMFTxX9YQa9JkrTclH04fHUXCsW1qxuaPbAJ9LMGJSJnanpiOyFGXQ8uxoLyoKq-6k9fmR6OgU6vJAGb2WbNqiU7UdfFHKbCpkE23ZyE5lar1qCulBcThPdVGFiYzqIHDY3qt5cQ2N--mOS5FuTKHWEhf8gJiRqdBYxXgbbwuOKduXxon8bFq2owNXhAOcF82318J0jzS0nF-6qsNFPVQoZ9An5_x4CjHR1s_F4lDGcV0hmlikW7A9V_nDb3xxqBTHdwDpdnCloLU2JPe3Rs1Kzp44lOEw23yWwqNjYg3E8G3Sichx4CoEDYfPMS-E-niomxQ4ASmyV4asQH5FNU9M7oPfZMozTOxB5cZaU8ZQos8IM2311D2YweeqbZNvh_OdVwHlepai4YkxyUAbSEPeZYKmr3-VDqPMXtJ4PaLqLs0H44CYcFjusQkoPLPPU1klnAc4J7UwzH1OnE8JNqofTWy_bSCSsxVsa3162yBSzj_fW8XU6tGNmM8Dp91Kpe2r8JM6V15r4q0mDiNxKvGfTdnE-XsbeHTIuJxYn1ASV242hc-7-j28QEg4O6sqxlc9IL0HfA77SgEQ2NAQCVPusffWL3pi061jvKqJWAzMxgcg6mNfE9zMLqCtOwF_olEjxMUjBznlcrQrsv7d2HzgYehOLiUC8JiImxxns4gdByZp0m4KworH6-7vjwkOgAfXI6ZL6VSwhg-V3y7jhme9517nT8jFNiSp4OuxVOnYXvDTV0-U0vsq7OhqzdXL3F8jODBZnjU4J8vjAYfkcN3ke45h5diPAA5M0LOoCWSd5uBY3MhnmtiCLRd0UJgO3ZwODYNI3icykappZ_KN9gLHj9w7VdmLEipVoQ83t0QKaOExgizNmUtwnGF7FY1irI_5Mk4BHv7wHN8FDEIRChYbvbLv31HcNeJ9rmDqegcBLyAYXBITLAZJUVGvAOYsxA94mPb1dVRXIFD6o1to58qZ1S2SSzsoS6CxnjeleXCKlh0SW2S-STaELXB0Z0KQ3rFIUMBdvSQ4zAWJBWq5xpnTm1FfPoWDeLWu1GPDAXcUmgLgZPFZvlCo3WpFBkVW5OJu6XpOsNbF&cid=CAASJeRoej041g-2IcYdZdPTkSQ8tPA-w5yb6kFcWUux2WgB3vUHsxY&rfl=1%2Chttps%253A%252F%252Fwww.walla.co.il%252F%240

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

726ec0188b0fd4042603136faf9c1f8a31182c7c0e29b0c712f0290ee2bee500

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34216
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame DFDB 42 B
63 B 56ms
55ms Image
image/gif 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BZhP7tqVvLiZaSRePZGizVu6n4Tcnbc7NOZucZZypU5RDH0Zg15OPB7fs45Z8kSZ-y9F7EFXakpA3vA4E2VqjNeQGPEnTJ3mh6LhtXkF4cXe3hwAs

Requested by

Host: 99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com
URL: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame DFDB 3 KB
1 KB 36ms
35ms Script
text/javascript 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/window_focus_fy2021.js

Requested by

Host: 99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com
URL: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 10:31:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3365
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Oct 2022 10:31:04 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame DFDB 17 KB
7 KB 29ms
27ms Script
text/javascript 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com
URL: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86d8e892ceacd8c8a7e7125c68dd0e1b311f8399871b6d64b8b6795f0235c1d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:10:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 981
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7559
x-xss-protection: 0
server: cafe
etag: 15289875785628835784
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Oct 2022 11:10:48 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame DFDB 0
0 45ms
44ms Image
text/html 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTEZf4t1PUQn0oh_6Sqgx_k7lTJw_9tb0NGma37BkFa_AIu5JMBBX4E2Qq-G--gAKPGCcjLZyMoIsLf0EOs0BgiVDEMZA
Requested by: Host: 99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com
URL: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DFDB 140 KB
44 KB 208ms
206ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com
URL: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da8438b81e390283f6eb8cc9cf49ccde3d00c954b4fbccdf6372c162c4b58ab2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:27:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44530
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664365478704152"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 02 Oct 2022 11:27:09 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame E272 0
0 64ms
63ms Fetch
text/html 142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CFpbWjHU5Y67TLZS7YND6r8gGyZ7SsVzV9uLWkwHAjbcBEAEgAGCVgoCAsAeCARdjYS1wdWItNDQ5MTY1OTQ5NjM3MjE3MqAB1bbS6gPIAQmpAhaE2m-4cbA-4AIAqAMBqgT6AU_QBbtIBsVHiFfCzJbvdbM93KPRcnZMyXuSpjFbP6qAh1G9jRdkQharrFVLk0VK4_b-zfSDBSvqXUE94lqSd17UwPIgGfiCc6XFNsYUdkUo29YxN8Vtlc1o8D8XeIJ1_64LaOQs2Z2-PiHpZahoySTrd4rvL9N-QqixNEl1zlrIi7DuZs-zWDOhkcieNZYFCbbq1iEWOEOHUY2aFCFN4TmAjN9ovc8htgeWCHx8rj724tY-uFKEneCGJA-mQv0XRJcVEAqwkyi7A94-vwtYjCcCd6sgr6DatIRKNRSTDu5uN7SNp3RqfJvikFhyW1L3XSTpvMiakbC9Z3XgBAGABsfNz5jfnu2p-QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTQ0OTE2NTk0OTYzNzIxNzIY8eYT&sigh=_Qcrzct5hYQ&uach_m=[UACH]&cid=CAQSPACsnQUxBGR4bkU5xwG26zgjiutvqg9d83J6MnDt_fqacl6mEQ880tk4pcRt4Yd8l4SAiEFICc2JqVAkUxgBIBM&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.39.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bud02s39-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame E272 0
0 47ms
15ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=k5CTFLr5RKwCkAOdg2ICAgAAAI9v_qchM8M6UwfGnGMh-yoQjHU5Y_nW0EWDID1zEXu8ABIAAA&wp=Yzl1jAALaa4KGB2UAAv9UOJBOzUGXRKFUp5U0A&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:27:09 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 298214
content-length: 0

GET
H3 200 FfRQa39nZAvr1dE-0tAG9JrhPraJGrBbwHLzQGJT38Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 26D7 36 KB
16 KB 25ms
23ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/FfRQa39nZAvr1dE-0tAG9JrhPraJGrBbwHLzQGJT38Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15f4506b7f67640bebd5d13ed2d006f49ae13eb6891ab05bc072f3406253dfc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 19:20:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 317178
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16034
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Sep 2023 19:20:51 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 4B28 4 KB
1 KB 118ms
44ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700|Roboto:500

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16599807781199218099/f73c45457c22640d145cf3a5c331a2b3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f024141ccf910073696d2264ba468081a352ebacc30448a5b94d2790136bbbfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 02 Oct 2022 11:27:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 02 Oct 2022 10:05:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 02 Oct 2022 11:27:09 GMT

GET
H3 200 516e89921006f00cbdfc873ca44126f1.png
s0.2mdn.net/sadbundle/16599807781199218099/media/ Frame 4B28 56 KB
56 KB 29ms
28ms Image
image/png 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16599807781199218099/media/516e89921006f00cbdfc873ca44126f1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16599807781199218099/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a944a1c75112a08d803a93c4a8bf8e4b24710ce1b2dd0e24fe365b4c82ae6d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16599807781199218099/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 12:33:57 GMT
x-content-type-options: nosniff
age: 427992
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57625
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 10:00:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 27 Sep 2023 12:33:57 GMT

GET
H3 200 06f91b438b5c0d7fe6dff4bf6c24cf00.svg
s0.2mdn.net/sadbundle/16599807781199218099/media/ Frame 4B28 5 KB
2 KB 28ms
27ms Image
image/svg+xml 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16599807781199218099/media/06f91b438b5c0d7fe6dff4bf6c24cf00.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16599807781199218099/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb4a29554c161fc6298d26273c106770fbe6c66bff37bb0db2e7826a9f84cb4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16599807781199218099/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 23:12:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 216858
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1998
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 10:00:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 29 Sep 2023 23:12:51 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame EE6C
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEDhvWJzdp8lrVf_4aL5Dczk&google_cver=1&google_push=AZmPxg-wXwcweEbboCHPvLHMh-pk09v5b-OVtkvlNgPasYT-IuugUBx6Xw8H8uDb9328nzJ4b6KLMOqON8VFTyOs3bd26K9bxGQ&r...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDhvWJzdp8lrVf_4aL5Dczk&google_cver=1&google_push=AZmPxg-wXwcweEbboCHPvLHMh-pk09v5b-OVtkvlNgPasYT-IuugUBx6Xw8H8uDb9328nzJ4b6KLMOqON8VFTyOs3bd26K9bxGQ...

43 B
414 B

186ms
170ms

Image
image/gif

2606:4700:4400::6812:230b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDhvWJzdp8lrVf_4aL5Dczk&google_cver=1&google_push=AZmPxg-wXwcweEbboCHPvLHMh-pk09v5b-OVtkvlNgPasYT-IuugUBx6Xw8H8uDb9328nzJ4b6KLMOqON8VFTyOs3bd26K9bxGQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg-wXwcweEbboCHPvLHMh-pk09v5b-OVtkvlNgPasYT-IuugUBx6Xw8H8uDb9328nzJ4b6KLMOqON8VFTyOs3bd26K9bxGQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: 99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com
URL: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Server: 2606:4700:4400::6812:230b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:09 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 753d16556e0f9b5d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:09 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 1333
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEDhvWJzdp8lrVf_4aL5Dczk&google_cver=1&google_push=AZmPxg-wXwcweEbboCHPvLHMh-pk09v5b-OVtkvlNgPasYT-IuugUBx6Xw8H8uDb9328nzJ4b6KLMOqON8VFTyOs3bd26K9bxGQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg-wXwcweEbboCHPvLHMh-pk09v5b-OVtkvlNgPasYT-IuugUBx6Xw8H8uDb9328nzJ4b6KLMOqON8VFTyOs3bd26K9bxGQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 753d1653da279b5d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 503 5w3jqr4k
sync-tm.everesttech.net/upi/pid/ Frame EE6C 0
177 B 119ms
7ms Image
text/plain 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEHwnl4ursZTQMxKWfohqc3E&google_cver=1&google_push=AZmPxg-IhVy2POwGlin06NiMor21ASPGWEzriAPwr7PQADzoTzJyF2EvhxFs8TKpXlfWaA2xzRkcvCyCHeRJZTmOrgjhPI43FdY
Requested by: Host: 99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com
URL: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-cache-hits: 0
pragma: no-cache
date: Sun, 02 Oct 2022 11:27:09 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1664710030.502467,VS0,VE0
x-cache: MISS
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-served-by: cache-hhn4026-HHN

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame EE6C 70 B
264 B 37ms
31ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEBFCY5rQM_aFVppRCE3Ly3k&google_cver=1&google_push=AZmPxg93ZXavnVHsYHRIMzC8emOrne3DyyXQ6Aze5rq9UHQvlDcO9GZCX1E6L95FLpSDcLMZzAcqTISLoamO8K1rP3QfTWZ7R-I
Requested by: Host: 99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com
URL: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 02 Oct 2022 11:27:09 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EE6C
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEOkyOg1ugcnBcSbEbpAlByU&google_cver=1&google_push=AZmPxg-E3LS5iPwoWuiaH0EA6DwY8jPOztGx-nHimZhJERbJMkHEgl9lvMcOSfW6Wnt3UaxOy0CQkwN9lA7Bqa...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE0OTg3NTEzMTg5MTcxMDEwNQ%3D%3D&google_push=AZmPxg-E3LS5iPwoWuiaH0EA6DwY8jPOztGx-nHimZhJERbJMkHEgl9lvMcOSfW6Wnt3UaxOy0CQkwN9lA7Bqa8vuk...

170 B
188 B

33ms
23ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE0OTg3NTEzMTg5MTcxMDEwNQ%3D%3D&google_push=AZmPxg-E3LS5iPwoWuiaH0EA6DwY8jPOztGx-nHimZhJERbJMkHEgl9lvMcOSfW6Wnt3UaxOy0CQkwN9lA7Bqa8vuk0FhsqjndE

Requested by

Host: 99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com
URL: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE0OTg3NTEzMTg5MTcxMDEwNQ%3D%3D&google_push=AZmPxg-E3LS5iPwoWuiaH0EA6DwY8jPOztGx-nHimZhJERbJMkHEgl9lvMcOSfW6Wnt3UaxOy0CQkwN9lA7Bqa8vuk0FhsqjndE
Date: Sun, 02 Oct 2022 11:27:09 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EE6C
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEHjHc_tyCkI25ps5pgBgQFw&google_cver=1&google_push=AZmPxg9kpD-i_wh5cE8FRnknRcaa3bhicGqsOgO_OgRezdTUiq6AYf-oikkzmv3tkmKMdrxCmi31YtiwKF6L9Ffd9VyI...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg9kpD-i_wh5cE8FRnknRcaa3bhicGqsOgO_OgRezdTUiq6AYf-oikkzmv3tkmKMdrxCmi31YtiwKF6L9Ffd9VyIWvclUX4&google_hm=f3SV9yj-Rh-HmWpdN5fU5w==

170 B
188 B

25ms
25ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg9kpD-i_wh5cE8FRnknRcaa3bhicGqsOgO_OgRezdTUiq6AYf-oikkzmv3tkmKMdrxCmi31YtiwKF6L9Ffd9VyIWvclUX4&google_hm=f3SV9yj-Rh-HmWpdN5fU5w==

Requested by

Host: 99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com
URL: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg9kpD-i_wh5cE8FRnknRcaa3bhicGqsOgO_OgRezdTUiq6AYf-oikkzmv3tkmKMdrxCmi31YtiwKF6L9Ffd9VyIWvclUX4&google_hm=f3SV9yj-Rh-HmWpdN5fU5w==
Date: Sun, 02 Oct 2022 11:27:09 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EE6C
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEPp88BGKiDz4WHlDERtSwto&google_cver=1&google_push=AZmPxg_U6-oJmfk064B8L3loZdI1dvhRIKpWJFzB5Te7ybImhx-kqhQh_xTINKq2g_86Mac8IpzmkEUcrudw-Bw7ZkCcf-C...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AZmPxg_U6-oJmfk064B8L3loZdI1dvhRIKpWJFzB5Te7ybImhx-kqhQh_xTINKq2g_86Mac8IpzmkEUcrudw-Bw7ZkCcf-ChxyU

170 B
188 B

41ms
41ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AZmPxg_U6-oJmfk064B8L3loZdI1dvhRIKpWJFzB5Te7ybImhx-kqhQh_xTINKq2g_86Mac8IpzmkEUcrudw-Bw7ZkCcf-ChxyU

Requested by

Host: 99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com
URL: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AZmPxg_U6-oJmfk064B8L3loZdI1dvhRIKpWJFzB5Te7ybImhx-kqhQh_xTINKq2g_86Mac8IpzmkEUcrudw-Bw7ZkCcf-ChxyU
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2

200

/
onetag-sys.com/match/ Frame EE6C
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESECsHzovzHMVkBIrA9DFc-3g&google_cver=1&google_push=AZmPxg-6wRtCL1bW-FaaFZ3SSigPN1hCuat8QJhqZTJwAKUK1wGCPoCsR0xqS_s7MiJrVkh_tNOHA2EjBUJ...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg-6wRtCL1bW-FaaFZ3SSigPN1hCuat8QJhqZTJwAKUK1wGCPoCsR0xqS_s7MiJrVkh_tNOHA2EjBUJVJq-LVkSNtwJ92-pZ
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

13ms
10ms

Image
text/plain

51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: 99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com
URL: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:09 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame EE6C 0
12 B 19ms
15ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I_GO0lZ9eJAMQSfC4gJW2HP5o35tP2ZWLMmY-kahm29I8rIi5HlJIkhouLTLMxbSsdlvu1rg

Requested by

Host: 99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com
URL: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:27:09 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame A511
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEArz39ujfwYHWnaQj9kHVeA&google_cver=1

43 B
114 B

18ms
18ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEArz39ujfwYHWnaQj9kHVeA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYqOH4xgEwAQ&v=APEucNXOi9L-bzlsPLM7pGKE_zhGrxeXUQXOBu4xXIYTqvZXT57b_PCEjB7r4Ixp8OKpfgiG3Qrwlr8ffUDCNRMwhfCFDExLur4fvvotDOXZaHe6UyErm5b8PeID4vhGAPdKsm2O8zoAZuw9qjpBnH8LLCr6sDuz-_Ci9etv-0OebXPKOut7Dgo
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:09 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:09 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEArz39ujfwYHWnaQj9kHVeA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame A511 43 B
131 B 63ms
19ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYqOH4xgEwAQ&v=APEucNXOi9L-bzlsPLM7pGKE_zhGrxeXUQXOBu4xXIYTqvZXT57b_PCEjB7r4Ixp8OKpfgiG3Qrwlr8ffUDCNRMwhfCFDExLur4fvvotDOXZaHe6UyErm5b8PeID4vhGAPdKsm2O8zoAZuw9qjpBnH8LLCr6sDuz-_Ci9etv-0OebXPKOut7Dgo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:09 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame A511
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESELVoEu8gO5lLLcDiYJpgnDk&google_cver=1

23 B
172 B

273ms
159ms

Image
image/gif

104.96.128.226
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESELVoEu8gO5lLLcDiYJpgnDk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYqOH4xgEwAQ&v=APEucNXOi9L-bzlsPLM7pGKE_zhGrxeXUQXOBu4xXIYTqvZXT57b_PCEjB7r4Ixp8OKpfgiG3Qrwlr8ffUDCNRMwhfCFDExLur4fvvotDOXZaHe6UyErm5b8PeID4vhGAPdKsm2O8zoAZuw9qjpBnH8LLCr6sDuz-_Ci9etv-0OebXPKOut7Dgo
Protocol: H2
Server: 104.96.128.226 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-128-226.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

expires: Sun, 02 Oct 2022 11:27:09 GMT
pragma: no-cache
date: Sun, 02 Oct 2022 11:27:09 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:09 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESELVoEu8gO5lLLcDiYJpgnDk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame A511 23 B
172 B 272ms
123ms Image
image/gif 104.96.128.226
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYqOH4xgEwAQ&v=APEucNXOi9L-bzlsPLM7pGKE_zhGrxeXUQXOBu4xXIYTqvZXT57b_PCEjB7r4Ixp8OKpfgiG3Qrwlr8ffUDCNRMwhfCFDExLur4fvvotDOXZaHe6UyErm5b8PeID4vhGAPdKsm2O8zoAZuw9qjpBnH8LLCr6sDuz-_Ci9etv-0OebXPKOut7Dgo
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.128.226 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-128-226.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

expires: Sun, 02 Oct 2022 11:27:09 GMT
pragma: no-cache
date: Sun, 02 Oct 2022 11:27:09 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 3E50
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEArz39ujfwYHWnaQj9kHVeA&google_cver=1

43 B
106 B

30ms
27ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEArz39ujfwYHWnaQj9kHVeA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNXBERCuvK_DAhjZk-7LATAB&v=APEucNXnYmxZYaabI2pLjNt_Z3oQRai1k7I9TuM0D6A_Opnx9Idh5j2QDis8zmCK0DdVtbWAGDSj9-Xnmv35caZ_VEgpltQpt0QwGHTklM3evPR2X53EFTkQtpaR6I7ZU16C3bcCo2b_caKqt_4boNnTWc32O-VGGZ7bJwiUP0p6hqiRlmvVFkc
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:09 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:09 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEArz39ujfwYHWnaQj9kHVeA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 3E50 43 B
120 B 58ms
20ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNXBERCuvK_DAhjZk-7LATAB&v=APEucNXnYmxZYaabI2pLjNt_Z3oQRai1k7I9TuM0D6A_Opnx9Idh5j2QDis8zmCK0DdVtbWAGDSj9-Xnmv35caZ_VEgpltQpt0QwGHTklM3evPR2X53EFTkQtpaR6I7ZU16C3bcCo2b_caKqt_4boNnTWc32O-VGGZ7bJwiUP0p6hqiRlmvVFkc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:09 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame 3E50
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESELVoEu8gO5lLLcDiYJpgnDk&google_cver=1

23 B
172 B

209ms
163ms

Image
image/gif

104.96.128.226
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESELVoEu8gO5lLLcDiYJpgnDk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNXBERCuvK_DAhjZk-7LATAB&v=APEucNXnYmxZYaabI2pLjNt_Z3oQRai1k7I9TuM0D6A_Opnx9Idh5j2QDis8zmCK0DdVtbWAGDSj9-Xnmv35caZ_VEgpltQpt0QwGHTklM3evPR2X53EFTkQtpaR6I7ZU16C3bcCo2b_caKqt_4boNnTWc32O-VGGZ7bJwiUP0p6hqiRlmvVFkc
Protocol: H2
Server: 104.96.128.226 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-128-226.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

expires: Sun, 02 Oct 2022 11:27:09 GMT
pragma: no-cache
date: Sun, 02 Oct 2022 11:27:09 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:09 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESELVoEu8gO5lLLcDiYJpgnDk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 3E50 23 B
172 B 291ms
168ms Image
image/gif 104.96.128.226
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNXBERCuvK_DAhjZk-7LATAB&v=APEucNXnYmxZYaabI2pLjNt_Z3oQRai1k7I9TuM0D6A_Opnx9Idh5j2QDis8zmCK0DdVtbWAGDSj9-Xnmv35caZ_VEgpltQpt0QwGHTklM3evPR2X53EFTkQtpaR6I7ZU16C3bcCo2b_caKqt_4boNnTWc32O-VGGZ7bJwiUP0p6hqiRlmvVFkc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.128.226 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-128-226.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

expires: Sun, 02 Oct 2022 11:27:09 GMT
pragma: no-cache
date: Sun, 02 Oct 2022 11:27:09 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 74F6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEArz39ujfwYHWnaQj9kHVeA&google_cver=1

43 B
106 B

20ms
18ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEArz39ujfwYHWnaQj9kHVeA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLO_UBCb3VAY98qx0AEwAQ&v=APEucNWaxaMpCZqUAq5Gp4GAcxkQ8ld0dJNeSOopLA3kndCdHFsXhg4W0Fsz1wMk8deh30RjBuYuKz0Na2KBqzLPR7bYAu942_Ebs9pQ7HLARJ1JDwB_2SGZAAzkrPs2nb4ytGYz4UE4GtHOUrHIFPMfWK0cOP9ZfBnUMQDCBK8bxH7NYv9BdHE
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:09 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:09 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEArz39ujfwYHWnaQj9kHVeA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 74F6 43 B
120 B 47ms
19ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLO_UBCb3VAY98qx0AEwAQ&v=APEucNWaxaMpCZqUAq5Gp4GAcxkQ8ld0dJNeSOopLA3kndCdHFsXhg4W0Fsz1wMk8deh30RjBuYuKz0Na2KBqzLPR7bYAu942_Ebs9pQ7HLARJ1JDwB_2SGZAAzkrPs2nb4ytGYz4UE4GtHOUrHIFPMfWK0cOP9ZfBnUMQDCBK8bxH7NYv9BdHE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:09 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame 74F6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESELVoEu8gO5lLLcDiYJpgnDk&google_cver=1

23 B
172 B

287ms
240ms

Image
image/gif

104.96.128.226
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESELVoEu8gO5lLLcDiYJpgnDk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLO_UBCb3VAY98qx0AEwAQ&v=APEucNWaxaMpCZqUAq5Gp4GAcxkQ8ld0dJNeSOopLA3kndCdHFsXhg4W0Fsz1wMk8deh30RjBuYuKz0Na2KBqzLPR7bYAu942_Ebs9pQ7HLARJ1JDwB_2SGZAAzkrPs2nb4ytGYz4UE4GtHOUrHIFPMfWK0cOP9ZfBnUMQDCBK8bxH7NYv9BdHE
Protocol: H2
Server: 104.96.128.226 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-128-226.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

expires: Sun, 02 Oct 2022 11:27:09 GMT
pragma: no-cache
date: Sun, 02 Oct 2022 11:27:09 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:09 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESELVoEu8gO5lLLcDiYJpgnDk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 74F6 23 B
172 B 271ms
154ms Image
image/gif 104.96.128.226
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLO_UBCb3VAY98qx0AEwAQ&v=APEucNWaxaMpCZqUAq5Gp4GAcxkQ8ld0dJNeSOopLA3kndCdHFsXhg4W0Fsz1wMk8deh30RjBuYuKz0Na2KBqzLPR7bYAu942_Ebs9pQ7HLARJ1JDwB_2SGZAAzkrPs2nb4ytGYz4UE4GtHOUrHIFPMfWK0cOP9ZfBnUMQDCBK8bxH7NYv9BdHE
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.128.226 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-128-226.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

expires: Sun, 02 Oct 2022 11:27:09 GMT
pragma: no-cache
date: Sun, 02 Oct 2022 11:27:09 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 8205 2 KB
1 KB 47ms
20ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yzl1jAALaa4KGB2UAAv9UOJBOzUGXRKFUp5U0A&u=%7CEwSj7nQvqNRxxavMM12zGjX9ilcTnDglNURaLKMjxmg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T_7v7MIbxeCIjSgfvZLBL8YjAjDYKP7n41DcP1gPNJLGrwwfD4wQfIxYe5AW6QngModQTWxCkXoz5pqlNFft6rqV9mmWxzVbUCKYYy6OjqqNkA3H0EObGas6UqeipthUgWKg-yHy2HCwguzZ3-XFCc1bTRZWii7VFaX7x65L3W7FwMmnXx5NM-q9aFJsiQWGPmfGa1fw901zDZAfQZqpJt5VsYAlsAB9sBDJn-qX98I-aqLy2TSHODSycvMYZ3t0fXnyZJQqYk1beSnaU4AAEMjwbWpfFy-xdogwwg1gXcZ-_ex30vGrsGc_sKiNFZXS9YSaGhcfBalofezw8o2z8pA3rwhG3DYeEm_iEP4QT_d9PYWRlNNpvbCnQ4hFJ4p5qgqSpm5QVy2KmbUZ8GWly5L1-Q56rCPuP3DzPcHIm7gcAsrwCv6UmYpU9L8sNyeURN0WUlY6Q2RC93K4ZmCxygaAFH6PicV74yMWfCxQ2caneREP4ZFUwwo3SjYLad5_JKw5tKz7E8-hcEQcLQuw0ujm-uew9V5XTlCX-mzdusMgJ5r_xoS1i78&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVCI8jHU5Y67TLZS7YND6r8gGyZ7SsVzV9uLWkwHAjbcBEAEgAGCVgoCAsAeCARdjYS1wdWItNDQ5MTY1OTQ5NjM3MjE3MqAB1bbS6gPIAQmpAhaE2m-4cbA-4AIAqAMBqgT9AU_QBbtIBsVHiFfCzJbvdbM93KPRcnZMyXuSpjFbP6qAh1G9jRdkQharrFVLk0VK4_b-zfSDBSvqXUE94lqSd17UwPIgGfiCc6XFNsYUdkUo29YxN8Vtlc1o8D8XeIJ1_64LaOQs2Z2-PiHpZahoySTrd4rvL9N-QqixNEl1zlrIi7DuZs-zWDOhkcieNZYFCbbq1iEWOEOHUY2aFCFN4TmAjN9ovc8htgeWCHx8rj724tY-uFKEneCGJA-mQv0XRJcVEAqwkyi7A94-vwtYjCcCd6sg7aL7JgPFqQcskvrN54krX31-di3ovkDw75rK-9ZWouSCFBo5dMrI7ArgBAGABsfNz5jfnu2p-QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3CruQxdxqHTOSJfcMcPp23WawTvA%26client%3Dca-pub-4491659496372172%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:27:09 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 27 Sep 2023 11:27:09 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 8205 2 KB
1 KB 44ms
17ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:27:09 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 27 Sep 2023 11:27:09 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 8205 308 B
636 B 30ms
21ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:27:09 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Wed, 27 Sep 2023 11:27:09 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 8205 293 B
621 B 25ms
17ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:27:09 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Wed, 27 Sep 2023 11:27:09 GMT

GET
H2 200 lg.php
cat.fr.eu.criteo.com/delivery/ Frame 8205 43 B
347 B 28ms
19ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=yOzLEQJ6N5xdH3oldp0yrA2cxHWbtoBjZ_K8Sn2ziyncv79hLP7Cm2nQlmnIikAHdAjXur-hmAmxG_2nxG8qZrLJISdsJZxRAo-BLOhf0tW2j_G3bPlf3L7h_wueFRnPziWL3mM7RumrSUknbtRXnsRUglCAa8cuznd0lj_YGAgyk5Y-uH-sTBcFxmcOjEi0j5ACZN13lzlJyrFZ9nHizuBY8mJoam-kGqplpCK-lv5y2om6st-8oKUDO2W04nFSa6YXtp1DKHhMk_WYZLFgcx84LHQKHRtal2-eRZkreiLFwZseQA1WJoku4SuiNStF8_T9PkWLSgLUB8UXdk9aWkB11C8L5VRrT1a-hJP-sKFJExkZrzuAzONgLRbG7d7efU0REKgplpStRUyA5OnfbcubbEc2Gz02K5GernIqYX8dBzyX

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:09 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3262270
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 m
secure-gl.imrworldwide.com/cgi-bin/ Frame 8205 44 B
750 B 105ms
97ms Image
image/gif 2600:9000:2394:6800:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1664710028
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yzl1jAALaa4KGB2UAAv9UOJBOzUGXRKFUp5U0A&u=%7CEwSj7nQvqNRxxavMM12zGjX9ilcTnDglNURaLKMjxmg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T_7v7MIbxeCIjSgfvZLBL8YjAjDYKP7n41DcP1gPNJLGrwwfD4wQfIxYe5AW6QngModQTWxCkXoz5pqlNFft6rqV9mmWxzVbUCKYYy6OjqqNkA3H0EObGas6UqeipthUgWKg-yHy2HCwguzZ3-XFCc1bTRZWii7VFaX7x65L3W7FwMmnXx5NM-q9aFJsiQWGPmfGa1fw901zDZAfQZqpJt5VsYAlsAB9sBDJn-qX98I-aqLy2TSHODSycvMYZ3t0fXnyZJQqYk1beSnaU4AAEMjwbWpfFy-xdogwwg1gXcZ-_ex30vGrsGc_sKiNFZXS9YSaGhcfBalofezw8o2z8pA3rwhG3DYeEm_iEP4QT_d9PYWRlNNpvbCnQ4hFJ4p5qgqSpm5QVy2KmbUZ8GWly5L1-Q56rCPuP3DzPcHIm7gcAsrwCv6UmYpU9L8sNyeURN0WUlY6Q2RC93K4ZmCxygaAFH6PicV74yMWfCxQ2caneREP4ZFUwwo3SjYLad5_JKw5tKz7E8-hcEQcLQuw0ujm-uew9V5XTlCX-mzdusMgJ5r_xoS1i78&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVCI8jHU5Y67TLZS7YND6r8gGyZ7SsVzV9uLWkwHAjbcBEAEgAGCVgoCAsAeCARdjYS1wdWItNDQ5MTY1OTQ5NjM3MjE3MqAB1bbS6gPIAQmpAhaE2m-4cbA-4AIAqAMBqgT9AU_QBbtIBsVHiFfCzJbvdbM93KPRcnZMyXuSpjFbP6qAh1G9jRdkQharrFVLk0VK4_b-zfSDBSvqXUE94lqSd17UwPIgGfiCc6XFNsYUdkUo29YxN8Vtlc1o8D8XeIJ1_64LaOQs2Z2-PiHpZahoySTrd4rvL9N-QqixNEl1zlrIi7DuZs-zWDOhkcieNZYFCbbq1iEWOEOHUY2aFCFN4TmAjN9ovc8htgeWCHx8rj724tY-uFKEneCGJA-mQv0XRJcVEAqwkyi7A94-vwtYjCcCd6sg7aL7JgPFqQcskvrN54krX31-di3ovkDw75rK-9ZWouSCFBo5dMrI7ArgBAGABsfNz5jfnu2p-QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3CruQxdxqHTOSJfcMcPp23WawTvA%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2394:6800:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:27:09 GMT
via: 1.1 4a3271596b4750a635e84d92a47448bc.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-cache: Miss from cloudfront
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
cross-origin-resource-policy: cross-origin
content-length: 44
pragma: no-cache
server: nginx
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods: POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
x-amz-cf-id: qI8ltcB1a230DgyZf4TF9hzqbMe2gVukvztaAI1iQgGzEeU7K_qMXQ==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame E272 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f4839b1ca27de77f1bba8a04991a26bf1635098b3138f5075ce7e49795cb0d27

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 2CDF 170 KB
59 KB 178ms
106ms Script
text/javascript 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/
Origin: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 07:35:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13909
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 03 Oct 2022 07:35:20 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220928/r20110914/elements/html/ Frame 2CDF 8 KB
3 KB 39ms
35ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220928/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C_UAvSqWftVwsJUIFJ59t5fPGmkNuVTF-rt08n-kj8ueBFqlwLoXAKWS3090LQR9nBaQ5csK_udsd_0T1nIwBz-ErzDu1MMP_vT2ZFB3tvcEM_OgwUjeqM2U8F73azd2bZEiDAPMvrwXNsjvkJjumHbDbLDzpriOINIlkur76bLNPBPoY&dbm_d=AKAmf-CZx3JNmA3nRNg0xHw_Uifek38P9EIRJ4WO49sFQ7O73RIJH77Hx91Nb0TX5ERshIuPqJ1HQxjybFqYQ1MeFIU8o14g0ZK_0ZnNj7pX6gNBCEnraGJ1X4mCHI2-2sHVejPlcSCE-OSGftpGwxpjrJO8YDpiZexRYspe5tlCpfrs3Kc4T9pwUSc3BtvtID1ky97160aBMHI7od2rFczCJZ3W5Dapf_FlX5Fe3ZWnTHTdLZWzN4vtXF41xEEq-vSNkY-LNbsSwcdUXfoq1NuD3wFY7F-BFcPbLB6l2IXHjdEV4KvcmnCB_l4e9Yp-B-wsMwB0uXHTQyS8_IxnO8m7AmxfKVVdhwBIohWcm1F6czP10DwtEPGungcxEnqusCV_CHf0JF-IjxleXyfthG3BkLSZCd1wtnuKPbBNw8hAv7ERIAv4-MqFYIBUFZf6ugHnGFBjm0Q7EH-wV5kb6hFFkwZM3NfTFa9taGQAtW1X7LcBLm5RUkM7bcSmaHDRZuzIFk7320Eo6BG98JBkRMg-yJAM-4poREGFQ1xNEcqnb_Td-YBbNDWVoH_RUYfp_DZhFFxDabkQpoNcDxyHG2isUTgmNSwrKNxaKOkzoGtbcp_hm4q5kYC02ue2UiA2hV33QXxcyozX2NJVDBMVnwHr8ui-m90nhh_zutwVqGoD51szqsRzbiL0f598e4RZoroRvswA6rurzJcUnBgVgOVJyu8ZtXkOOKhldsvJypeIFRJagHJ2sWIcq9V7Wq2qP0SM70PoINX-xaITan_nfnIk4muOADSkA_GepNn7JF1cGwNqzKsHGJ_wrzXSXrtCE8fVYxS3FMyzyCp_MjLU8Gu8BelD0Ci1GbcyVxLA8pHL-eObaLhAZZ48mBbr0DTJnMcaMx21J9fQ5_nMQdJV0OAc_QIK216ebTPh9Pu9RYAKNVe67NAkzuPj_vB_VPGNGCaGSdKVXonBZ06ysVjgQmRrI-CpB_rskR5rC6ZZqAhb-3vsl4G8LisKe5Kr-6_CCshFMF3oiTrlaYfTicBRUcwZqJZE912DwzdF7T75yGZnrtrXR1bLl7_PDYBEn3Sj-N4GxZVARth5jrpJHZQw3hbYmur6tulBXsg9FL6VHPQ0lQVs4nWLky2FEMLw3iwbwEHgFj3-FJWJUCavwyCnpL5bHsXzA2M5nuez-PyvAnx_mj9_HEkgWb3LsT95wVxiTKeb2jVMWYxClFIbx7jJtsbG5F8D848l-6FWw9JBLNttCDLE3D0nAdVnLO3BX72i6YgFvr3nqkqHPJrW84OaNkPW6ZXJYKMEovCkFnJxqmTVzuoNRFTK67Eo79J-DsqQAmpOrRuR28gDXW69Ne-tq5D5cxaIuSPrB6OgFILNtJB7dAdR33I9Mad3mGi4HRqIPQa6vcVfiNvvDfz9lKJgWXj_fuEhivVbeSqWdflTtfQXmT0eOzXI4lQYjzjn_a_-1R-VLRu-lnLJ_3emo8fnDiMd0nLS_OqvyRjexvXKH8vvdZnHdGaxrvV2ntUh7dyHEp2WRLgrgBSE_ezDoMOp3PQPng78ymsQAtupMAIeeNYuXYxMsjsal2-XeZubT_WHC6iu31MdEe4z2nBzQBn4Zp_jmHtut48RkMCgV_WIjAk_KiDK9-Av1xi3A0Bo4lfABoIKO0Stmfusj5C9a9C7_Aa--vWDA9v4Scj85Zht1ZUv6s3XbIkCIgU8lVjGdZrYF-01uczQyu89NNpouUCojEZ7-2UhyGIWoZjMM-l_18iH7XsDjLmUBWsBeZxoty6oG8lJl3te1wkJDL6U-FbzC1lQhugEgId8NPMBdPiXOJwaBbYfdgfl_CFlOOkIFbc8_1EQg0xmD8_jDK5dt9YnQrUGYJY2NbcMrNtFsPTIlEMw3FklcoFYcSyTDJcVkhA0RnQo_UXHFeDwMv4cVIKs6ZkdsEdGr02oTXKPKLx4aNeJkb633zcEvFQa32QT5Hh9KDJtCnc36KgaMnH2wK-zLbntaB9-rDFvimTjrF_GI5_mz68PeK2U8iKOeDlGpYKcKTZRF89jPmItQMyDm89lAWM0BD1oEXSbBQLBb-c5TJNI84-rlBF0mbXwUI_vN7Y9FYHO83Lvz233ds5uK-s54q0m_tRx01kTn4BdLnr4VG2f8RndH3lGYSN43UbZzt-RdlG8SRZE1YRmYHFQJdM1PAhJN-XYYWgvxjEgKIKr4JLnLExMC6qEvMjSYHr1Ad97WLCb6Fq_Vcyq4w2ncSARFyzbyNODnGVDDVuHLWhVi4GvBFZ5gho7MploeczvyGQ3HJIljMOcnunOs97hPZKyytWTaCJnwqDKNApSwJiB2vDNiScuOhEaqpCcnKNQKEr3ru29Pu4mSC6XIIIcz9WmJ9b6L2wWvlQdfS8TH18usoxVv9aEQBZSJh1c6NuOGpH5z_SDYPicHHgIk_LamxmjuJJlQTc3FHA-WLnTXsXbFYz3UqdCqLPy8xa8ornRBWdumQgK7iXqtRqaE9AE9Yjut_B0zxcutIKSkYY7eiA5ujaA8H7nVDq-qUeRi4dIuvJp6zTAUqj0-F-0scF2Kk3noTEPDpn4qxIvkmMNcn9Ncf8pk1SwvVoqXciWIjSYHC5F7qmw3UJj86z6yKci9TeZdWEv8tpfF_PAt5TZaZeggvu_1YgMDJVDNaDQgJotgzRoqd9ttx40kOQy6FFvznWUMz2G8h6v6e7IEKlM_Vo15viJBrgyzbBrhD_rbl8rWGAiLoOJV5_3CNnOZ-zGILq4O1eQ89m8B5GUFHJ3QbAV8EKo-K6qUI20vU4wn1dJEqJ90wR42NbKdTqnkPFeV2DepTgc8M5bvvHN9mMFssgU7S6qo7XBoNyU_cInPWlvwF2Mc-IIC_Kv_3jDeQF8pMCFyF2N7mDfmIitMliqcl3xIcJ4xFa3i0_BldFNOuREexysctJlaqynSHBNgEdewwSV5LZH589qMVMB0hYPrM73iSjIl1tvEg3bV3PdBNCjHHFWMWmoWHWUZkfuf8s_2-Yeb-VyXTrbOi8Gx5ZnCJ6fIrlnUIT-X0-cFHnP_CHiNqJewEHWH5ygxWwYDPXTnHpUYdFVA2KKWPClyYTo_MjaTTgUq1bh-3MVVYfGfstnUlqnhdgrlmzgrjPJbPwV_UuvK7JCRXW3E9Rm8A&cid=CAASJeRoGsVDiShraDazuIpa_dt4j8LS-A9qZ-P5wuzViFo-pjQnhTA&rfl=1%2Chttps%253A%252F%252Fwww.walla.co.il%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:18:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 524
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 10699485926258732851
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Oct 2022 11:18:25 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220928/r20110914/ Frame 2CDF 30 KB
11 KB 36ms
35ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220928/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f03f34a896200ac3d36794a86a5b23d054f1982d05740b454078c8526a33b631

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:22:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 273
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11727
x-xss-protection: 0
server: cafe
etag: 4188671789125589074
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Oct 2022 11:22:36 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 4B28 2 KB
539 B 203ms
144ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16599807781199218099/f73c45457c22640d145cf3a5c331a2b3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

234b9bab83aa0c52e9e5192995427a2bc44876cf1a11545ed631f369b8dc6534

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 02 Oct 2022 11:27:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 02 Oct 2022 10:37:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 02 Oct 2022 11:27:09 GMT

GET
H3 200 10b30b8de8b281d377cc59137406710b.png
s0.2mdn.net/sadbundle/16599807781199218099/media/ Frame 4B28 3 KB
3 KB 27ms
26ms Image
image/png 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16599807781199218099/media/10b30b8de8b281d377cc59137406710b.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16599807781199218099/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a30d443ed59e47f496ada991af6c5580199585ca5c2a34e8f42783de7be93a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16599807781199218099/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 12:33:58 GMT
x-content-type-options: nosniff
age: 427991
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3298
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 10:00:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 27 Sep 2023 12:33:58 GMT

GET
H3 200 aa1048fed638cad042cb64533c5d3665.png
s0.2mdn.net/sadbundle/16599807781199218099/media/ Frame 4B28 5 KB
5 KB 47ms
28ms Image
image/png 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16599807781199218099/media/aa1048fed638cad042cb64533c5d3665.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16599807781199218099/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a29988280ba3b494d5fb3578d056ad3784d5748fe1b126fcbc53be3d33eca8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16599807781199218099/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 14:40:39 GMT
x-content-type-options: nosniff
age: 247590
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5305
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 10:00:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 29 Sep 2023 14:40:39 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 8205 12 KB
6 KB 40ms
24ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:27:09 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 27 Sep 2023 11:27:09 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 8205 1 KB
2 KB 22ms
11ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

3871e6719f71319cad9f0c2b4f262518c8deb142d03078bd7539e5d72da33de5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:27:08 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=611332
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1306
expires: Sun, 09 Oct 2022 13:16:01 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 8205 2 KB
2 KB 23ms
12ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

65e821b53990c7e875f3a0c2ed1d78d9aaf42a0ac22e5befe5903e4e87faf931

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:27:09 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1738783
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1540
expires: Sat, 22 Oct 2022 14:26:52 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 8205 19 KB
19 KB 33ms
24ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=116&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F8d6bc06124f044d4973e0db21c495799_logo.png&v=3&w=596&s=i6as8yy9gl7D3k76I7WAAQdj

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

83b19de212ca6202b9339b9c3ad8b16c1775d34cc7663631c12cffbdcdacb8e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:27:09 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=30376459
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 19171
expires: Tue, 19 Sep 2023 01:21:29 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 8205 2 KB
3 KB 33ms
25ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FI%2FlogoIntertek-Holding-Deutschland-GmbH-66445DE.gif%3Feb%3D1&v=3&w=400&s=EyAptVuEQJvCPfprWwzBlnmu&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

05808c39b0affa660efe7bd3d2fc943ce7843ffa1a0109977f411c3d66b8948c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:27:09 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=2180677
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2334
expires: Thu, 27 Oct 2022 17:11:47 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 8205 721 B
984 B 34ms
25ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F1%2FlogoBearingPoint-RegTech-248098DE-2110201321.gif%3Feb%3D1&v=3&w=400&s=twg-pFVqVC2pSo-WdFBhlcxr&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

5738e8f6a79fd274c245ac310a2abcd1ed5563dec679ac6735a2713ffb122df0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:27:08 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=1230287
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 721
expires: Sun, 16 Oct 2022 17:11:56 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 8205 0
127 B 86ms
79ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=n7cN6vxZROO2KeeuC_rz_a2c6czvjYmt6YMBwfTG0gMRiw05Ao5z7J1bKn7ciLiQcUVhedVfn5AItbssnQOM7q0EVoGsXTNHAbiTXjSuVDthYHFlFLnZyay-FLfCOYcDecO1JEgJJyjYc6azl9Gw3e5XLHtjGmpGliJOOCXoNonsiclTzc99y8zktqwc7vQzf6yOEeaERS0-4teWmzzV36hIWBqB91dpDYGPmBmHCVUU1d6HV-p8KtoZDK-dYfhdC1VUZQ&sds=2&rev=82884&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 02 Oct 2022 11:27:09 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 8205 2 KB
1 KB 26ms
20ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:27:09 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 27 Sep 2023 11:27:09 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 8205 2 KB
1 KB 23ms
19ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:27:09 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 27 Sep 2023 11:27:09 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4B28 16 KB
16 KB 48ms
9ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700|Roboto:500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 20:10:25 GMT
x-content-type-options: nosniff
age: 314204
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Sep 2023 20:10:25 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4B28 15 KB
16 KB 45ms
7ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700|Roboto:500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 05:59:47 GMT
x-content-type-options: nosniff
age: 192442
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Sep 2023 05:59:47 GMT

GET
H3 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame DFDB 106 KB
37 KB 45ms
44ms Script
text/javascript 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/
Origin: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 07:30:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14210
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 03 Oct 2022 07:30:19 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220928/r20110914/elements/html/ Frame DFDB 8 KB
3 KB 24ms
24ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220928/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ANnvYdjFzDCORqp2EV7xjc2zEnVbMmzkwK7vMwhTpfZ-DwPeYOHPooHiPHJc0RLcNKgL9WC2YRppu5WiL5U7egr1yZCQ&cry=1&dbm_d=AKAmf-CNPct4xOLKdPvFYqwvZfEBP-IGkDyKSG6ePH7kjOCCN79Twz0ZKshWUSjQ-idXBxPTy7D6u9W9xEmmoDDnVHadfhhZhupy3uD95mPKR_kxV3RGVBT2urPnTlWJkDKCvUnSUSDkY-mb0yBbSFC1JQ0wK-8g3xgUmNgB9os18laZlu4CYJqTI9nueYHxbnSndF0fA0l1yWTzCBle09xi-6q0Eel-kodAJ8DZcxeOBXkFzG2xgIsZXV2c-lgI-832rPnRS6FxJa3Cgc12Z_cUkj7ma1C349GcgWNmsfoSAZvBG0I1WfzabH2O6ErMlwIZkBNyJtZlEPbqFT0RWtFAaU7Ly8q7MTTgdUIxEMlf1uuYCs5OgLTpFqOwft_48t_OLAOHhHTv9cy8og7OXo-EOZGwIHQBR_Yb02R8m0ICx_BNJG6ipJzW_lkssBiUDCc4zFZwlpLBaO_fC7PnL-axo3GGuKzXwquZHd9sXX01nCGS6Zt-mZV9pZd17pDxAHrB1-rPz05rp5d976JLGkAOvPI1kWs0zXRDA3sVc_SDCr0d44wTXbzCXLaTvczpXi7E_enzAbHv5wc_Ab_L-YRD4EDIwrOsxU3SIIKBAQv23Av5EputGNEwWdOSZMCWp0yyRB3E9QvmC2Yib7ncw8AVKWgu-GgrEu2oh9BWQHit93HRFGXSEzL6Rbb8vdw27_v6ZaE9Vi3NDncPoiCjdsJeTDE-jW7QwbXSj8NiVoWNeKTzFTICupzxdq7m_jIsz0DVSTnT8J4KsQZVRF7IXNfezqBsfSTpsAEYOWWzt9IhlLvdf_Wb4FoZ6xFlKdQaPEx8kniW29-s9VywHeGoS7X8TWJJXfyIgYOvBS1dAbGkk0MFuVna3pWeZp3L_xbaiRvnom46GG3R89OnMlHyuZ5X4elIt4xcIefXSRvvt65Ux6mGGsqzzvjE7Z6D6WAXSvDZGOkq5RR7lZHqMiXKIx0nQsdv0G9EbeRBO9PdWbMopvtMdSuAgiOPIUM2uQhi29GrjzP52EFim09OrMU1jL322sSoCgvSADSaubD_-xKPSF_P3oozyooD0sAShEAeEeHvukf2N6bXLGOXwneEG_xZtLQ0tYgvrnZZpHgGaWMLCwLYb7U0LtSrpClF8e_sRsn4GUE2jvAw88-761Q9MYN_LPkG6bMJ2Jvv-oDcp-S8y8QpqAHWX3jY7_2kRh-w-wFYvLyssXIvEJk9S_YM0dD2iEEiNA2tzg9ouyErX6Wp50c7o5FsS1X-ZL64FmlcVlKYCVhOjwF3nBiqs06bku4MOWHKyP7JSkXsxlumqsfaZV5VTx1NNR5K9BveYjhzCbyeHWrbx2fg1daruD0VF10byTAZW7G84NhgReQksr-Vkn1lfUGpGvxyznNLlGHN_onpx4-CuxmTG1wAIVyGtZ9bWvq_TnFDzZZoQSPS0ylnzgBFOpTWcnAJvzysy1vHRdOtQM1Re7h2-lKrfA6XQwP0Ws7hVPanK2a10p40LyMsuZBEbQeFS5sy0U7TaRvElXFb9at0FfBEpAJYZT2Xl0lwq7c3Qa5QOMGFjWlt_0JWL385k1RMn5XaVWym7WiJnJxsyhB2p_gItATdmUbYPnCR7IQAw9ohgCda_Yz-j1J5-TzpwNt0ygFA5DU6iSbcZ8N-NEOO800pBM0761SohJaFJm5Qn7hhK6a79QD7jkbTRwTXdTGdZjD0O9nLGUppQewwfNsbr22U9huBxKNRdzJz78NDYsevRVlpKCOBCCMRoujuN7gZcte97_JhMYB0LaMGxpUIvHUXJwbp2Lq9kHVJKcL8TrVZvGOVhOuksBd7u4A9vO2BPLNTW4FvASHAIdcKraDqBnny9sevSVqKI5hWOJ-Q6iyAon8UIBJZzyLW1BF4BC-rB0f69jaX-5Zv5sZsE_ga7MMIBjRqLlEX9GTxwr4-pqOrCHgYgI4NaVxY2rmUhCsE-kUhIH-UruduzAe55k5caBr8ZQ2-rW7WPbEqU11rIjiYRCwSicnJowPTfLB9Vcn6UypCocJDn2U0xs7THcC8nCoJ_j69sWcKO1Vv3nfBAY4NXbDpGwFo1_M8CId-0OOsrnlsD-RzIZAyXxHGXbgWGm4Ae9dL-UZSRk_4L-31zIuBkLExv6hnUL5ET9CL4N5HmHWCvCr81fcUBRNMFTxX9YQa9JkrTclH04fHUXCsW1qxuaPbAJ9LMGJSJnanpiOyFGXQ8uxoLyoKq-6k9fmR6OgU6vJAGb2WbNqiU7UdfFHKbCpkE23ZyE5lar1qCulBcThPdVGFiYzqIHDY3qt5cQ2N--mOS5FuTKHWEhf8gJiRqdBYxXgbbwuOKduXxon8bFq2owNXhAOcF82318J0jzS0nF-6qsNFPVQoZ9An5_x4CjHR1s_F4lDGcV0hmlikW7A9V_nDb3xxqBTHdwDpdnCloLU2JPe3Rs1Kzp44lOEw23yWwqNjYg3E8G3Sichx4CoEDYfPMS-E-niomxQ4ASmyV4asQH5FNU9M7oPfZMozTOxB5cZaU8ZQos8IM2311D2YweeqbZNvh_OdVwHlepai4YkxyUAbSEPeZYKmr3-VDqPMXtJ4PaLqLs0H44CYcFjusQkoPLPPU1klnAc4J7UwzH1OnE8JNqofTWy_bSCSsxVsa3162yBSzj_fW8XU6tGNmM8Dp91Kpe2r8JM6V15r4q0mDiNxKvGfTdnE-XsbeHTIuJxYn1ASV242hc-7-j28QEg4O6sqxlc9IL0HfA77SgEQ2NAQCVPusffWL3pi061jvKqJWAzMxgcg6mNfE9zMLqCtOwF_olEjxMUjBznlcrQrsv7d2HzgYehOLiUC8JiImxxns4gdByZp0m4KworH6-7vjwkOgAfXI6ZL6VSwhg-V3y7jhme9517nT8jFNiSp4OuxVOnYXvDTV0-U0vsq7OhqzdXL3F8jODBZnjU4J8vjAYfkcN3ke45h5diPAA5M0LOoCWSd5uBY3MhnmtiCLRd0UJgO3ZwODYNI3icykappZ_KN9gLHj9w7VdmLEipVoQ83t0QKaOExgizNmUtwnGF7FY1irI_5Mk4BHv7wHN8FDEIRChYbvbLv31HcNeJ9rmDqegcBLyAYXBITLAZJUVGvAOYsxA94mPb1dVRXIFD6o1to58qZ1S2SSzsoS6CxnjeleXCKlh0SW2S-STaELXB0Z0KQ3rFIUMBdvSQ4zAWJBWq5xpnTm1FfPoWDeLWu1GPDAXcUmgLgZPFZvlCo3WpFBkVW5OJu6XpOsNbF&cid=CAASJeRoej041g-2IcYdZdPTkSQ8tPA-w5yb6kFcWUux2WgB3vUHsxY&rfl=1%2Chttps%253A%252F%252Fwww.walla.co.il%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:18:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 524
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 10699485926258732851
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Oct 2022 11:18:25 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220928/r20110914/ Frame DFDB 30 KB
11 KB 23ms
22ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220928/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f03f34a896200ac3d36794a86a5b23d054f1982d05740b454078c8526a33b631

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:22:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 273
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11727
x-xss-protection: 0
server: cafe
etag: 4188671789125589074
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Oct 2022 11:22:36 GMT

GET
H3 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 8D40 170 KB
59 KB 79ms
78ms Script
text/javascript 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/
Origin: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 07:35:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13909
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 03 Oct 2022 07:35:20 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220928/r20110914/elements/html/ Frame 8D40 8 KB
3 KB 33ms
33ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220928/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B2IBBR_6poSDz2k92heKQ5r4YFaXxhiRRH5i0njags_c4tanRe6NzZD3biebQH38xjxvHvpGPlm7ZZ1utW7g34tUjwAi5h9VidEovrky2WSVsfeyx5M1IxwEzq4C_GQwjrMo8qe6i5NDIRSB8Eojl5Gj9biDxSnyFofTqaAPgrbWx6M5s&dbm_d=AKAmf-B4ULEswE4RvExpqWhoiVAZzyXjWrZSEaeFlaTJwXI-PMv2ktCRyul5FXoVINVbKkf3YftuwWejn-buQVUSBEQ9t0ZI1G6wdfJ1NMoVz2kIiVFNRUtPkYkX-odQcxGoMPEkmyV3-x3bJf1NSIRS3y8JINTKANbYiIF1pdg2pyUwN15OjR_92eAIoRCx4c4EYGb7e3KwM9V1tgf9lycwvAddlfeloY5SJlycG_J3Eoldusz6H1UHZjFcZLsLsrSZT7TiydS6HT8ucDI7Rk2AbzBnqIEuM_QWRbhjn6xC7N_vOUWVbRBVwJ4bj7IwY5Ef4aY0ScGy36zgZLW2L75O19NQOgho-DjNxRJq7fyD_ynqSFJauAZQc-Y9h0aHTuj9GthNh8QuqCgruwa8xcr2SHGtYOmgOmBCzsMuET5km8qyaU7JxYM3KFFjcqxaYCA2aZD1ZG1YrQP2zmyGB4P1ul6CdIAaf44gQs3iANeeVUsNll0tlFnM3Pc2ZXHAK-DXprbxW6t25YYhGdwSChF_wCS1d-KKJk84fNbnXXugYcbvSlYGThhrGShEK9cbyTHzpl5lBywuywYu0-Kjv7rLAZyJAYr5H8Imi96pTWuFS48eA92LWZO48VhGWx4UXUt1rsbDL90BESAQnsPX8ftrIL4oQQJ-0lLROudzye5fBgvLw3X8i2p-SXTv1wfCzwajapjq5yI7H-Z-d77HdWc5MlszQ1878iaZUAd3g55Tb6-6cTh480JQgbT83gvQHnPWgnI-PTvA3DBGgJbRJIhfelh-WAM-kBRP1FD3uD0jHkMHQANDqD1yHzGt6gB1rlkRLIvA_RoSyQ3frN1WEoX1165bQz_Y_XQlykPP3DPDhf7Td-lYK2uBIrWNcLhiVX1H1-_qJ2p2PwhOH00PWc0jaXFfuHfPdbbJ7w0qJ2X8RyLfQxRYqsx0OD2RhIgSX_xerBBCfLh8BOaexmwbOKFzXgN_ungPod2Q-VbINUC9ZAjs18XgyWRGP25tEwZ-hbIHsyNIk6Pq5PT9_TQkcBxafUztNqiscEXbG1LgoZHAdmW-LCIzAAUaT7tt78o2gy8mY6ekmURihoh22fGZiGUb9sD8LqLLsJ0k8m7lETCcv4MK4hwp4ZAaJ8k5caKrAOZgbpKj0QoyebSES9CDFQMFQANWw9zR6n8vbSMNNCC3t7vUS-0PzcCJ9XRRYStrqPY9RpX7MJHMw5O4EblLpQ5H5I2rnnE1X30SdJ0mnHyO2ZxDHvNwnrzNV-TDO0os4P9JjRw3LOOJeXPGP41AT3efi5x7C0prRC5DQfDI64advYf2b9OpRLXMlVabHl3rvpO6pG-1ws_fFilxStLKwZ-meT9YlSeC6joi7vYKLjh56a1Ip056Qf4E-70GMwhxLXUN0GlclUkmcoQKETX4WNvzHMQdBp5NYyI7P3Ha7yjhq9VHb6E-Lmt7JTyN31YKBXA4PINRlbZrJxo6uZ_vcZZoMU7aqaMBFZbHT6erXq2RBZAemNdQ--YBceWxMdWcFUzXcDd-XfF8Jn0GIPF5sMpUV9zL_cD2bAkvDSF_eME2P5zt3XEjqYJCo-0ZroVA6TfUh7lLIsF_9g1S6cOtrllAVjx1Pst9GzqyIryiGU5c1xQBHuF8bxKaodpR5mFptdN7Z9tPmOJ5TEPYWSxP9I1oXnRbqlbmI3APfEoI-G7KMexkKKPv_Q2OTkvgepgbZjSY9InxhlMJpHNxcB8zHZr7bw-F2CklMEiZnzw3YGmHhI9gXO5yHHLUml3aXuGh3UjZqM11EHlwyTjTzKiMjZcAt54cyDqqap1YUG3kv9H2UMM1tcedRdY2QUQ6PK6oH-m9yPFzm3iAn4vGZif4ZstrnSk91Cc7MTAq97NrTJ9jIcF4cj2yggJKEBQZlbrbg8mUnETK5GxgpzvBQn07s5WTgQyakTI5mPs1tMqQUaDCkHK9n7h3urWJbRRBfZJbdAC4o9ZAi7gQwKaU5kq_Lb6RtCEF42BkorfMWybIvwaBRcvK1habZoTzLG_WA8cZtSlvxeOlDU1YAEqCMKpHlpQZT0KSYcF1aq3WRWJWNbHi8BdhfnoC6tfVyY5RomiZyEFg_vQHzrjoT8pA7Riq-ZmdIcgJRITcUCJJd2llFtzaqAPLnqPrby3lkQJmFeCKHwHWLHAhoY1B7QZvj3FxqDe4CnbeuARwTfb9jxGY5-RB1M-SY8WMEWpK2iQtGMGJ1krb75cRRhhnbD0zrK3KbkLjpyUfCYP3eL-95h39J0-3mLtsnOmrLy9HODSuDeshyFXR4WFe7vH8tHgR4pcgGhBgkN2H-4ekPP5NWnzxPQbjvs-BozeOELP6FCo98IJQzhy4JBRldXkibbPzZvR12CK1O9m0pBxwsa5em4NZkC5DWMJYVN0VmIyGDygUFCnKlJrBht0N9jv5N5bLeN0r8Ywh97Pxi32Np1W5OBvaSyRrSAPZPexP045sq7XMMQJask5JraB6WbtN6AhN9tzX3oc7F1ENTbRNP5LFT7X05YyGGgWdlrAaZ7H_vZQNMIlQchfeJgipIa9x7dzQG7Iy7LAyge0a_CQgAI-4P2B7QvN-BWnKFpL-48oeEEFSu2-OWKWu5zBa5M3imq_ZTx8MKUCFfiDMnOrPqpVe4FlnEzf3T8SW9rke0PnYL40UVbMK39lyq38cNrRjk1JcG1tJOvL6ceGE-VoXhvyOafF6GWJxgKbeo8I5rPf2imsiFIPYzEwnCmm4bSyI4bE2njbR7-MAakBt6qDd7unUA1HX7lP1ZOiU8306REvvKYJ6cmQQeMiu7VSCxL8FebRPxFa_-yR5t5v8Qk9diUPEVju4JzfxtxhPHOuqW9Fd6YBM0n44SWNP-T-gvdL4K6Trsv2fQp2c0K7TLdNqlj7cZenMLnTZLkAe1_M9aUSYWijzhf6zWC9aMa2xkNVutNcsQmbhm2ecgabqEGXyjiScxo2m97moGzjvvBLgmRWMqOYQ5b3rdHmHsgBogdaB9p7TwUWLXvVQkpPm9kATsqsIRu5ULqi3nl7U5GjNI3UecllLuZBu5dwX7KprQDxeMRjMRnWcoY9l_WT2MMiNTQZIvnvzeN7Mt_39-7VLJsypDw0suMTEEsW8460lOK8jTtjuJe0j55cQ_jzbzhafV_JrHrGh_yN-9q7dyR2_kwfqg5tTezqa9VgZPFRxmDA1GPnXe39R1ucZBYOXHneN_FeMg4baIubwat7c0mA6UcqNaJZjuo8RYJcgXLScoT_tk_DPmV0i_jZZG-DFnG0V-F4Qo-FocFsPFvDEs1isPe4yTJZhfYEuHk1cDGPT-H0wuLLLfhjgqmY_wiZ1US4Nl63-Cna7rGJmkLSTmi22drsig5ieV3uptPO6wkuSIIDZBWo3hFFGvfS3wEvpVORGpQ&cid=CAASJeRoLk7P-nBw5GpwE4SXCQriWIJaukigfu8b7oRyAPWxnxPXYrI&rfl=1%2Chttps%253A%252F%252Fwww.walla.co.il%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:18:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 524
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 10699485926258732851
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Oct 2022 11:18:25 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220928/r20110914/ Frame 8D40 30 KB
11 KB 29ms
28ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220928/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f03f34a896200ac3d36794a86a5b23d054f1982d05740b454078c8526a33b631

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:22:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 273
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11727
x-xss-protection: 0
server: cafe
etag: 4188671789125589074
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Oct 2022 11:22:36 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 2CDF 41 KB
15 KB 33ms
25ms Script
text/javascript 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com
URL: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 18:03:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 408238
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Sep 2023 18:03:11 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame E432 1 KB
749 B 36ms
25ms Document
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com
URL: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 14197
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 02 Oct 2022 07:30:32 GMT
etag: 48472445140208031
expires: Mon, 03 Oct 2022 07:30:32 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 2CDF 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aff5774c0569b496b6b485653dbc5cd640c208a4f0cd4b14be550bf8a3003161

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame CEBD 0
26 B 85ms
46ms Ping
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst6Jnc3xquKVswGmFjmtAkp3nw8clE7_94tytIYTBgAvB0pePfNUNGXAsG--E2SqKhAgwDxtJVjAOqtFN7DuLcsu7UfcyLBNO7ijVGI-BAT2JvLh8p8qhwY2brSX6Vq4eeS5C4MTBjfSDwqqqq_2lNyDftnIpRY_3F10SijiGteimSBUk1lMWVdlFsyXy_1l2f2Cb3XVlUdRO_4PCSg6eRt5RgQeUlr6cisZNWYxsgR8Z1T_oyRUuDWVa1xt92qpYM4CnXWs5Z7WwyITN8LA_BunuQZbMcvn0ET6MwE6rKZqYkfAVqm_tS0uLmSHAS3OCxpbZ1k63BQf7OHYYMI2ZzX0sCjJ3cMo2qWY_CylJ-25qKBqx1cz6t65tFHHiRKOIAPnezWz_c-gc0yg5Cfs5GPkVbQ-HIPuW4TyFr7ICELRmqCdpx3nDMv30-ysQCMib1QD4RCsixoyp0o8NiS5q5Ruunn8K1PS9zy2fLoZjvpYDIJlZd8r8j5rJZzdj2RtwXNmOd_cHKu2eAy4T7yQ2TDmmEFelDHm5wpgHYU82m7_TQp5OCni42WJV2LS2yQ0YV5zVIuMvGranuyKMajSA65KE864VLePgu8Lx9Y9TgBtoYh7SvpFpZqYNRAETulyaDowCLcrLhX6diDlICq-HaxLmoI_TpzkiF_S5rvJGWpYhDOngSdYXV6FxaUHJVzW__k2XSSdNxELW98Tptk4eq-yqCiyfkFUfR2n-Xi8ZD7hPh1Uhyg99JAuRRshMWxOW5r2QeNei6rrtMyYN7yEaefinuZ3hTpStt87Sw5k1sIFQO6gGPCLuSxrLKNmz2N-B2K66_vLWk00A0dJ-TAd3qSTyXVLOFt6_HdL0__vK_hymXyCHPLwHChOy_e8mqTXoXRw1podsFVxro9CA1SsU41k18igWvA2RZUPAPhBRJMOhNeYZaWvcnD_mlwu5nNQqt6lvZQM36BHC-VkLHe5lfy-ceIBFgLeFPL66tzZ87okqfmYBCkjKnyZMPZ532Pn8vj2bK1EX93hJ8MiDaDTiuYJ39g_CUC0A3Elqo50YcayHuTR-n-NIwmCn0CPccRHHJkVpn8SBkXtWltog0FGtYg063FCtlnx04SDzoJy93S3cP4wlXvJeNIwpgFk0CFecSgZX4WbUHIa4zlTQ6cJTvWfmO6K7oxGz-sCqaaZ-J1HB3Y_ovQ6nPqwpo7iwMD_ZRBS_bOxC9JajZsOseSjCES6JRue0Sk1RGx&sai=AMfl-YQB8eCFZviYdDkyG6t6m4gjhF_fbOitvH7zt2TBGNrHghCgsl0JZ56a98VtSzrIz6pvgZWrB5gv1wgv6EP7tkObYsFew2aIIPoUAFMUu3Bzl6Y6H0KRblSivt9DdW3iqINtMukmF4LgHkNx88S8GWT3Ji6amH-qzf-HNld8F4P2Lg-FxqJ38WEw-_h0mrPncQECh3BtFT0yK9uX5f22TR21rNq9kkKR6Utr4VEujz9CPbrPxw&sig=Cg0ArKJSzK7gYDb06RJkEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=842&vt=11&dtpt=684&dett=3&cstd=155&cisv=r20220928.46186&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:27:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/17874063029151575824/ Frame F55A 4 KB
1 KB 29ms
28ms Document
text/html 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17874063029151575824/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

755266943869f32d9e9bd523a203be6a0597bf48af39b349a12dc811cc1c73c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 410473
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1307
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 27 Sep 2022 17:25:56 GMT
expires: Wed, 27 Sep 2023 17:25:56 GMT
last-modified: Fri, 29 Jul 2022 08:26:06 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame DFDB 0
27 B 80ms
52ms Ping
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssq8_1GBMykJ7AyuWm_NCy5nQBvfjlrbJmi7qd7RBsgUfb_BynOMTGKdF8FRgRo2T5kLKRxpPurJnudPhcyFDSYe6_3cvCiiSh2PnFDj626l0ag4vXBs0dGGVUQgOFes2DafRTASHUKHrNOr1jjdz1GJThPaWqWVvzbQTTwT0VhsPP6xU5LYQ-RqCxzxxc1AzCXR2tWf1UQUp6OrV7GLJ9KlKvPJDW7W8OQXg3y0EUcWoCeAWdhqP83iaUHOUet5l8vkPoQPCT48rRcdOTCgJhMsdCJhcHlfAounJyvNRgreE_upQP0zJCuUkbMPz10LyHItM5NAciKNKTaC9EMAoCE84Rly8PQzGmOG50OsjzBMIh6HahiYRG5PIZccuP3ZkzYDmLSo_gKKmSiPyCkPSaeu6zxNyfTHZcVHwbLNgHtbUQuFlk6dexWxeAvfGF3vfrwJjMdetGAz8VRvUWhxz6N1esavYBNCy_QF1Mwxzlh0lM0CcbcvuocoNzS0nPorxEr0e227R05mVhPcEXGgKRVoA33xciwFjQ1qK-FvVaXlDkkEhA-mNILa1Q_KNtB5Zpwtg_bieeXv7KHZAk4x3U9TmCCQ4fe1Du8CEJLCqCIzjJfkhYWdOJ7krVEV5QRlEacxURIdShis9N3Gah0U3SUf5ErFAKtQS9S3ThuB0P_4Y6x0u3vauieww9TgQdFFi32g_gST-CE5C0_qIjU89DwKjI0SMNzVoxo14tOi8xvewBFpITj6ysgdWrEvvVzAXZE7RO3fJxOD6AMUVqqQceNIaMo6u7MVAcRhV4m1XYNI3BUy7TqPllLm3jSB6ILXxXCQPYx8yXX2voQmYUGbK44foruKy0uUTOc0kpP-ttqcOCAAklzoYiXJ0FqZ_zJf81-DNK7k_7odNOQHMgGgpcianMC4dz7jpxEIK8VOWKQKaeF0Dz0zdTn0orpbMowNI4iYxrvaFQvDe3WV1Is0uHs8G6Bk4RZFA1vWBMJUvl82hFwd5ekYBpAw7p44ZSCJorDQY71eCTCcVJz1jmlCXhOJFrNxvS9tChYAr0B-Lpt9v-IScmdyuOv-7vNsCs8-6sNwDkKj-p8rk2OErVKBwh_eYrArPm1Hkjn_Lx5gWGAqmM0NImFr0uew2lNIbabeIH_tmBQZ21JNaj3d8SH217KxZEnhIiErG0aoAWDdiI1Aa5NOl4a9R22mAtTZVqJm2Y_qaD0LDJT_g&sai=AMfl-YRDf9eTcnpvnplb8NE_p-lubfhjcGY4onlEiess_ABwkH1G1V6jsUhhglBDI-yCBKLPBg1mhmpzKyvRgC6Khws8WxJEYo1Kx2TDnHjicFdUfUTLgH6-nHPgjRAdEZOaIN36bGHb73NwrhRU98jkG2v38XQ1hl2khQBkKOSgXFC4EsTKxNQLCn0okU_ZEhy-oNgUt2_JlhE7xLk7NMUCAYQ68RI&sig=Cg0ArKJSzF-vWYFJTtd0EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=186&cbvp=1&cstd=183&cisv=r20220928.21023&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 02 Oct 2022 11:27:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK tag.tr
red.vtracy.de/ Frame DFDB 17 KB
17 KB 50ms
16ms Image
text/javascript 3.127.184.237
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://red.vtracy.de/tag.tr?tr_adid=k27917239_s3021957_p342314801_c175489937&tr_mid=0&tr_sync=true&tr_uid1=DC&t=226563919&gdpr_consent=&gdpr=
Requested by: Host: 99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com
URL: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.127.184.237 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-184-237.eu-central-1.compute.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Sun, 02 Oct 2022 11:27:09 GMT
Server: Apache
Connection: keep-alive
Content-Length: 17000
Content-Type: text/javascript;charset=UTF-8

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/10569509255970124420/160x600-English/ Frame 6177 100 KB
28 KB 77ms
76ms Document
text/html 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10569509255970124420/160x600-English/index.html?e=69&leftOffset=0&topOffset=0&c=w5nNTJTlSZ&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6aefbd6f0f1f2383810d9ae9a840ca2628725df0221b5f536e0a3ed97daf6383

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sun, 02 Oct 2022 11:27:09 GMT
expires: Mon, 02 Oct 2023 11:27:09 GMT
last-modified: Tue, 15 Feb 2022 17:43:31 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2CDF 0
27 B 58ms
57ms Ping
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuP2mG7q5YmcgDDek2BR-D2YjuL_gFTwXdpUcFX9de7pOPsF76-Bud46ciVaGNq6DCTvSLt8PDbF_Ii6XSu58sekB-_zkPmyPARNybu51hEz6KgrA2e57mICUkimL5NwnEQUrtnROF9V0DpltRxVFy0Rjth48Nw2gtS_Te9g6J-YAjBIKakDJLv0iae8lIw1dC5ePc_yQpm67Xz8S5by9k-CKZZ5WX7VjI3bJW-b9XpNuU4JfKQpB4qJXlNX8BKrXlwgX7mC5bbmk7VUIkFSxtCuwarfOXkOSrkQN-oZNGjaEcPkj26ibKH7VUTcc0io3bUkyBpbhgvX6P2CSkmVV_8ZvyjmnldXLKajdTdnpNlaGwlkAADJ2UdRhC0OgZ0kcW_-HQXbmrNRkz8Ma2LjJ7dkrvKNfk1k7-e6Ru5QgsrO-KgMsQYRPEqQByptYI1vhIW80Ve4iELlBvFhd7Ussyrm2HIOkNC1vyR8s9iM9prOCgfQ3uPOj1-qKPie-MXpH35uVfVywbA1X0lTIQdcNRuDeYZoVZMeTrWvg1ti9OtzThhjiyaf7hoJnTcLF7OPUvs8od992OEuEYgODDXm_IxlsZw4g16CciKDVlL77mZUomCTMMExbmnLJOaFt4_LA_H59grheuGbmQpnToFK5-MO1MFgXcHCR-B50dL0XnIbjFacqMv9BCBWZNHztyr3BcguuKghmdpeyC4cyTwX3wx5DvB8tFiiT04ai19B5h3r_nWO0V-2ewQXycOmq_nyGeq9Wg4xU25L4eq0m6wBTeoosisNIof4MUdqtM7CKOjHkRcf8UvcB_hr62xogfS76rmuXXyKeKqOzGTH72P4J-Gs8xJ5EfI6d6Oo9g1YryIbb-8QETiEJDS0F6Th7WuhKRbHZ34HpltfskizlrnSAKqQeb9gNv30PYuq6tDjw14qVgceqLjdS8Mab6fhLBHbAGVoXgTJ1OCC6naLfwwe1VZ9P-3xVZObO-o8dJXkuIQWsb6yE4rHtpqkmB_HavErEQXAIPOrZLUt8DIYga7C3wvmTlBDMax5nnMXUeVXADa7pfvzSFStjL5Es609oub_vLn4OfvrGuYNN6om1VV_3StAL8XH-aUVNaVnFg-Lb-uREmUj6Ye-Yohi9csSFmJJoYVgmLmJJXy_uy4SCB1nJu6b2NnM1eGI6yMHa_NImdHFDxuSoMZRfPluE8WqqNrASdgCncW33uaIbv3EAAZjGy5QZC-sq-gAd84i2Ep72wlHZsHGGtAGw&sai=AMfl-YQ5OVr7NaCvnL7eWP4ZHbl2WuUmZZefJJFYfLp6SfVzWOoGeOUpa285FZAJnnvjJi80590JeR5Hfd5QVx2p2gNfHr6mhtuklyf3GgTo04wC2-N1VBbqdAkwZo4kpMAj2hUCcyuzL5pNco3VDk1OBOCvV54wu_fRUVo7chNK7k6oVOcRWPC4gzziXUKOZIQDHOzCwC8xwZHCgFBOFsSPfBjToLvGuZlKNtvOuwRBx60Vy51T8zjR&sig=Cg0ArKJSzMBssTx7TlozEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=346&cbvp=1&cstd=338&cisv=r20220928.13203&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 02 Oct 2022 11:27:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 2C87 22 KB
8 KB 27ms
26ms Document
text/html 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 273741
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 29 Sep 2022 07:24:48 GMT
expires: Fri, 29 Sep 2023 07:24:48 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E432
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDShI9sP_-TvDEfjsbdcQHM&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDShI9sP_-TvDEfjsbdcQHM&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Vk5FVEhqdVgxT0VYN0w1&google_gid=CAESEDShI9sP_-TvDEfjsbdcQHM&google_cver=1&google_push=AZmPxg9sYllxUzFZyQn0JGP5CwTADZC8TgjwD3zP_rHY3qc...

170 B
188 B

20ms
19ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Vk5FVEhqdVgxT0VYN0w1&google_gid=CAESEDShI9sP_-TvDEfjsbdcQHM&google_cver=1&google_push=AZmPxg9sYllxUzFZyQn0JGP5CwTADZC8TgjwD3zP_rHY3qcRgXAN5Vmr6el6HhffKAN1VJO1f9aorSE3Nmgzz-AvE4_LF1pRuFA

Requested by

Host: 99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com
URL: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 02 Oct 2022 11:27:09 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/5cd8a5d#5cd8a5dae4649c563ed7e6eb1dd90a4f2423ff29 i-0db4e5e2a65977bf5@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Vk5FVEhqdVgxT0VYN0w1&google_gid=CAESEDShI9sP_-TvDEfjsbdcQHM&google_cver=1&google_push=AZmPxg9sYllxUzFZyQn0JGP5CwTADZC8TgjwD3zP_rHY3qcRgXAN5Vmr6el6HhffKAN1VJO1f9aorSE3Nmgzz-AvE4_LF1pRuFA
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 i.match
a.tribalfusion.com/ Frame E432 43 B
606 B 219ms
202ms Image
image/gif 2606:4700:4400::6812:230b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b6&u=CAESEDhvWJzdp8lrVf_4aL5Dczk&google_cver=1&google_push=AZmPxg9Wk6Scg7tOvRkFCiM6GUzHE_iOa3KOzDJq0najGlQpsBmcb_3O4xUk5tNLSzdiB9Ha-fJOVT5MS8Bm2AqecespJkEMyGoU&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg9Wk6Scg7tOvRkFCiM6GUzHE_iOa3KOzDJq0najGlQpsBmcb_3O4xUk5tNLSzdiB9Ha-fJOVT5MS8Bm2AqecespJkEMyGoU%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: 99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com
URL: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:230b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:10 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 753d1656efe292a5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E432
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEE_hBEo42sTLjBoLPRRhPbk&google_cver=1&google_push=AZmPxg_5zG3fCcNTujofYnxGQIKhwX2yTlZaxIkaTDisaEhqWsmSH_Ht6zOYoh-rZncZGyhSq5AJW85Y7kmpFy_dG3AP14wm39Yy
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=BB5F013D0844418D8818FA1B516D05E0&google_push=AZmPxg_5zG3fCcNTujofYnxGQIKhwX2yTlZaxIkaTDisaEhqWsmSH_Ht6zOYoh-rZncZGyhSq5AJW85Y7kmpFy_...

170 B
188 B

18ms
18ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=BB5F013D0844418D8818FA1B516D05E0&google_push=AZmPxg_5zG3fCcNTujofYnxGQIKhwX2yTlZaxIkaTDisaEhqWsmSH_Ht6zOYoh-rZncZGyhSq5AJW85Y7kmpFy_dG3AP14wm39Yy

Requested by

Host: 99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com
URL: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 02 Oct 2022 11:27:09 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=BB5F013D0844418D8818FA1B516D05E0&google_push=AZmPxg_5zG3fCcNTujofYnxGQIKhwX2yTlZaxIkaTDisaEhqWsmSH_Ht6zOYoh-rZncZGyhSq5AJW85Y7kmpFy_dG3AP14wm39Yy
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 01 Oct 2022 11:27:09 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E432
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEO7xAhQrOy5n6DZ2q_NlyjI&google_cver=1&google_push=AZmPxg-YFpjWHFmMjGfemHHT78AJtNLmRTzW4D6Ez5v3oeF7HF4LT11sC82o-8TblVsC1-TBM1TQPJ4C1xR6yC1wYkxCueU...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg-YFpjWHFmMjGfemHHT78AJtNLmRTzW4D6Ez5v3oeF7HF4LT11sC82o-8TblVsC1-TBM1TQPJ4C1xR6yC1wYkxCueUJquHE&google_hm=NDcwODQ5NjY2MDEzNTg4MD...

170 B
188 B

20ms
19ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg-YFpjWHFmMjGfemHHT78AJtNLmRTzW4D6Ez5v3oeF7HF4LT11sC82o-8TblVsC1-TBM1TQPJ4C1xR6yC1wYkxCueUJquHE&google_hm=NDcwODQ5NjY2MDEzNTg4MDU4Ng%3D%3D

Requested by

Host: 99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com
URL: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 02 Oct 2022 11:27:09 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg-YFpjWHFmMjGfemHHT78AJtNLmRTzW4D6Ez5v3oeF7HF4LT11sC82o-8TblVsC1-TBM1TQPJ4C1xR6yC1wYkxCueUJquHE&google_hm=NDcwODQ5NjY2MDEzNTg4MDU4Ng%3D%3D
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E432
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJueY9Zc5V6WY948IpJNbe0&google_cver=1&google_push=AZmPxg8ufpYr_VHXoxhX9Mt6ci4CsOoyODgKji68Cs1F7OWKBKDr6oxX5Nrs_Ktr0Vl09Xr98RE...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhSOURBSUQtMU4tR0RIUA==&google_push=AZmPxg8ufpYr_VHXoxhX9Mt6ci4CsOoyODgKji68Cs1F7OWKBKDr6oxX5Nrs_Ktr0Vl09Xr98RETD9I0z2Fw19CmqBz3nI826HNL

170 B
188 B

20ms
20ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhSOURBSUQtMU4tR0RIUA==&google_push=AZmPxg8ufpYr_VHXoxhX9Mt6ci4CsOoyODgKji68Cs1F7OWKBKDr6oxX5Nrs_Ktr0Vl09Xr98RETD9I0z2Fw19CmqBz3nI826HNL

Requested by

Host: 99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com
URL: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhSOURBSUQtMU4tR0RIUA==&google_push=AZmPxg8ufpYr_VHXoxhX9Mt6ci4CsOoyODgKji68Cs1F7OWKBKDr6oxX5Nrs_Ktr0Vl09Xr98RETD9I0z2Fw19CmqBz3nI826HNL
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E432
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEOaeeXOZ0ztXaq36mI4ZIu4&google_cver=1&google_push=AZmPxg9eb_95eJPw6ubcNbZBUtBXLaSUTwqYUFH5eJZF7st5hpDVEzRiR43OU0pBGRI7b9tfIm4SSk-cDpEI3vWqn7D5C1wrzOg4
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AZmPxg9eb_95eJPw6ubcNbZBUtBXLaSUTwqYUFH5eJZF7st5hpDVEzRiR43OU0pBGRI7b9tfIm4SSk-cDpEI3vWqn7D5C1wrzOg...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDUxMDc2NzE4OTExNzE2Mzk2OTE4MQ%3D%3D&google_push=AZmPxg9eb_95eJPw6ubcNbZBUtBXLaSUTwqYUFH5eJZF7st5hpDVEzRi...

170 B
188 B

18ms
17ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDUxMDc2NzE4OTExNzE2Mzk2OTE4MQ%3D%3D&google_push=AZmPxg9eb_95eJPw6ubcNbZBUtBXLaSUTwqYUFH5eJZF7st5hpDVEzRiR43OU0pBGRI7b9tfIm4SSk-cDpEI3vWqn7D5C1wrzOg4

Requested by

Host: 99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com
URL: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDUxMDc2NzE4OTExNzE2Mzk2OTE4MQ%3D%3D&google_push=AZmPxg9eb_95eJPw6ubcNbZBUtBXLaSUTwqYUFH5eJZF7st5hpDVEzRiR43OU0pBGRI7b9tfIm4SSk-cDpEI3vWqn7D5C1wrzOg4
date: Sun, 02 Oct 2022 11:27:10 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E432
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEOfOX_t_5DNjcZq7fX2xwZE&google_cver=1&google_push=AZmPxg-0AcpVrpqkm0EoVQYnNS5dz2GR3q-JcDRBACWMKdiyjQVHos7p3oeVhpVKu9JJekOUSE...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1VT3FkbjdCRTJ1Ry4uWnEydk5nMU13VUtpbjRfRnhrY35B&google_push=AZmPxg-0AcpVrpqkm0EoVQYnNS5dz2GR3q-JcDRBACWMKdiyjQVHos7p3...

170 B
188 B

20ms
19ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1VT3FkbjdCRTJ1Ry4uWnEydk5nMU13VUtpbjRfRnhrY35B&google_push=AZmPxg-0AcpVrpqkm0EoVQYnNS5dz2GR3q-JcDRBACWMKdiyjQVHos7p3oeVhpVKu9JJekOUSE4kUeadflQfc--5_0bft-nh7NWzMg

Requested by

Host: 99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com
URL: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1VT3FkbjdCRTJ1Ry4uWnEydk5nMU13VUtpbjRfRnhrY35B&google_push=AZmPxg-0AcpVrpqkm0EoVQYnNS5dz2GR3q-JcDRBACWMKdiyjQVHos7p3oeVhpVKu9JJekOUSE4kUeadflQfc--5_0bft-nh7NWzMg
date: Sun, 02 Oct 2022 11:27:09 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame E432 0
12 B 18ms
17ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L-TI64yzW3KBGl19w0kBUzaKbbxiNF_AtykaccCiZzuy93EYhXYNklJCCXgEuxl2HO5UtkzQ

Requested by

Host: 99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com
URL: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:27:09 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/12809638294083468348/ Frame 16B3 15 KB
2 KB 62ms
58ms Document
text/html 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12809638294083468348/index.html?e=69&leftOffset=0&topOffset=0&c=6n9Ph8lTo9&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ae70b7413b2252f3215889731e38f7192c1d3f061d04e8e496725b76f7723f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2279
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sun, 02 Oct 2022 11:27:09 GMT
expires: Mon, 02 Oct 2023 11:27:09 GMT
last-modified: Wed, 14 Sep 2022 10:34:48 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8D40 0
27 B 55ms
54ms Ping
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsudElQkaGMcwl3rqPWvp2Lb9FmlzSiytmbwEG-Putgs3m7nzO3-AvGmohy0BZZ7FA5BKG08Frg7DHVlyMEZ3ZSv24YPomA6rCRN2hA4e4Fug0bNjalnomAQ0QMNpuNqq58zWBoGKHunoU5XqCL7nTq2pzn_JIulTFG1P_B0sNQk4yVvNk4lCNjSgjMhtK4kC3mV-rp9owernGrUpIL9EsxEijPZLx6VTOe1bUf6L7gKcvDzthTIY67506qz9YTUPE1uJzTgNAxlh0MV61C5Mtr7LX0CAhdNOtFDBDzQOaGK82tmQytxbeVGwJcAm5hTvUC5fF1CqJtq_jVGDcZqIPXj7Xx_dT1apuoBKV6z9dZMAxHvBKxGP922INf1HvSxBCWk9Sd7BpUzrindU7N8zOPkCeaaW_VfX-rjhKFnV6Ghcx15NyIKjRj6e-_G4pDgjOks2Xz9KbJNLuLl8xmIsKS5Ekdi_Qr8jIlS9bcduoTMO0EnbK6tK5uNbsVAGqhps07wfyeXsy26n5iQWKkJmTQcF2GysIr9Lv_hJkguqFD7X-f3R_ZaGL1EJqpt6Z99YGJQUg8JWaSCiv-4fp7Xstb1jxuWPNrrbbPpsVyx92yqnP3bSyBEiBr4SJEU5iZamqr2mLgJ9UKrmiv_zKoNfrDaul3FDKfwJ80XM-h_cu3BQQ9XHD7T1brPkIG2DcFgZPRor8O8vajk5SX8ghaGrcKlapWyS8o4OI_Dj9e9tCZQKNC18VhpuS_mQzO5HoFK28RxuKbfJKYxFOyTXU50vF4RDcQobH0YrTPolTmYkc0o2qflJmbtWW5_JNeLaurOp79CoF3ooe9jnClkDTzciguLJI9xqgWblabdALTmER5heFvddCB7XUpXSNh-3ZQPASpJW1VaUynZhQt5KdK_WTCtEW593TovZ3vgKKPyWHuUIv3qEdRvoSXp_eFyRWbqtEG4i3Oe51UXwiXK90P64zgSEt7DtcKVhHrcGyY27etPHONavhjuK833lNoHerXTRpEs7tVoa_mSs0Ow7qeGt9nLNFk3hRJGIL6sXsFdPASnRQ9skZ7Mz86-Ur03HQLgBc3RH6z65jTqqFoCh0O7-Bp0ZfEiL5UNdXT5qrYu9-xc14LGHsyoTF4aeBwo-lrOvyAeXufvh0p3zP4lzw5H3W5YwLdLiN_blLwc_1simZxRwf9WAJ_HyoLbWBri7Z9G7tAojbOax2wYv4DSBRHc6US_Rg1gKn5Blg&sai=AMfl-YQAeIXEMYxsXJ4HrzXG2VfyPdcRwT5n9cjS1r8wU41DY_bTFVxY5vMTfw_XzzAg7wurcS2lGDjcIYOpNyZ6_DtVcv4h03nffkBHNouSCrY3_yivrioJUmRed920CpQPLYfb36lQ4lChPSrWHE80Y8vU0W2JyRFCOBjwi3zwVt8r430XN6PnHO2Jg46aKn4Nvrfe7jKTNiDoaoMhk3dg20x2I2c&sig=Cg0ArKJSzN3GRNJsJSseEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=230&cbvp=1&cstd=220&cisv=r20220928.56663&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 02 Oct 2022 11:27:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 style.css
s0.2mdn.net/sadbundle/17874063029151575824/stylesheets/ Frame F55A 1 KB
454 B 32ms
30ms Stylesheet
text/css 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17874063029151575824/stylesheets/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17874063029151575824/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2948551f4ade99dd8bb5a8707af9251af71b1e8f09dcbc17eb0af2106e2a93a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17874063029151575824/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 05:42:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 366296
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 425
x-xss-protection: 0
last-modified: Fri, 29 Jul 2022 08:26:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 28 Sep 2023 05:42:13 GMT

GET
H3 200 tweenmax_1.18.0_499ba64a23378545748ff12d372e59e9_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame F55A 105 KB
35 KB 61ms
59ms Script
text/javascript 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.18.0_499ba64a23378545748ff12d372e59e9_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17874063029151575824/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

001acbb15d9c69510c0817e6dde361bff098406fad182ab3c367f86ff3da8343

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17874063029151575824/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:27:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35824
x-xss-protection: 0
last-modified: Fri, 09 Oct 2015 14:01:28 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 02 Oct 2022 11:27:09 GMT

GET
H3 200 main.js Show response
s0.2mdn.net/sadbundle/17874063029151575824/javascripts/ Frame F55A 2 KB
684 B 32ms
31ms Script
application/x-javascript 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17874063029151575824/javascripts/main.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17874063029151575824/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

531151a5607d7ff6b7df0295d9ab13bd70345ce41cccc28c932ce66007707f8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17874063029151575824/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 08:27:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 269968
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 655
x-xss-protection: 0
last-modified: Fri, 29 Jul 2022 08:26:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 29 Sep 2023 08:27:41 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame DFDB 41 KB
15 KB 26ms
25ms Script
text/javascript 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com
URL: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 18:03:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 408238
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Sep 2023 18:03:11 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 35A4 1 KB
749 B 30ms
28ms Document
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com
URL: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 14197
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 02 Oct 2022 07:30:32 GMT
etag: 48472445140208031
expires: Mon, 03 Oct 2022 07:30:32 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame DFDB 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 57a381bf87ed3432612412861d3fb287b752e552985589e82c21f13f0ffeb17b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 8D40 41 KB
15 KB 26ms
24ms Script
text/javascript 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com
URL: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 18:03:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 408238
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Sep 2023 18:03:11 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 36DA 1 KB
749 B 30ms
22ms Document
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com
URL: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 14197
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 02 Oct 2022 07:30:32 GMT
etag: 48472445140208031
expires: Mon, 03 Oct 2022 07:30:32 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 8D40 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fc1442bf193a5c1368f0bd452158610779589bead69a3695b96965d40ec18cfb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Matter-Medium.woff2
s0.2mdn.net/sadbundle/10569509255970124420/160x600-English/ Frame 6177 13 KB
13 KB 27ms
26ms Font
font/woff2 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10569509255970124420/160x600-English/Matter-Medium.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10569509255970124420/160x600-English/index.html?e=69&leftOffset=0&topOffset=0&c=w5nNTJTlSZ&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f8bbc190d9cb158f38b0aae3c9491e89be9f4dd4028dc1c3bed86a7540eefac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/10569509255970124420/160x600-English/index.html?e=69&leftOffset=0&topOffset=0&c=w5nNTJTlSZ&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 02:47:17 GMT
x-content-type-options: nosniff
age: 203993
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13308
x-xss-protection: 0
last-modified: Tue, 15 Feb 2022 17:43:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 30 Sep 2023 02:47:17 GMT

GET
H3 200 Matter-Regular.woff2
s0.2mdn.net/sadbundle/10569509255970124420/160x600-English/ Frame 6177 13 KB
13 KB 34ms
33ms Font
font/woff2 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10569509255970124420/160x600-English/Matter-Regular.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10569509255970124420/160x600-English/index.html?e=69&leftOffset=0&topOffset=0&c=w5nNTJTlSZ&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

377bc25a040deafc0f0f6d97cc02a6b49db215b824e8ee637ff25f0fa5506033

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/10569509255970124420/160x600-English/index.html?e=69&leftOffset=0&topOffset=0&c=w5nNTJTlSZ&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 12:35:15 GMT
x-content-type-options: nosniff
age: 255115
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13340
x-xss-protection: 0
last-modified: Tue, 15 Feb 2022 17:43:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 29 Sep 2023 12:35:15 GMT

GET
H3 200 MatterSQ-Medium.woff2
s0.2mdn.net/sadbundle/10569509255970124420/160x600-English/ Frame 6177 25 KB
25 KB 37ms
35ms Font
font/woff2 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10569509255970124420/160x600-English/MatterSQ-Medium.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10569509255970124420/160x600-English/index.html?e=69&leftOffset=0&topOffset=0&c=w5nNTJTlSZ&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56b47c8cb579a37490b9e884cd34ff023ef4d512c3cf8d990375673e16dc1377

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/10569509255970124420/160x600-English/index.html?e=69&leftOffset=0&topOffset=0&c=w5nNTJTlSZ&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 23:07:52 GMT
x-content-type-options: nosniff
age: 217158
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25172
x-xss-protection: 0
last-modified: Tue, 15 Feb 2022 17:43:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 29 Sep 2023 23:07:52 GMT

GET
H3 200 MatterSQ-Regular.woff2
s0.2mdn.net/sadbundle/10569509255970124420/160x600-English/ Frame 6177 25 KB
25 KB 51ms
50ms Font
font/woff2 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10569509255970124420/160x600-English/MatterSQ-Regular.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10569509255970124420/160x600-English/index.html?e=69&leftOffset=0&topOffset=0&c=w5nNTJTlSZ&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97557bcb023f04ded9636b30d489a0aa8e6275da3a68eec98b057920540dc0c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/10569509255970124420/160x600-English/index.html?e=69&leftOffset=0&topOffset=0&c=w5nNTJTlSZ&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 15:07:03 GMT
x-content-type-options: nosniff
age: 246007
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25144
x-xss-protection: 0
last-modified: Tue, 15 Feb 2022 17:43:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 29 Sep 2023 15:07:03 GMT

GET
H3 200 MatterSQ-Bold.woff2
s0.2mdn.net/sadbundle/10569509255970124420/160x600-English/ Frame 6177 32 KB
32 KB 44ms
43ms Font
font/woff2 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10569509255970124420/160x600-English/MatterSQ-Bold.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10569509255970124420/160x600-English/index.html?e=69&leftOffset=0&topOffset=0&c=w5nNTJTlSZ&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

615e2800a9dea94b21e1b1242482215947235750a21c790f04456cce3733b01b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/10569509255970124420/160x600-English/index.html?e=69&leftOffset=0&topOffset=0&c=w5nNTJTlSZ&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 11:17:50 GMT
x-content-type-options: nosniff
age: 259760
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32264
x-xss-protection: 0
last-modified: Tue, 15 Feb 2022 17:43:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 29 Sep 2023 11:17:50 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 6177 118 KB
40 KB 26ms
26ms Script
text/javascript 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10569509255970124420/160x600-English/index.html?e=69&leftOffset=0&topOffset=0&c=w5nNTJTlSZ&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10569509255970124420/160x600-English/index.html?e=69&leftOffset=0&topOffset=0&c=w5nNTJTlSZ&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 10:25:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3691
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 03 Oct 2022 10:25:39 GMT

GET
H3 200 gsap_3.0.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 6177 54 KB
22 KB 104ms
103ms Script
text/javascript 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.0.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10569509255970124420/160x600-English/index.html?e=69&leftOffset=0&topOffset=0&c=w5nNTJTlSZ&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8154aa9057e3367d9d3e4bb1f85db9645c01fc0690091aadc57dbae849ba3499

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10569509255970124420/160x600-English/index.html?e=69&leftOffset=0&topOffset=0&c=w5nNTJTlSZ&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:27:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22005
x-xss-protection: 0
last-modified: Mon, 11 Nov 2019 18:08:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 02 Oct 2022 11:27:10 GMT

GET
H3 200 1661867165592.css
s0.2mdn.net/sadbundle/12809638294083468348/ Frame 16B3 10 KB
2 KB 28ms
27ms Stylesheet
text/css 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12809638294083468348/1661867165592.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12809638294083468348/index.html?e=69&leftOffset=0&topOffset=0&c=6n9Ph8lTo9&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e0c6eb6c36c30e5c53ee42f1b98270759035c32f99889f11ea7808d80d3fb56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12809638294083468348/index.html?e=69&leftOffset=0&topOffset=0&c=6n9Ph8lTo9&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 13:11:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 339319
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2353
x-xss-protection: 0
last-modified: Wed, 14 Sep 2022 10:34:48 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 28 Sep 2023 13:11:51 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 16B3 118 KB
40 KB 44ms
43ms Script
text/javascript 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12809638294083468348/index.html?e=69&leftOffset=0&topOffset=0&c=6n9Ph8lTo9&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12809638294083468348/index.html?e=69&leftOffset=0&topOffset=0&c=6n9Ph8lTo9&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 10:25:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3691
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 03 Oct 2022 10:25:39 GMT

GET
H3 200 1661867165592.js Show response
s0.2mdn.net/sadbundle/12809638294083468348/ Frame 16B3 34 KB
11 KB 48ms
47ms Script
application/x-javascript 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12809638294083468348/1661867165592.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12809638294083468348/index.html?e=69&leftOffset=0&topOffset=0&c=6n9Ph8lTo9&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4989bc93c351231cf57c606028d58c3c35ec23a469cfe4475195db035df17fd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12809638294083468348/index.html?e=69&leftOffset=0&topOffset=0&c=6n9Ph8lTo9&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 13:11:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 339319
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11482
x-xss-protection: 0
last-modified: Wed, 14 Sep 2022 10:34:48 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 28 Sep 2023 13:11:51 GMT

GET
H3 200 bg.jpg
s0.2mdn.net/sadbundle/17874063029151575824/images/ Frame F55A 19 KB
19 KB 28ms
27ms Image
image/jpeg 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17874063029151575824/images/bg.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17874063029151575824/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97b4e892a7e054ad10733356dd736ca3e87fa28c7a8b92abc4da76206544c232

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17874063029151575824/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 17:25:56 GMT
x-content-type-options: nosniff
age: 410474
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19429
x-xss-protection: 0
last-modified: Fri, 29 Jul 2022 08:26:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 27 Sep 2023 17:25:56 GMT

GET
H3 200 dot1.png
s0.2mdn.net/sadbundle/17874063029151575824/images/ Frame F55A 1023 B
1 KB 37ms
33ms Image
image/png 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17874063029151575824/images/dot1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17874063029151575824/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0aa7a6959e34f45272799a5a329d90622dec4c20600c2fac9d15b98574dbf366

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17874063029151575824/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 17:25:56 GMT
x-content-type-options: nosniff
age: 410474
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1023
x-xss-protection: 0
last-modified: Fri, 29 Jul 2022 08:26:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 27 Sep 2023 17:25:56 GMT

GET
H3 200 hl1.png
s0.2mdn.net/sadbundle/17874063029151575824/images/ Frame F55A 3 KB
3 KB 36ms
32ms Image
image/png 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17874063029151575824/images/hl1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17874063029151575824/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

775c0a3d3f8763bd6912c9f871f7846a55885bf0e89bb721c18f34d6a80b80f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17874063029151575824/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 17:25:56 GMT
x-content-type-options: nosniff
age: 410474
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2657
x-xss-protection: 0
last-modified: Fri, 29 Jul 2022 08:26:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 27 Sep 2023 17:25:56 GMT

GET
H3 200 push01.png
s0.2mdn.net/sadbundle/17874063029151575824/images/ Frame F55A 5 KB
5 KB 30ms
27ms Image
image/png 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17874063029151575824/images/push01.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17874063029151575824/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d40a92f4a8752ab9aea9411ff0a634ac5413c370d5478904939f83821b1bfaac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17874063029151575824/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 21:40:49 GMT
x-content-type-options: nosniff
age: 222381
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5245
x-xss-protection: 0
last-modified: Fri, 29 Jul 2022 08:26:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 29 Sep 2023 21:40:49 GMT

GET
H3 200 circle1.png
s0.2mdn.net/sadbundle/17874063029151575824/images/ Frame F55A 48 KB
48 KB 41ms
38ms Image
image/png 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17874063029151575824/images/circle1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17874063029151575824/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18639aff39e2b2cb36a3a88c3c7505edefef6b75ceaa248864e9bf5445dcda04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17874063029151575824/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 08:27:41 GMT
x-content-type-options: nosniff
age: 269969
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49376
x-xss-protection: 0
last-modified: Fri, 29 Jul 2022 08:26:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 29 Sep 2023 08:27:41 GMT

GET
H3 200 hl2.png
s0.2mdn.net/sadbundle/17874063029151575824/images/ Frame F55A 3 KB
3 KB 38ms
35ms Image
image/png 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17874063029151575824/images/hl2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17874063029151575824/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af90fe950a6cc9d6f7f26e1eb07cb31dec0d9cb2894864e391388efc46b476c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17874063029151575824/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:34:20 GMT
x-content-type-options: nosniff
age: 161570
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2833
x-xss-protection: 0
last-modified: Fri, 29 Jul 2022 08:26:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 30 Sep 2023 14:34:20 GMT

GET
H3 200 push02.png
s0.2mdn.net/sadbundle/17874063029151575824/images/ Frame F55A 2 KB
2 KB 37ms
34ms Image
image/png 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17874063029151575824/images/push02.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17874063029151575824/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b61d45a8c787f4b07b8a6f13585225b5a3458dc359eca5dabc1399fe91c46f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17874063029151575824/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 21:40:49 GMT
x-content-type-options: nosniff
age: 222381
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2016
x-xss-protection: 0
last-modified: Fri, 29 Jul 2022 08:26:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 29 Sep 2023 21:40:49 GMT

GET
H3 200 circle2.png
s0.2mdn.net/sadbundle/17874063029151575824/images/ Frame F55A 52 KB
52 KB 39ms
36ms Image
image/png 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17874063029151575824/images/circle2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17874063029151575824/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

abb94051f566228722a19e8331912dff9bb160c51a92fe27a417a5e4393538e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17874063029151575824/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 21:40:49 GMT
x-content-type-options: nosniff
age: 222381
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52806
x-xss-protection: 0
last-modified: Fri, 29 Jul 2022 08:26:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 29 Sep 2023 21:40:49 GMT

GET
H3 200 logo.png
s0.2mdn.net/sadbundle/17874063029151575824/images/ Frame F55A 5 KB
5 KB 38ms
35ms Image
image/png 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17874063029151575824/images/logo.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17874063029151575824/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3208b1d03f1e7859505a9943eed6b9d43a3615c39152e442fc54663181cb11e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17874063029151575824/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 21:40:49 GMT
x-content-type-options: nosniff
age: 222381
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5044
x-xss-protection: 0
last-modified: Fri, 29 Jul 2022 08:26:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 29 Sep 2023 21:40:49 GMT

GET
H3 200 cta.png
s0.2mdn.net/sadbundle/17874063029151575824/images/ Frame F55A 9 KB
9 KB 36ms
33ms Image
image/png 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17874063029151575824/images/cta.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17874063029151575824/stylesheets/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

033b1ca06777e22d8d764b5f85a0a166f19f52372998c0198805d2193c3485d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17874063029151575824/stylesheets/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 09:13:19 GMT
x-content-type-options: nosniff
age: 267231
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8855
x-xss-protection: 0
last-modified: Fri, 29 Jul 2022 08:26:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 29 Sep 2023 09:13:19 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 37A8 22 KB
8 KB 33ms
33ms Document
text/html 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 273742
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 29 Sep 2022 07:24:48 GMT
expires: Fri, 29 Sep 2023 07:24:48 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 i.match
a.tribalfusion.com/ Frame 35A4 43 B
574 B 195ms
194ms Image
image/gif 2606:4700:4400::6812:230b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b6&u=CAESEDhvWJzdp8lrVf_4aL5Dczk&google_cver=1&google_push=AZmPxg-R33Su5YbIX5dbZVHmjff0nmV3ETxw8yAnopv--68NxPkTIwXtO8haYm6YiloPhMEXoz0TpCXf3zwRvl8vJmDLtlkcYw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg-R33Su5YbIX5dbZVHmjff0nmV3ETxw8yAnopv--68NxPkTIwXtO8haYm6YiloPhMEXoz0TpCXf3zwRvl8vJmDLtlkcYw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: 99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com
URL: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:230b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:10 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 753d16586ad092a5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 35A4
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESED36ZQCqzTaYhjGNdFhN9Uk&google_cver=1&google_push=AZmPxg_bBY6DsLJ1axBvTDihIdNpTyL7fxKXmHe8NYL4B2KjEq4gShmoFbVPawiIllVpaTR-_WMbAO3...
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=8&google_gid=CAESED36ZQCqzTaYhjGNdFhN9Uk&google_cver=1&google_push=AZmPxg_bBY6DsLJ1axBvTDihIdNpTyL7fxKXmHe8NYL4B2KjEq4gShmoFbVPawiIllVpa...
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=sHyRxM7ERvG_MAUFslyYa2M5dY4

170 B
188 B

20ms
20ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=sHyRxM7ERvG_MAUFslyYa2M5dY4

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:09 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=sHyRxM7ERvG_MAUFslyYa2M5dY4
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 35A4
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPRmNCOqv1CX_Y9rOM_952E&google_cver=1&google_push=AZmPxg_5Tbz0wjhTKqwCIn2CrlEuyjo_oSoTP9Y48sGjAe4UuL4x5BSKZjc640ev4iPUrU1uUKz45Y1z...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjY1MzU4NDg2ODA1OTQyNjc0NA&google_push=AZmPxg_5Tbz0wjhTKqwCIn2CrlEuyjo_oSoTP9Y48sGjAe4UuL4x5BSKZjc640ev4iPUrU1uUKz45Y...

170 B
188 B

19ms
18ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjY1MzU4NDg2ODA1OTQyNjc0NA&google_push=AZmPxg_5Tbz0wjhTKqwCIn2CrlEuyjo_oSoTP9Y48sGjAe4UuL4x5BSKZjc640ev4iPUrU1uUKz45Y1z-0bqxzYzuPze724Uir0

Requested by

Host: 99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com
URL: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjY1MzU4NDg2ODA1OTQyNjc0NA&google_push=AZmPxg_5Tbz0wjhTKqwCIn2CrlEuyjo_oSoTP9Y48sGjAe4UuL4x5BSKZjc640ev4iPUrU1uUKz45Y1z-0bqxzYzuPze724Uir0
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 35A4
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJueY9Zc5V6WY948IpJNbe0&google_cver=1&google_push=AZmPxg-FHBUoIBOw6uuBHCH7pVz93j03o2l9OtkNCiWKz6dyLS33dXdajZtmbjupiZISAwXP8bh...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhSOURBSUQtMU4tR0RIUA==&google_push=AZmPxg-FHBUoIBOw6uuBHCH7pVz93j03o2l9OtkNCiWKz6dyLS33dXdajZtmbjupiZISAwXP8bhMgpxeUQt4_0v-0gb3GgrvHA

170 B
188 B

18ms
18ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhSOURBSUQtMU4tR0RIUA==&google_push=AZmPxg-FHBUoIBOw6uuBHCH7pVz93j03o2l9OtkNCiWKz6dyLS33dXdajZtmbjupiZISAwXP8bhMgpxeUQt4_0v-0gb3GgrvHA

Requested by

Host: 99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com
URL: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhSOURBSUQtMU4tR0RIUA==&google_push=AZmPxg-FHBUoIBOw6uuBHCH7pVz93j03o2l9OtkNCiWKz6dyLS33dXdajZtmbjupiZISAwXP8bhMgpxeUQt4_0v-0gb3GgrvHA
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 35A4
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEAM40CENnLs6stONiLQX08s&google_cver=1&google_push=AZmPxg_y3zMmUX-T6bOqC6WpyplZiBdK2vlEJCMYwnfGJdHE0pECgaUTffOvIpSIZKS78XszQ-dyJWPQZ8qxRxHpC...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEAM40CENnLs6stONiLQX08s&google_cver=1&google_push=AZmPxg_y3zMmUX-T6bOqC6WpyplZiBdK2vlEJCMYwnfGJdHE0pECgaUTffOvIpSIZKS78XszQ-dyJWPQZ8qxRxHpC...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AZmPxg_y3zMmUX-T6bOqC6WpyplZiBdK2vlEJCMYwnfGJdHE0pECgaUTffOvIpSIZKS78XszQ-dyJWPQZ8qxRxHpCCDlyDNLf50&google_hm=FadPqGZHVUw_sU9SQnKg-CMc

170 B
188 B

26ms
24ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AZmPxg_y3zMmUX-T6bOqC6WpyplZiBdK2vlEJCMYwnfGJdHE0pECgaUTffOvIpSIZKS78XszQ-dyJWPQZ8qxRxHpCCDlyDNLf50&google_hm=FadPqGZHVUw_sU9SQnKg-CMc

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 02 Oct 2022 11:27:10 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AZmPxg_y3zMmUX-T6bOqC6WpyplZiBdK2vlEJCMYwnfGJdHE0pECgaUTffOvIpSIZKS78XszQ-dyJWPQZ8qxRxHpCCDlyDNLf50&google_hm=FadPqGZHVUw_sU9SQnKg-CMc
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 35A4
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESELNZA1zVhbfeLxN4szuBVmQ&google_cver=1&google_push=AZmPxg8xgWhqOJsCrY6p9Rmwajedqe7R4JelR01G4QMHiHpAV-R26NUrEZK3UTbdyuEVfnIAKy1b-t-tSt7QHVSs...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AZmPxg8xgWhqOJsCrY6p9Rmwajedqe7R4JelR01G4QMHiHpAV-R26NUrEZK3UTbdyuEVfnIAKy1b-t-tSt7QHVSsJQl-BOX1cqY

170 B
188 B

23ms
22ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AZmPxg8xgWhqOJsCrY6p9Rmwajedqe7R4JelR01G4QMHiHpAV-R26NUrEZK3UTbdyuEVfnIAKy1b-t-tSt7QHVSsJQl-BOX1cqY

Requested by

Host: 99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com
URL: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 02 Oct 2022 11:27:10 GMT
via: 1.1 7be6cb2d0156b563b6b1c8f2595ddd52.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-P5
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AZmPxg8xgWhqOJsCrY6p9Rmwajedqe7R4JelR01G4QMHiHpAV-R26NUrEZK3UTbdyuEVfnIAKy1b-t-tSt7QHVSsJQl-BOX1cqY
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: _CUNfEVZ70WezlLhLJDHRyUP1k8Jwwf0owXJ5cpUEhCrLy4BCrD7GA==

GET
H2

200

/
onetag-sys.com/match/ Frame 35A4
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESECsHzovzHMVkBIrA9DFc-3g&google_cver=1&google_push=AZmPxg9vicvisAo-BmroQusB5ACWcoEFkERX3PqAEQRe2UuHBTAPVMGFhMw0u5t0FPIfIASZjkoQz-D3_8m...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg9vicvisAo-BmroQusB5ACWcoEFkERX3PqAEQRe2UuHBTAPVMGFhMw0u5t0FPIfIASZjkoQz-D3_8mq_D6MHz79xoXQ1DE
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

11ms
9ms

Image
text/plain

51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: 99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com
URL: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:10 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 35A4 0
12 B 16ms
15ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LKQYhuevzSqmUQ4Qsz-p-8H2HHNKpuewCQDJ0uI3ws-W43UOL_Ugt_nENqtruNrfC2692SGw

Requested by

Host: 99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com
URL: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:27:10 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 1215 22 KB
8 KB 28ms
27ms Document
text/html 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 273742
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 29 Sep 2022 07:24:48 GMT
expires: Fri, 29 Sep 2023 07:24:48 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 36DA
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEHY-5sPFyG5NrzlCehOqrtA&google_cver=1&google_push=AZmPxg-hu1Ilch6z3hrXQhfYfnw7NLlO_dUId4XrFcfi4CwS4WXbW4LZ2luniVg1uynRFjV0lghg5z8hKuCzUGZX...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=G3RjOXWMSgCwWHC_xIUOKA&google_push=AZmPxg-hu1Ilch6z3hrXQhfYfnw7NLlO_dUId4XrFcfi4CwS4WXbW4LZ2luniVg1uynRFjV0lghg5z8hKuCzUGZXX6SRiiaC...

170 B
188 B

22ms
21ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=G3RjOXWMSgCwWHC_xIUOKA&google_push=AZmPxg-hu1Ilch6z3hrXQhfYfnw7NLlO_dUId4XrFcfi4CwS4WXbW4LZ2luniVg1uynRFjV0lghg5z8hKuCzUGZXX6SRiiaCNXjI

Requested by

Host: 99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com
URL: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 02 Oct 2022 11:27:10 GMT
Server: MT3 4525 e1952b7 master cdg-pixel-x24 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=G3RjOXWMSgCwWHC_xIUOKA&google_push=AZmPxg-hu1Ilch6z3hrXQhfYfnw7NLlO_dUId4XrFcfi4CwS4WXbW4LZ2luniVg1uynRFjV0lghg5z8hKuCzUGZXX6SRiiaCNXjI
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 02 Oct 2022 11:27:09 GMT

GET
H2 503 5w3jqr4k
sync-tm.everesttech.net/upi/pid/ Frame 36DA 0
83 B 12ms
7ms Image
text/plain 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEHwnl4ursZTQMxKWfohqc3E&google_cver=1&google_push=AZmPxg8VTn9As7mwjgBfR1cl6bDf2SqouGYYiwiXy7Bp7JXy0RABcR56SkyISCng6nLDzGsTlinF4WDfxkxqqLQ1uIMLV08IzU7Z
Requested by: Host: 99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com
URL: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-cache-hits: 0
pragma: no-cache
date: Sun, 02 Oct 2022 11:27:10 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1664710030.157796,VS0,VE0
x-cache: MISS
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-served-by: cache-hhn4026-HHN

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 36DA
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEE_hBEo42sTLjBoLPRRhPbk&google_cver=1&google_push=AZmPxg_2nJXIdcAcniMSjBCGPPhN8vd-sbfSkOGnUQuZi5PiF0GRnfIGhllqpH7XwIigOJduejI6NbX6azQYSm2afG7b-HXprP9-
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=BB5F013D0844418D8818FA1B516D05E0&google_push=AZmPxg_2nJXIdcAcniMSjBCGPPhN8vd-sbfSkOGnUQuZi5PiF0GRnfIGhllqpH7XwIigOJduejI6NbX6azQYSm2...

170 B
188 B

29ms
24ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=BB5F013D0844418D8818FA1B516D05E0&google_push=AZmPxg_2nJXIdcAcniMSjBCGPPhN8vd-sbfSkOGnUQuZi5PiF0GRnfIGhllqpH7XwIigOJduejI6NbX6azQYSm2afG7b-HXprP9-

Requested by

Host: 99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com
URL: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 02 Oct 2022 11:27:10 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=BB5F013D0844418D8818FA1B516D05E0&google_push=AZmPxg_2nJXIdcAcniMSjBCGPPhN8vd-sbfSkOGnUQuZi5PiF0GRnfIGhllqpH7XwIigOJduejI6NbX6azQYSm2afG7b-HXprP9-
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 01 Oct 2022 11:27:10 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 36DA
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESELPFk67qUUKBVl8zdmEO3tQ&google_cver=1&google_push=AZmPxg87VZH2uOlY5Sp7RggzM6pcDIJtMgR2YF0i1Bdos-UxH9UeSSlV_CW7XtIyWn0gg96KhM1DFNZFIMb...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AZmPxg87VZH2uOlY5Sp7RggzM6pcDIJtMgR2YF0i1Bdos-UxH9UeSSlV_CW7XtIyWn0gg96KhM1DFNZFIMb28Fvc9U9zgqQvLbET&google_hm=fsvM-UYQQlesQQx8IrNqU4Q

170 B
188 B

21ms
20ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AZmPxg87VZH2uOlY5Sp7RggzM6pcDIJtMgR2YF0i1Bdos-UxH9UeSSlV_CW7XtIyWn0gg96KhM1DFNZFIMb28Fvc9U9zgqQvLbET&google_hm=fsvM-UYQQlesQQx8IrNqU4Q

Requested by

Host: 99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com
URL: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:10 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AZmPxg87VZH2uOlY5Sp7RggzM6pcDIJtMgR2YF0i1Bdos-UxH9UeSSlV_CW7XtIyWn0gg96KhM1DFNZFIMb28Fvc9U9zgqQvLbET&google_hm=fsvM-UYQQlesQQx8IrNqU4Q
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 36DA
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESECsHzovzHMVkBIrA9DFc-3g&google_cver=1&google_push=AZmPxg-_xvE2ynwsBcxIL4eCTtixjhY25DbJl1rZXbkCJuLp7RCmKPRdsm9UBRQzzMSe1QwUzMAgXum9AZsS...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg-_xvE2ynwsBcxIL4eCTtixjhY25DbJl1rZXbkCJuLp7RCmKPRdsm9UBRQzzMSe1QwUzMAgXum9AZsSjmKwgfa9Bg9yEK4E

170 B
188 B

21ms
20ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg-_xvE2ynwsBcxIL4eCTtixjhY25DbJl1rZXbkCJuLp7RCmKPRdsm9UBRQzzMSe1QwUzMAgXum9AZsSjmKwgfa9Bg9yEK4E

Requested by

Host: 99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com
URL: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg-_xvE2ynwsBcxIL4eCTtixjhY25DbJl1rZXbkCJuLp7RCmKPRdsm9UBRQzzMSe1QwUzMAgXum9AZsSjmKwgfa9Bg9yEK4E
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 36DA
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEOaeeXOZ0ztXaq36mI4ZIu4&google_cver=1&google_push=AZmPxg9YoMeO0K6SiDcRHZZq2TnkWV0HS65MfR4zswovHS0wye2hom53bkxgikl0N9u5GT29I8kA9uc5PbJlIQuxgVQNxW1ygZc2
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDUxMDc2NzE4OTExNzE2Mzk2OTE4MQ%3D%3D&google_push=AZmPxg9YoMeO0K6SiDcRHZZq2TnkWV0HS65MfR4zswovHS0wye2hom53...

170 B
188 B

20ms
19ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDUxMDc2NzE4OTExNzE2Mzk2OTE4MQ%3D%3D&google_push=AZmPxg9YoMeO0K6SiDcRHZZq2TnkWV0HS65MfR4zswovHS0wye2hom53bkxgikl0N9u5GT29I8kA9uc5PbJlIQuxgVQNxW1ygZc2

Requested by

Host: 99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com
URL: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDUxMDc2NzE4OTExNzE2Mzk2OTE4MQ%3D%3D&google_push=AZmPxg9YoMeO0K6SiDcRHZZq2TnkWV0HS65MfR4zswovHS0wye2hom53bkxgikl0N9u5GT29I8kA9uc5PbJlIQuxgVQNxW1ygZc2
date: Sun, 02 Oct 2022 11:27:10 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 36DA
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEOfOX_t_5DNjcZq7fX2xwZE&google_cver=1&google_push=AZmPxg9F8lzUUTkDGAonH18Vmzgyd6HSapN5PkiY5nSv7tp-SjyFmbpi9cM0qauQi7ypv-u50_...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1VT3FkbjdCRTJ1Ry4uWnEydk5nMU13VUtpbjRfRnhrY35B&google_push=AZmPxg9F8lzUUTkDGAonH18Vmzgyd6HSapN5PkiY5nSv7tp-SjyFmbpi9...

170 B
188 B

18ms
18ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1VT3FkbjdCRTJ1Ry4uWnEydk5nMU13VUtpbjRfRnhrY35B&google_push=AZmPxg9F8lzUUTkDGAonH18Vmzgyd6HSapN5PkiY5nSv7tp-SjyFmbpi9cM0qauQi7ypv-u50_aIxgNuy7It-OZTjtY_S5OHsDZ_cA

Requested by

Host: 99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com
URL: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1VT3FkbjdCRTJ1Ry4uWnEydk5nMU13VUtpbjRfRnhrY35B&google_push=AZmPxg9F8lzUUTkDGAonH18Vmzgyd6HSapN5PkiY5nSv7tp-SjyFmbpi9cM0qauQi7ypv-u50_aIxgNuy7It-OZTjtY_S5OHsDZ_cA
date: Sun, 02 Oct 2022 11:27:10 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 36DA 0
12 B 22ms
19ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IyB6ADgsKW0-F7XSVviomeKgCB5PHpzWG5KoGTr6RzxtSmLzi3QK-epHgef5oLE0brvhW4pw

Requested by

Host: 99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com
URL: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:27:10 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 FfRQa39nZAvr1dE-0tAG9JrhPraJGrBbwHLzQGJT38Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 2C87 36 KB
16 KB 27ms
25ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/FfRQa39nZAvr1dE-0tAG9JrhPraJGrBbwHLzQGJT38Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15f4506b7f67640bebd5d13ed2d006f49ae13eb6891ab05bc072f3406253dfc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 19:20:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 317179
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16034
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Sep 2023 19:20:51 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 26D7 0
20 B 63ms
57ms Image
image/gif 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BJxQPjHU5Y9CkNcixx_APsPaPwA4AAAAAOAHgBAI&bg=!PzylPHjNAAYQgTJdMIE7ACkAdvg8WlvL6gRMzoirKZZisa-38bIR4rHuvpkjyBXI6i8kLaquAUZj7wIAAAJ-UgAAAAJoAQcKAF9jqPPtPjYZ_c3sZORTcVW1uXJ07pVPdzgSdwS_jfVOTao-t-crYtT8f5aSr4oBk1U0F2DO8u8ZZ3_xj827dgNq6ejozGyl0aTgzK8cEGDbbIMaaNee0ddXAvHrp7uCoJkC7bIeNBP7HdFepDgkYCYO0M5ceAJX4TzIuoVv_f1hJ_X5b6WrqEwevsQd897MfCkzCY99fEusVaFniz-eVrUUc0oFAbWvUP36M9hAF1g4sqwCpSVatnFaS2dQuXbK8wNvqPY_0VoJvN79ahbABMPiIIC0pOlOzXeK8LrUuC4brEXlylUYhO4V8vAHsqs6cOThLGpAJEfd8-vW2DCD-KEGMnaqe475A8D4cSw9ZCsAUiUizSw3rfpZEeeJrclkgbG0zQN-zNhEo1PIfspeRrF4tH5c4V2b-jeuyeagST4B5qwYJnbFf7GOo66AVfXtSKufWH4Nsr__G7nkwXaJYiJ4d1B6dHd149rWa7-wEBKCDBf5wL4tRVOvnpTsEKXt8QFdSruP0C_HprTijwWSP4kJ50ig_1l8ST4FxHK4cLj5fl-BLYzDlxDAMAdV-zCHv2zf0jiGqHvE_rrNE2USZ5Pz579-CBnTquC3vvMZuE28FwcYAji6-92rv7xoYf9i1b4LzEd7qNeL5pjIxm98j19Uf2EMpjkyUYi1M7VNHxFkf09eh2O6e6xaSh-dibxIr6QMxFL9BE24f3vx_sXyd0A-CuHBU6h0envkf9k4nFjFnh7PQhQcJ5HmfcccpsyujLts906HeAbcYHEbmUw8tLQB_tb1ZuutrLlDOCC854vUQ8u222qP6LsLhdEcJPERYSAxBuu9w6Pra0i84_es5mW7UhAaU-JuicAAc9kMoagsNVOTr7-dnxxy2b5f3-cxie5hzBwL7Z8exyet56iVJOUc80t8fGOJZiErdxLMnbCot9GwiY9EVudrfiwT6bEXAuLj5hshKe6ZAMAoM4Zf3Ml_9MgdGC3htJZ1GujPulcq3apIOsRaC-1213Ja_N5kydxhSwpPjkOIYlr-NcEQeY_52lSYvzd56kj0PwgUcitZOpkVtbmQuDkG197ruZZ1TNzcirOJxTrOHcodeGnQtlj6NtS6ElBcdeu0KxmDh-k3

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CEBD 42 B
64 B 147ms
91ms Fetch
image/gif 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssS9UmagoEV6Rij0HzybTO6-GhmalWKanLd4yIFXLtPQ99Nb6mieOVx3PU7lsjdJG10w4PK7HpeQZY-sUeyqdYG9prG72LJ1qH59mTpVWmZXlmBhQYqDfPfi3bcLMgrlCDCJ8767w&sai=AMfl-YT4josCb2nKSBYdrcgDQ28haVM2p_rP4zJ77barkGLAZ4j2akd9EhQZs5jHDt0qSxix1F5BFzsdYR12zACVLUaQKxZqBdAY59eIKyGoKROiJTUbqULGbhBF0UsYOpk&sig=Cg0ArKJSzLEq-yUv_hZLEAE&cid=CAASJeRoS8kAsPW6BhbumEOoIjWBcZSWOKrTa4pTZpShxjePXjRcaqo&id=lidar2&mcvt=1047&p=20,315,270,1285&mtos=1047,1047,1047,1047,1047&tos=1047,0,0,0,0&v=20220928&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=885339185&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1664710028711&rpt=411&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame DFDB 0
26 B 49ms
49ms Ping
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssq8_1GBMykJ7AyuWm_NCy5nQBvfjlrbJmi7qd7RBsgUfb_BynOMTGKdF8FRgRo2T5kLKRxpPurJnudPhcyFDSYe6_3cvCiiSh2PnFDj626l0ag4vXBs0dGGVUQgOFes2DafRTASHUKHrNOr1jjdz1GJThPaWqWVvzbQTTwT0VhsPP6xU5LYQ-RqCxzxxc1AzCXR2tWf1UQUp6OrV7GLJ9KlKvPJDW7W8OQXg3y0EUcWoCeAWdhqP83iaUHOUet5l8vkPoQPCT48rRcdOTCgJhMsdCJhcHlfAounJyvNRgreE_upQP0zJCuUkbMPz10LyHItM5NAciKNKTaC9EMAoCE84Rly8PQzGmOG50OsjzBMIh6HahiYRG5PIZccuP3ZkzYDmLSo_gKKmSiPyCkPSaeu6zxNyfTHZcVHwbLNgHtbUQuFlk6dexWxeAvfGF3vfrwJjMdetGAz8VRvUWhxz6N1esavYBNCy_QF1Mwxzlh0lM0CcbcvuocoNzS0nPorxEr0e227R05mVhPcEXGgKRVoA33xciwFjQ1qK-FvVaXlDkkEhA-mNILa1Q_KNtB5Zpwtg_bieeXv7KHZAk4x3U9TmCCQ4fe1Du8CEJLCqCIzjJfkhYWdOJ7krVEV5QRlEacxURIdShis9N3Gah0U3SUf5ErFAKtQS9S3ThuB0P_4Y6x0u3vauieww9TgQdFFi32g_gST-CE5C0_qIjU89DwKjI0SMNzVoxo14tOi8xvewBFpITj6ysgdWrEvvVzAXZE7RO3fJxOD6AMUVqqQceNIaMo6u7MVAcRhV4m1XYNI3BUy7TqPllLm3jSB6ILXxXCQPYx8yXX2voQmYUGbK44foruKy0uUTOc0kpP-ttqcOCAAklzoYiXJ0FqZ_zJf81-DNK7k_7odNOQHMgGgpcianMC4dz7jpxEIK8VOWKQKaeF0Dz0zdTn0orpbMowNI4iYxrvaFQvDe3WV1Is0uHs8G6Bk4RZFA1vWBMJUvl82hFwd5ekYBpAw7p44ZSCJorDQY71eCTCcVJz1jmlCXhOJFrNxvS9tChYAr0B-Lpt9v-IScmdyuOv-7vNsCs8-6sNwDkKj-p8rk2OErVKBwh_eYrArPm1Hkjn_Lx5gWGAqmM0NImFr0uew2lNIbabeIH_tmBQZ21JNaj3d8SH217KxZEnhIiErG0aoAWDdiI1Aa5NOl4a9R22mAtTZVqJm2Y_qaD0LDJT_g&sai=AMfl-YRDf9eTcnpvnplb8NE_p-lubfhjcGY4onlEiess_ABwkH1G1V6jsUhhglBDI-yCBKLPBg1mhmpzKyvRgC6Khws8WxJEYo1Kx2TDnHjicFdUfUTLgH6-nHPgjRAdEZOaIN36bGHb73NwrhRU98jkG2v38XQ1hl2khQBkKOSgXFC4EsTKxNQLCn0okU_ZEhy-oNgUt2_JlhE7xLk7NMUCAYQ68RI&sig=Cg0ArKJSzF-vWYFJTtd0EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=543&vt=11&dtpt=357&dett=3&cstd=183&cisv=r20220928.21023&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:27:10 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2CDF 0
26 B 48ms
47ms Ping
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuP2mG7q5YmcgDDek2BR-D2YjuL_gFTwXdpUcFX9de7pOPsF76-Bud46ciVaGNq6DCTvSLt8PDbF_Ii6XSu58sekB-_zkPmyPARNybu51hEz6KgrA2e57mICUkimL5NwnEQUrtnROF9V0DpltRxVFy0Rjth48Nw2gtS_Te9g6J-YAjBIKakDJLv0iae8lIw1dC5ePc_yQpm67Xz8S5by9k-CKZZ5WX7VjI3bJW-b9XpNuU4JfKQpB4qJXlNX8BKrXlwgX7mC5bbmk7VUIkFSxtCuwarfOXkOSrkQN-oZNGjaEcPkj26ibKH7VUTcc0io3bUkyBpbhgvX6P2CSkmVV_8ZvyjmnldXLKajdTdnpNlaGwlkAADJ2UdRhC0OgZ0kcW_-HQXbmrNRkz8Ma2LjJ7dkrvKNfk1k7-e6Ru5QgsrO-KgMsQYRPEqQByptYI1vhIW80Ve4iELlBvFhd7Ussyrm2HIOkNC1vyR8s9iM9prOCgfQ3uPOj1-qKPie-MXpH35uVfVywbA1X0lTIQdcNRuDeYZoVZMeTrWvg1ti9OtzThhjiyaf7hoJnTcLF7OPUvs8od992OEuEYgODDXm_IxlsZw4g16CciKDVlL77mZUomCTMMExbmnLJOaFt4_LA_H59grheuGbmQpnToFK5-MO1MFgXcHCR-B50dL0XnIbjFacqMv9BCBWZNHztyr3BcguuKghmdpeyC4cyTwX3wx5DvB8tFiiT04ai19B5h3r_nWO0V-2ewQXycOmq_nyGeq9Wg4xU25L4eq0m6wBTeoosisNIof4MUdqtM7CKOjHkRcf8UvcB_hr62xogfS76rmuXXyKeKqOzGTH72P4J-Gs8xJ5EfI6d6Oo9g1YryIbb-8QETiEJDS0F6Th7WuhKRbHZ34HpltfskizlrnSAKqQeb9gNv30PYuq6tDjw14qVgceqLjdS8Mab6fhLBHbAGVoXgTJ1OCC6naLfwwe1VZ9P-3xVZObO-o8dJXkuIQWsb6yE4rHtpqkmB_HavErEQXAIPOrZLUt8DIYga7C3wvmTlBDMax5nnMXUeVXADa7pfvzSFStjL5Es609oub_vLn4OfvrGuYNN6om1VV_3StAL8XH-aUVNaVnFg-Lb-uREmUj6Ye-Yohi9csSFmJJoYVgmLmJJXy_uy4SCB1nJu6b2NnM1eGI6yMHa_NImdHFDxuSoMZRfPluE8WqqNrASdgCncW33uaIbv3EAAZjGy5QZC-sq-gAd84i2Ep72wlHZsHGGtAGw&sai=AMfl-YQ5OVr7NaCvnL7eWP4ZHbl2WuUmZZefJJFYfLp6SfVzWOoGeOUpa285FZAJnnvjJi80590JeR5Hfd5QVx2p2gNfHr6mhtuklyf3GgTo04wC2-N1VBbqdAkwZo4kpMAj2hUCcyuzL5pNco3VDk1OBOCvV54wu_fRUVo7chNK7k6oVOcRWPC4gzziXUKOZIQDHOzCwC8xwZHCgFBOFsSPfBjToLvGuZlKNtvOuwRBx60Vy51T8zjR&sig=Cg0ArKJSzMBssTx7TlozEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=719&vt=11&dtpt=373&dett=3&cstd=338&cisv=r20220928.13203&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:27:10 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 logo.svg
s0.2mdn.net/sadbundle/12809638294083468348/ Frame 16B3 3 KB
1 KB 59ms
59ms Image
image/svg+xml 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12809638294083468348/logo.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12809638294083468348/1661867165592.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac1f8c2a4ee7c0ee40acb4937d0459e1e290abfa8229c4b7fc4d7992858e1cd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12809638294083468348/1661867165592.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 13:11:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 339319
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1365
x-xss-protection: 0
last-modified: Wed, 14 Sep 2022 10:34:48 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 28 Sep 2023 13:11:51 GMT

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame 4EE5 0
179 B 106ms
17ms Script
text/plain 185.64.190.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=158810&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:27:09 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 6177 7 KB
6 KB 55ms
54ms XHR
application/json 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1aecb443a9911979cf3826ed0c81da8d7da29bbf922ad5b01d81a71462e0c76c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:27:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5633
x-xss-protection: 0

GET
H3 200 FfRQa39nZAvr1dE-0tAG9JrhPraJGrBbwHLzQGJT38Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 37A8 36 KB
16 KB 30ms
28ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/FfRQa39nZAvr1dE-0tAG9JrhPraJGrBbwHLzQGJT38Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15f4506b7f67640bebd5d13ed2d006f49ae13eb6891ab05bc072f3406253dfc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 19:20:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 317179
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16034
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Sep 2023 19:20:51 GMT

GET
H3 200 FfRQa39nZAvr1dE-0tAG9JrhPraJGrBbwHLzQGJT38Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 1215 36 KB
16 KB 34ms
24ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/FfRQa39nZAvr1dE-0tAG9JrhPraJGrBbwHLzQGJT38Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15f4506b7f67640bebd5d13ed2d006f49ae13eb6891ab05bc072f3406253dfc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 19:20:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 317179
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16034
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Sep 2023 19:20:51 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8D40 0
26 B 53ms
49ms Ping
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsudElQkaGMcwl3rqPWvp2Lb9FmlzSiytmbwEG-Putgs3m7nzO3-AvGmohy0BZZ7FA5BKG08Frg7DHVlyMEZ3ZSv24YPomA6rCRN2hA4e4Fug0bNjalnomAQ0QMNpuNqq58zWBoGKHunoU5XqCL7nTq2pzn_JIulTFG1P_B0sNQk4yVvNk4lCNjSgjMhtK4kC3mV-rp9owernGrUpIL9EsxEijPZLx6VTOe1bUf6L7gKcvDzthTIY67506qz9YTUPE1uJzTgNAxlh0MV61C5Mtr7LX0CAhdNOtFDBDzQOaGK82tmQytxbeVGwJcAm5hTvUC5fF1CqJtq_jVGDcZqIPXj7Xx_dT1apuoBKV6z9dZMAxHvBKxGP922INf1HvSxBCWk9Sd7BpUzrindU7N8zOPkCeaaW_VfX-rjhKFnV6Ghcx15NyIKjRj6e-_G4pDgjOks2Xz9KbJNLuLl8xmIsKS5Ekdi_Qr8jIlS9bcduoTMO0EnbK6tK5uNbsVAGqhps07wfyeXsy26n5iQWKkJmTQcF2GysIr9Lv_hJkguqFD7X-f3R_ZaGL1EJqpt6Z99YGJQUg8JWaSCiv-4fp7Xstb1jxuWPNrrbbPpsVyx92yqnP3bSyBEiBr4SJEU5iZamqr2mLgJ9UKrmiv_zKoNfrDaul3FDKfwJ80XM-h_cu3BQQ9XHD7T1brPkIG2DcFgZPRor8O8vajk5SX8ghaGrcKlapWyS8o4OI_Dj9e9tCZQKNC18VhpuS_mQzO5HoFK28RxuKbfJKYxFOyTXU50vF4RDcQobH0YrTPolTmYkc0o2qflJmbtWW5_JNeLaurOp79CoF3ooe9jnClkDTzciguLJI9xqgWblabdALTmER5heFvddCB7XUpXSNh-3ZQPASpJW1VaUynZhQt5KdK_WTCtEW593TovZ3vgKKPyWHuUIv3qEdRvoSXp_eFyRWbqtEG4i3Oe51UXwiXK90P64zgSEt7DtcKVhHrcGyY27etPHONavhjuK833lNoHerXTRpEs7tVoa_mSs0Ow7qeGt9nLNFk3hRJGIL6sXsFdPASnRQ9skZ7Mz86-Ur03HQLgBc3RH6z65jTqqFoCh0O7-Bp0ZfEiL5UNdXT5qrYu9-xc14LGHsyoTF4aeBwo-lrOvyAeXufvh0p3zP4lzw5H3W5YwLdLiN_blLwc_1simZxRwf9WAJ_HyoLbWBri7Z9G7tAojbOax2wYv4DSBRHc6US_Rg1gKn5Blg&sai=AMfl-YQAeIXEMYxsXJ4HrzXG2VfyPdcRwT5n9cjS1r8wU41DY_bTFVxY5vMTfw_XzzAg7wurcS2lGDjcIYOpNyZ6_DtVcv4h03nffkBHNouSCrY3_yivrioJUmRed920CpQPLYfb36lQ4lChPSrWHE80Y8vU0W2JyRFCOBjwi3zwVt8r430XN6PnHO2Jg46aKn4Nvrfe7jKTNiDoaoMhk3dg20x2I2c&sig=Cg0ArKJSzN3GRNJsJSseEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=705&vt=11&dtpt=475&dett=3&cstd=220&cisv=r20220928.56663&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:27:10 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 get Show response
odb.outbrain.com/utils/ 51 KB
16 KB 284ms
280ms Script
text/javascript 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.walla.co.il%2F&idx=9&rand=42715&key=NANOWDGT01&widgetJSId=AR_25&va=true&et=true&format=html&t=YWY5NGIyOWE1NmE0ZDQ3MzY1Mzk2OTdiYzE1ZjgyNmY=&adblck=false&abwl=false&px=0&py=2452&vpd=1252&cw=1600&activeTab=true&darkMode=false&ab=0&wl=0&em=1&settings=true&recs=true&version=2000902&sig=kO6C5lSo&apv=false&false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fwww.walla.co.il%2F
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 71e09361c650e61662928702085c424a099934bb9aef1233b657bcbe369a6dd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-cache-hits: 0, 0
date: Sun, 02 Oct 2022 11:27:10 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, HHN, Europe1
x-timer: S1664710030.391108,VS0,VE264
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-served-by: cache-lga21966-LGA, cache-hhn4020-HHN
x-traceid: fe3df9ceba38ab2ad83a31cb00b19062
accept-ranges: bytes
content-length: 15884
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 60ms
59ms XHR
application/json 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022092701&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c4d74c9e818aef860d22d0d9254929742b01c04dc4bf1b27968e64f58fdd5aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:27:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11282
x-xss-protection: 0

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1/ Frame 16B3 13 KB
6 KB 37ms
8ms Script
text/javascript 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12809638294083468348/1661867165592.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 08:58:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 95336
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Oct 2023 08:58:14 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 16B3 7 KB
6 KB 54ms
53ms XHR
application/json 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09ac542204a68dedca495f08541d4164c32b31362459e8dcd9159785c537291c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:27:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5634
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 6177 17 KB
6 KB 153ms
152ms Script
text/javascript 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:27:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 02 Oct 2022 11:27:10 GMT

GET
H3 200 blank.png_1644258969663_blank.png
s0.2mdn.net/dynamic/2/10923853/cdn.ad-lib.io/v2/partners/5c8fc746b301b0322c3f5247/assets/single-files/image/png/152d175dde739a79e9397f1373ad1fa6/ Frame 6177 930 B
959 B 29ms
27ms Image
image/png 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10923853/cdn.ad-lib.io/v2/partners/5c8fc746b301b0322c3f5247/assets/single-files/image/png/152d175dde739a79e9397f1373ad1fa6/blank.png_1644258969663_blank.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b45124cb404564b355f62ca079dcab451a55d21c26cf9ffcc69434d254c312b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10569509255970124420/160x600-English/index.html?e=69&leftOffset=0&topOffset=0&c=w5nNTJTlSZ&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 12:52:53 GMT
x-content-type-options: nosniff
age: 254057
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 930
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 18:36:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 29 Sep 2023 12:52:53 GMT

GET
H3 200 IGlogo.png_1644258969663_IGlogo.png
s0.2mdn.net/dynamic/2/10923853/cdn.ad-lib.io/v2/partners/5c8fc746b301b0322c3f5247/assets/concepts/5f4fffe045825c0006a0d7a7/templates/61896af333732372dffd88f6/content/ Frame 6177 1 KB
1 KB 32ms
30ms Image
image/png 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10923853/cdn.ad-lib.io/v2/partners/5c8fc746b301b0322c3f5247/assets/concepts/5f4fffe045825c0006a0d7a7/templates/61896af333732372dffd88f6/content/IGlogo.png_1644258969663_IGlogo.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac5355b6274ed152e47435f3b048cb0fc73afd0f09c558f891ec710852cc80f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10569509255970124420/160x600-English/index.html?e=69&leftOffset=0&topOffset=0&c=w5nNTJTlSZ&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 09:50:16 GMT
x-content-type-options: nosniff
age: 351414
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1090
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 18:36:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Sep 2023 09:50:16 GMT

GET
H3 200 blank_-66_-249_1.00.png_1644258969663_blank_-66_-249_1.00.png
s0.2mdn.net/dynamic/2/10923853/cdn.ad-lib.io/v3/partners/5c8fc746b301b0322c3f5247/assets/singleFiles/61406dcd20f9cf25095312f0/original/ Frame 6177 3 KB
3 KB 33ms
31ms Image
image/png 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10923853/cdn.ad-lib.io/v3/partners/5c8fc746b301b0322c3f5247/assets/singleFiles/61406dcd20f9cf25095312f0/original/blank_-66_-249_1.00.png_1644258969663_blank_-66_-249_1.00.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2a28c6872766adcc2085c1bea236114f8518322f10d60ab02bba84be4923c58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10569509255970124420/160x600-English/index.html?e=69&leftOffset=0&topOffset=0&c=w5nNTJTlSZ&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 09:50:16 GMT
x-content-type-options: nosniff
age: 351414
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2684
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 18:36:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Sep 2023 09:50:16 GMT

GET
H3 200 GettyImages-1090693602_4964_1_1.25.jpeg_1658833216303_GettyImages-1090693602_4964_1_1.25.jpeg
s0.2mdn.net/dynamic/2/10923853/cdn.ad-lib.io/v3/partners/5c8fc746b301b0322c3f5247/assets/singleFiles/62d19165d2383e773507823b/original/ Frame 6177 18 KB
18 KB 32ms
30ms Image
image/jpeg 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10923853/cdn.ad-lib.io/v3/partners/5c8fc746b301b0322c3f5247/assets/singleFiles/62d19165d2383e773507823b/original/GettyImages-1090693602_4964_1_1.25.jpeg_1658833216303_GettyImages-1090693602_4964_1_1.25.jpeg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd9d6a8f98a60c3e645bb84377e5402fe1a23062c8a31059e91fac72a1d5d9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10569509255970124420/160x600-English/index.html?e=69&leftOffset=0&topOffset=0&c=w5nNTJTlSZ&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 12:04:26 GMT
x-content-type-options: nosniff
age: 170564
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18560
x-xss-protection: 0
last-modified: Tue, 26 Jul 2022 11:00:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 30 Sep 2023 12:04:26 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 16B3 17 KB
6 KB 150ms
150ms Script
text/javascript 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:27:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 02 Oct 2022 11:27:10 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 148ms
147ms Script
text/javascript 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:27:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 02 Oct 2022 11:27:10 GMT

GET
H3 200 congstarfont.woff2
s0.2mdn.net/creatives/assets/4234010/ Frame 16B3 98 KB
98 KB 31ms
30ms Font
font/woff2 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4234010/congstarfont.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12809638294083468348/1661867165592.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d019867c120344469403527c7d958861b81d0fc873813c97ee135f707d74122

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/12809638294083468348/1661867165592.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:13:26 GMT
x-content-type-options: nosniff
age: 824
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100772
x-xss-protection: 0
last-modified: Thu, 05 Aug 2021 09:13:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 02 Oct 2022 11:28:26 GMT

GET
H3 200 86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff
s0.2mdn.net/creatives/assets/1881029/ Frame 16B3 57 KB
57 KB 27ms
27ms Font
font/woff 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/1881029/86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12809638294083468348/1661867165592.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

853a8c7e34be5549a44fc541e13876f5c2838123142f527dab2265950feaeefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/12809638294083468348/1661867165592.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:13:00 GMT
x-content-type-options: nosniff
age: 850
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58447
x-xss-protection: 0
last-modified: Wed, 15 Feb 2017 10:23:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 02 Oct 2022 11:28:00 GMT

GET
H3 200 FfRQa39nZAvr1dE-0tAG9JrhPraJGrBbwHLzQGJT38Q.js Show response
pagead2.googlesyndication.com/bg/ Frame FDE1 36 KB
16 KB 24ms
23ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/FfRQa39nZAvr1dE-0tAG9JrhPraJGrBbwHLzQGJT38Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15f4506b7f67640bebd5d13ed2d006f49ae13eb6891ab05bc072f3406253dfc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 19:20:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 317179
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16034
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Sep 2023 19:20:51 GMT

GET
H3 200 l5gb-tacho_fairflat97069ca6-ba9a-458d-b518-e9e966091518.png
s0.2mdn.net/4528404/ Frame 16B3 35 KB
35 KB 35ms
34ms Image
image/png 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/l5gb-tacho_fairflat97069ca6-ba9a-458d-b518-e9e966091518.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e92131580be33adc0f7f3e63a86eb2fda7a504d599e1347cef2dba0ddb5ffa45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/12809638294083468348/index.html?e=69&leftOffset=0&topOffset=0&c=6n9Ph8lTo9&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 08:38:25 GMT
x-content-type-options: nosniff
age: 10125
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36233
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 07:14:09 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 03 Oct 2022 08:38:25 GMT

GET
H3 200 m1pxfe7f07bf-18f0-4375-9c94-23dd3a5c13e7.png
s0.2mdn.net/4528404/ Frame 16B3 157 B
188 B 34ms
33ms Image
image/png 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/m1pxfe7f07bf-18f0-4375-9c94-23dd3a5c13e7.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c32d94582973c620eee44273526d176fdbca5b8b36505c6142ed3c90c71882b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/12809638294083468348/index.html?e=69&leftOffset=0&topOffset=0&c=6n9Ph8lTo9&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 13:05:19 GMT
x-content-type-options: nosniff
age: 80511
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 157
x-xss-protection: 0
last-modified: Tue, 25 Jan 2022 13:08:41 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 02 Oct 2022 13:05:19 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 532C 13 KB
5 KB 27ms
26ms Document
text/html 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 250504
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 29 Sep 2022 13:52:06 GMT
expires: Fri, 29 Sep 2023 13:52:06 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4C2F 783 B
534 B 50ms
50ms Document
text/html 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b300b2e9e134aaa884afef098abbd1353e0b5e6c89cbfb599974a51831d74641

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-tbk5CZygAGFfCyhcX6MGVg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-tbk5CZygAGFfCyhcX6MGVg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 02 Oct 2022 11:27:10 GMT
expires: Sun, 02 Oct 2022 11:27:10 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 FfRQa39nZAvr1dE-0tAG9JrhPraJGrBbwHLzQGJT38Q.js Show response
pagead2.googlesyndication.com/bg/ Frame C4C6 36 KB
16 KB 24ms
23ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/FfRQa39nZAvr1dE-0tAG9JrhPraJGrBbwHLzQGJT38Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15f4506b7f67640bebd5d13ed2d006f49ae13eb6891ab05bc072f3406253dfc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 19:20:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 317179
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16034
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Sep 2023 19:20:51 GMT

GET
H2 200 get Show response
mv.outbrain.com/Multivac/api/ 90 KB
24 KB 928ms
928ms Script
text/javascript 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fwww.walla.co.il%2F&settings=true&recs=true&widgetJSId=AR_25&key=NANOWDGT01&version=2000902&apv=true&sig=kO6C5lSo&format=html&rand=94551&em=1&osLang=en-US&va=true&et=true&cmpStat=0&ccpaStat=0&scrW=1600&scrH=1200&t=YWY5NGIyOWE1NmE0ZDQ3MzY1Mzk2OTdiYzE1ZjgyNmY=&winW=1600&winH=1200&adblck=false&abwl=false&secured=true&feedIdx=9&lastIdx=9&lastCardIdx=0&fAB=no_abtest&dpr=1&cw=1600&darkMode=false&activeTab=true&ogn=https%3A%2F%2Fwww.walla.co.il%2F
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/2000902/module/streamFeed.js?e=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 2aaf67789593f74600077d19a0870f89d5ae777a5d4711dd40781a80cdf09ff7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-cache-hits: 0, 0
date: Sun, 02 Oct 2022 11:27:11 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, HHN, Europe1
x-timer: S1664710031.752628,VS0,VE920
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-served-by: cache-lga21934-LGA, cache-hhn4020-HHN
x-traceid: 4ddda406554796a090fb562fd29b2d4d
accept-ranges: bytes
content-length: 24087
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 l5gb-tacho_fairflat97069ca6-ba9a-458d-b518-e9e966091518.png
s0.2mdn.net/4528404/ Frame 16B3 35 KB
35 KB 26ms
26ms Image
image/png 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/l5gb-tacho_fairflat97069ca6-ba9a-458d-b518-e9e966091518.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e92131580be33adc0f7f3e63a86eb2fda7a504d599e1347cef2dba0ddb5ffa45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12809638294083468348/index.html?e=69&leftOffset=0&topOffset=0&c=6n9Ph8lTo9&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 08:38:25 GMT
x-content-type-options: nosniff
age: 10125
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36233
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 07:14:09 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 03 Oct 2022 08:38:25 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2C87 0
20 B 59ms
58ms Image
image/gif 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Brr4fjXU5Y5rgFv6-x_APtvWb4A0AAAAAOAHgBAI&bg=!RUalRgLNAAYQgTJdMIE7ACkAdvg8WnukYtQDdgL_GY3bXgIcYepUON-HJWtOrUo_ojaBJC2K7U4OWgIAAAG4UgAAAAJoAQeZAvS8oJGfmMW3HKFD3Z63AnnvOE_4rIbjqoLAgHPcEuENlv3Gum9v7CRuCJoxFGiOA8okglRm_-3rUDGHec857llOvrDyrGxJTZQYhgmCzrPlRbYisuk4JI7ubbtQz07muDoZ0E7ULSI_ng1qGL1Jhi6ImMQ54VPNGZwQ460r7MIyZP2CWNrF4fnKQ-RClKthP0nCrLuUtDGPdBXXOPLzf9tVIVrcsukGSwtJ2eBR94AMmyfVrpK4Yzgr4ZjVjuSTIt-DIFsSVRLHfYGpTyFuUtvfDoOTWzP3HwChKqsZXxIx10WGsY3JPSnoeFkeNqesDLZCEi0by4WewCU38-l0X3olGmglyI7U0NmEOc3vor_6Y140Qig5o9fXvkjjR4UroinyKizG8CWq3AbfeTB5zUqmCQz6xs8axn9vQ2AU8jcjQf-Gpxv-yVkj0BXy8vdsc3btvDd5QsVJyuhAD0FKwUWfs7ZOVtwmnB2iILaq9aBSnSQxN-UKzMC8LhQpc1jE8bVlMJMpEisfgRBvPiy3ujIDFaIe_QhWYhYxzv3i-uXKqchIHChbbTAXQIQObnHd8piEbHJLbbXVmuVRrGsUwO-vTRgxC51-egM1IsDJ3miEjwzUTjN-ei4jydY6TQg4SvjNV89ftnRb0pc4mzH9NYoDBzJ8X07YvB8bXzSSxlhko_KAUgGTS9rcwz1PRq3psyr7GyciQFAlPvlwaAaqVU3xdGnzGXhg0PzhnF2jdlAzDzu7uV0md7J-rGnIDz6XYUMhl7s8wNtuHcLGb8UF_9p7SbQhVPNE4Qvt5eeTTZqaMgHvSP3o5StK_8119Z4De6IyoIothhoViy1eVklGr1RjLjCWQAK7B1klVB2xggNYMN8sRYmUJluZGBFExOv3qfUsQi1bbQAuKQHpQdFRHp-BFXcsVmDitoYT5jaaVd9BX-z7jxMXAr2Q7KOax9hctJLTuZSXK2GpXw6ujkQfX4nUDinNR6kV3GhALP24W1NUH0RQPHw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4C2F 0
0 55ms
55ms Image
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022092701&jk=1831061958089898&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2CDF 42 B
64 B 69ms
66ms Fetch
image/gif 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstGyAZFy8ylnkO7p6Gj2Cs1Goyy_vBkRddazE9AOPUx6Z-7YsM4ckmh_5GsnFetnwF1SswOFtkYB8GI5rKe5pVIx3UWZHBKO3zsjGCY6FlBBf127LdD7ouWGgWw7mVdqiTYtmDZig&sai=AMfl-YQ4frTXKwxkaLfyeCNG-uT7022QHb68ROGqWJu30SHuNZi3t5_Uky_3cezTCy-blwsIN5s4PtYVOor3IQi6UfRjsGHNx4iqI1dnn6GGSuL4UCm4TqG4iqOYbEJdnwY&sig=Cg0ArKJSzAG8ae_KhoaqEAE&cid=CAASJeRoGsVDiShraDazuIpa_dt4j8LS-A9qZ-P5wuzViFo-pjQnhTA&id=lidar2&mcvt=1021&p=451,1558,491,1599&mtos=1021,1021,1021,1021,1021&tos=1021,0,0,0,0&v=20220928&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2273020712&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1664710029225&rpt=531&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://99ab3016137edab18224117d1c0dcbb1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 FfRQa39nZAvr1dE-0tAG9JrhPraJGrBbwHLzQGJT38Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 532C 36 KB
16 KB 23ms
22ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/FfRQa39nZAvr1dE-0tAG9JrhPraJGrBbwHLzQGJT38Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15f4506b7f67640bebd5d13ed2d006f49ae13eb6891ab05bc072f3406253dfc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 19:20:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 317179
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16034
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Sep 2023 19:20:51 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 37A8 0
20 B 58ms
58ms Image
image/gif 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B1D1WjXU5Y5jeHei4x_APstC7wAMAAAAAOAHgBAI&bg=!c3ClcDTNAAYQgTJdMIE7ACkAdvg8Wo0fCWyqDP4af07kgk-uweWbNtEp7HbTtEyRrNX4gdBrMHjUmwIAAAGfUgAAAAJoAQeZAu1EHdvwk8d_nc4T_Evew73RYq9zxlohTJkxBPytNrBfWOFqxQDCCnCQ697kVtc1VsgZERTKkyjjyIDNY4Ohv7GM6RGI7kIEnkehhE5eDLpqKd7YDITdnUeadcth_0AutMAfFupY8r0Mcl2_klLP13QjZ8j-v4HVGC-xZ6Pbun2Yz9aiGlQagCdzkj5yp6kLDeGQ5opOe3-EWivlB3oCk16f3IbDWsnQM-zzOL56OSCkHKB5fExS9GK90-TdbDWi_LvoLaBF178Zra9W4HEKgfg0G3EJYJnBJVOC5vgk8D6cKhunztPc_Qes5CTDCrrHbkRMbiCt9tBOXdT707rP6brf7ErTajsBtRbbn7mIxlXqZ0mEhyH0--E84WRbUqoGytOLDfXs2MH2HOPlJ2_RShIKGNkOXv3_kWyfporym8f96gkyGhLzYIB1DZN9Sq0SQqOlA48A2Qvpn9PWKw1QqQmzX_LxB69jX_sfcNxSJavYt6Ap5Hof7eWQq6351tlz8MjQZxHSEyrPMW4OqC7nawrXY443F681ZUpt1XeLQ2LrENWt2YHIMB5kOph_oVQ2HL1y-suUzKN-PH_ePMTRfW9e_gzx1dHr7k33ses6NfgiXql8_MfMHIALyqY5l7b0rSFSSH4r99oAt6q0JSFim0YquanhS5P2htr9D4OBoyHGW7JD2bwv_jQriN0T18jO05tEMv2FByNcgsroh-zeNxg4Q3uNvDJfcE70q31av_PfYaiefrszCOYTgQTCrAaPwpOnMvuAPxo8zJ5CUuFqrInUxV_rgWqlVbozSAnXfEMMYa5rUqqXjTopLjSMi8KbSaz6VPi1qutxrJBVP36vez7JhbTnb942zBMHk2bj1ESPds9_iJ9NbC_Qa6cNnCNSk7mcIs4phw9fB6qzAIvavAwWlwy_MBYWuPhamQaILkqI4sNb9WEdbuK_SHUAj41-CrIZgHEXznYHmQzBP3bopqd1R2ETZRQzwAps4yLRvA

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1215 0
20 B 60ms
59ms Image
image/gif 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BBsEijXU5Y_GHHei4x_APstC7wAMAAAAAOAHgBAI&bg=!VValVhLNAAYQgTJdMIE7ACkAdvg8Wkd64nMEnYj5ZlFQtX3R88FhNFJI-P3sM_MshN4jQFaDo01nVQIAAAGbUgAAAAJoAQeZAv40-irhXTcWpgcL1HNO4z42fdaXIkw19zOXfPFvbIHLIFSPisKFiqzaibKJUtIXmb_nhG1pBK67FPi2ZWXrId9-n8RWjnNXZJA5bCaTY0VEYmL8JcjxikZCK6FOJHXeAIz2o9SYrcbd7Vn1P5mAaukltgNjn8-ZcnGw0mY9ZBi_rMkG0yhcPDzKRGyLJCII-OXovp0RnyXGqXt-HNXp6vRFuaBX5uNbjp_DDCWZBcmPRuH7TTIhLJfhdvhoxG2rKAwxNROb53pwn2eSxW2YlUksIwZxBWcTbbJLwxSkGdMrEOd7nqoYvJcWKR-XjPLTCB75thavrlkTLBYlTMTrhwYyzPNP4wW9O2AMgKyxSzjgiKXgZEwiPUG_ETCObliA_oVnRP6xBF6yO40JiTBjF1uhO0NdcagRY5U1iJEv43-Ywk72gpcSmwUubnl8y4utGce1OE7Jkkw34oMW3xl6sexJoXcq0WV7aTWchO6v5DEZHDI07UlQAS6KQZ_w9A6aw7sHRXSwntXW4_TO7gsNr6Hv3OOE90p-k0F1PLvV68wGYeMwrW4FPuOOXk9To7wstbJCJTAd2l1Y1oCSIlmP8VxH_P1pv2L-5v_ZJSfkX65V3yy3fnXaDl13XAeKQ2W60H4xHxml3fEvUGJRMsiYRUmXKv4j95RO-gU3B5LKHTfjm0HJajOgi_gkiolIenwUe5D2tek8KRc3EpgrgO-aUX4bzJZspBHFd_DsPDoYbKzYDxxza5ynUSNCdH4NIfMEJcrD_6wOtuKDWLa7puQxUlohHDF2NZu9LP9MrhEAN43-Pv5Gev9_2OEDe_93AJrHVixbjIwlzUqMI0tlMzCdVO759-i5Z05-f-I54QVrjNm6MrbGjI_Xx5eEMSfC1MK1moq4TEEIaxUe6VjhQd_9q68ukouLqxzCj_ulqH14DCEvTOPh3qUHo5I3e-WHGg0bO6Td7SqWurGEI8cCukG8Qp13VmEEudXX7THj6KT5DCELcbX4KRogsDlJqfaDnp5R

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 publishertag.prebid.123.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 31ms
30ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.123.js

Requested by

Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1664668800000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:27:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 03 May 2022 11:21:03 GMT
server: nginx
etag: W/"6271101f-15b58"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 03 Oct 2022 11:27:11 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 532C 0
10 B 26ms
26ms Image
text/plain 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?uPMHHA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:27:11 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame DA35 15 KB
6 KB 58ms
25ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.walla.co.il

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

639785aa0d683a5d24bcbe96629d8d07fd8eefd12499bd97606e65f9373a5112

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 02 Oct 2022 11:27:10 GMT
server: Kestrel
server-processing-duration-in-ticks: 1021668
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 88 KB
29 KB 58ms
25ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:27:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Sat, 17 Sep 2022 19:59:55 GMT
server: nginx
etag: W/"6326273b-16120"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 03 Oct 2022 11:27:11 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame DA35
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=walla.co.il&sn=ChromeSyncframe&so=0&topUrl=www.walla.co.il&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=imRsPnxJQU80VHVzMXNkbmtOZmlZL2NUUUJjaUxwcXA5ZFo1b3M1cG5oY2tBM2o2VUd2dE1lRHFrVk1XNU1uQ3FINWVYcjlOc0tVMVVTVU1nOUkvOFNrSUZiSFN6bGFVbW1PQmlXRXQ4bU0raWdrdWJKUkxOcmxwUERIOT...

465 B
664 B

161ms
20ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=imRsPnxJQU80VHVzMXNkbmtOZmlZL2NUUUJjaUxwcXA5ZFo1b3M1cG5oY2tBM2o2VUd2dE1lRHFrVk1XNU1uQ3FINWVYcjlOc0tVMVVTVU1nOUkvOFNrSUZiSFN6bGFVbW1PQmlXRXQ4bU0raWdrdWJKUkxOcmxwUERIOTU3TUoxbHYrcUdMbnpSVE9wMjdnVjJ1SllOV1V1R0YwOGdlV3FBc3pITWhrN2gxR3d2cWFDY3NJN1VCS25sc0d5MnBXT2tOUzNPc2RLeXpLcHhqWURPV1Vhb0UvdVNLc0pZbkNZUGtnV3B3TnJEK3hJdlVWaFo4NHBLeHBJRys3Q2lXUXF6MlVjejhNQUM5di9RSlJUbUFvZEl0VFZORURZQlliSnpRMS9xdnplVTZJaHk4OD18&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

1e9ef0b06a52bec8d05c14c0860ab6a2874c187b083aec6f356109619cbd23d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:10 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 3234351
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:10 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=imRsPnxJQU80VHVzMXNkbmtOZmlZL2NUUUJjaUxwcXA5ZFo1b3M1cG5oY2tBM2o2VUd2dE1lRHFrVk1XNU1uQ3FINWVYcjlOc0tVMVVTVU1nOUkvOFNrSUZiSFN6bGFVbW1PQmlXRXQ4bU0raWdrdWJKUkxOcmxwUERIOTU3TUoxbHYrcUdMbnpSVE9wMjdnVjJ1SllOV1V1R0YwOGdlV3FBc3pITWhrN2gxR3d2cWFDY3NJN1VCS25sc0d5MnBXT2tOUzNPc2RLeXpLcHhqWURPV1Vhb0UvdVNLc0pZbkNZUGtnV3B3TnJEK3hJdlVWaFo4NHBLeHBJRys3Q2lXUXF6MlVjejhNQUM5di9RSlJUbUFvZEl0VFZORURZQlliSnpRMS9xdnplVTZJaHk4OD18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 714785
content-length: 0
expires: 0

GET
H3 200 cta_arrow.png
s0.2mdn.net/sadbundle/10569509255970124420/160x600-English/ Frame 6177 167 B
202 B 27ms
27ms Image
image/png 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10569509255970124420/160x600-English/cta_arrow.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c68ab9bd07a8b529be4b91d29f7370da54270189b14d2e5cacf76c0ffdef7bcd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10569509255970124420/160x600-English/index.html?e=69&leftOffset=0&topOffset=0&c=w5nNTJTlSZ&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 23:10:52 GMT
x-content-type-options: nosniff
age: 216979
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 167
x-xss-protection: 0
last-modified: Tue, 15 Feb 2022 17:43:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 29 Sep 2023 23:10:52 GMT

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.walla.co.il%2F&domain=www.walla.co.il&cw=1&pbt=1&lsw=1
https://mug.criteo.com/sid?cpp=JkYysHwwVjR1Q2o3eS9jZnV6Ykh3U05uY2lEQk41NVpwZnFqVHNXczlFZ2VkMWhFMndsZXlxak5xL2ZtN213dHdZcGVSUzBPb2YwQ3d2R0tLL3F3V0dvTHV5c3N5cWJMSm1wWFpDRDUvUm4zYVNmNUZRdWR6WFlQOE4yN3...

429 B
698 B

17ms
16ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=JkYysHwwVjR1Q2o3eS9jZnV6Ykh3U05uY2lEQk41NVpwZnFqVHNXczlFZ2VkMWhFMndsZXlxak5xL2ZtN213dHdZcGVSUzBPb2YwQ3d2R0tLL3F3V0dvTHV5c3N5cWJMSm1wWFpDRDUvUm4zYVNmNUZRdWR6WFlQOE4yN3JsS3RjNkliTmxZczU1VHBOODlyZmxXV00zNm0xRFRpcVpGbFJsYmRhK2hUa1ExWmVwL0VNWDJuNklrNS9oYlUxaE5CK3A2ZVJ4Sm1aZUFCdnVCSE5Uck83YTg4MjRRc1FMZ3JKMWM0L2JCM0NsZUs1Y1VqQmtxNlM1emFKSll0L00ybm9jUGdPU0RKWTV6UVByc000M2NlZFFPRmRLQy93UnZzakM0MnRRd01SOGI2N0RBTT18&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

60422e72286ea6bb8fabf8f81ed49d0ec39ddbbac9f8deab2a2accddb961bace

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:12 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1847312
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:11 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-methods: GET
location: https://mug.criteo.com/sid?cpp=JkYysHwwVjR1Q2o3eS9jZnV6Ykh3U05uY2lEQk41NVpwZnFqVHNXczlFZ2VkMWhFMndsZXlxak5xL2ZtN213dHdZcGVSUzBPb2YwQ3d2R0tLL3F3V0dvTHV5c3N5cWJMSm1wWFpDRDUvUm4zYVNmNUZRdWR6WFlQOE4yN3JsS3RjNkliTmxZczU1VHBOODlyZmxXV00zNm0xRFRpcVpGbFJsYmRhK2hUa1ExWmVwL0VNWDJuNklrNS9oYlUxaE5CK3A2ZVJ4Sm1aZUFCdnVCSE5Uck83YTg4MjRRc1FMZ3JKMWM0L2JCM0NsZUs1Y1VqQmtxNlM1emFKSll0L00ybm9jUGdPU0RKWTV6UVByc000M2NlZFFPRmRLQy93UnZzakM0MnRRd01SOGI2N0RBTT18&cppv=2
access-control-allow-origin: https://www.walla.co.il
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 610947
content-length: 0
expires: 0

GET
H2 204 /
onetag-sys.com/usync/ Frame BD26 0
0 9ms
8ms Document
text/plain 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1664710028275

Requested by

Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1664668800000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame B09F 281 B
554 B 90ms
20ms Document
text/html 92.123.9.160
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1664668800000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.9.160 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-9-160.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 02 Oct 2022 11:27:12 GMT
ETag: "40014-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 97BD 3 KB
2 KB 112ms
18ms Document
text/html 184.51.9.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1664668800000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.98 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-98.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1387
Content-Type: text/html; charset=UTF-8
Date: Sun, 02 Oct 2022 11:27:12 GMT
ETag: "e20015-b68-5e4a60c97afb7"
Last-Modified: Mon, 25 Jul 2022 19:18:30 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server: Apache
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 89F4 52 KB
17 KB 63ms
10ms Document
text/html 23.35.228.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1664668800000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.228.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-228-188.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sun, 02 Oct 2022 11:27:12 GMT
ETag: "623de86a-cf34"
Expires: Mon, 03 Oct 2022 11:27:14 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Unused62: 8096267
Vary: Accept-Encoding

GET
H2 200 sync Show response
eb2.3lift.com/ Frame 43B5 37 B
139 B 9ms
8ms Document
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1664668800000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Sun, 02 Oct 2022 11:27:12 GMT

GET
H3 200 pd Show response
u.openx.net/w/1.0/ Frame DC09 0
35 B 29ms
20ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1664668800000
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Sun, 02 Oct 2022 11:27:12 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame F6A4 52 KB
17 KB 66ms
17ms Document
text/html 23.35.228.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1664668800000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.228.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-228-188.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sun, 02 Oct 2022 11:27:12 GMT
ETag: "623de86a-cf34"
Expires: Mon, 03 Oct 2022 11:27:14 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Unused62: 8096267
Vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 2599 15 KB
6 KB 8ms
7ms Document
text/html 23.35.228.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1664668800000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.228.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-228-201.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=78148
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Sun, 02 Oct 2022 11:27:12 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Mon, 03 Oct 2022 09:09:40 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache/2.2.15 (CentOS)
unused62: 8096267
vary: Accept-Encoding

GET
H2 200 / Show response
csync.smilewanted.com/ Frame 03DE 6 KB
2 KB 48ms
47ms Document
text/html 104.18.24.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1664668800000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.121 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ba2fa3bc64e7657479481c09e747bf1e331a3ebaa396865c8ad988db483fc87

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 753d16662a61910c-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 02 Oct 2022 11:27:12 GMT
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK prebid
b1h-euc1.zemanta.com/usersync/ 26 B
151 B 13ms
13ms Image
image/gif 213.227.153.221
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b1h-euc1.zemanta.com/usersync/prebid
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.227.153.221 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: v182.ce14.ams-01.nl.leaseweb.net
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Sun, 02 Oct 2022 11:27:11 GMT
Connection: keep-alive
Content-Length: 26
Content-Type: image/gif

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 58ms
57ms Image
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022092701&jk=1831061958089898&bg=!ysmlyY3NAAYQgTJdMIE7ACkAdvg8WqvNdipq1oGFzEI9lw4eHfkcSs98zGf4EBwj9HXP5BZLNefjVAIAAACJUgAAAAJoAQeZAp7xmO8TZTFnQeYXBWHNTZX4xdqCZuFqLxCsflGTA_MsAqpkvulUeEpv9cXCbfcJkV6nGbCw5fW_krCNHrjDGI-Ml5lxEis_nIWuP1eTVz_k8gx24JoPYUrbd_64euH-UdTdXwUZG1QVqsGqPpbHPzdpAY02ck0qHpAN8gDaikuy0crGsNYYXyPt5soMzio8DPJVUSih8V5b9jdL1wP8PL-IWI8Tv79K94jPJJAgnKc7z4KCmmrjSEW50Zt2CRHClmn4tqsQgyilN6Tz3NuncKsgsZEv-eMsEZ3xCLRff-7r4vOajF3uHuardQApfcQM2PAqaGF5u8O-Km09aGy21e3wSQpXKWLfrtFInDtwYRRYzCbKrLIDx6cgn_jCy98LNSs67Q0UjgntXvfYLZPzRmDymMDliqCoVzXBADbMIjGUsKJU-UYhWg2izVbQiRQLvm-pD22hjofkriW7q_xNFtJk1uXhAOKvMeTw7JWFw3Zi__fagwOVWFObxyLLuwor4Xo-R-ma0hZ1CwcrJb7j9cqgLQUewG2TCRk5QxbMKIgTgiTQT8M6AUo47KHViLRV3gmSJ9jG2Tj4_MEE6ITn_ukxuvkxZkwwRByzeo2zkHxEzQMSkYeukNiJ9h3X7BrLnxs6dleGQq08WLJv2SaTtz7VjgRzo4C1Ak0HNySNl9zouzR0E87PcgP8kfDmX5l-Lr5DT6t9O-w8T4sZB164su9wKvIUWF_nIVfOasZKEKagSeC9GXUl5v04whuxZnlH5t_wQ4VLaKXOWNxxmUcOnKZqz9Neihu7gd-vdMZByluj819cG7HK2oDS4eN6tMANxJvkDKTU3Kfc2rFCWBe3m-2A3U3khSoRKgDdl0tLyA9_N9k7lZ6oU_SJUxDoZlVX
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 42ms
14ms Preflight
application/json 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.walla.co.il%2F&domain=www.walla.co.il&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.walla.co.il
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.walla.co.il
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sun, 02 Oct 2022 11:27:11 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 577262
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 46ms
17ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sun, 02 Oct 2022 11:27:11 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 426003
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 2599 2 KB
2 KB 20ms
18ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=58439774&p=160447&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 15cd973356f3b4ae1eb36d16341bffb2c4b4bc13666850762b91d9bed5db6e24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Sun, 02 Oct 2022 11:27:11 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame B09F 31 KB
10 KB 20ms
19ms Script
text/html 92.123.9.160
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.9.160 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-9-160.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: d71bfc0d1a5784aeda48917a7c7d2aa2c77d37ec0657b23a858a91d7280d881a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Sun, 02 Oct 2022 11:27:12 GMT
Content-Encoding: gzip
Last-Modified: Thu, 15 Sep 2022 22:38:47 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=11089
Connection: keep-alive
Content-Length: 9422
Expires: Sun, 02 Oct 2022 14:32:01 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 89F4 0
745 B 12ms
11ms Script
text/html 37.252.173.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 02 Oct 2022 11:27:12 GMT
AN-X-Request-Uuid: e8b99f3b-0f21-485a-9ba0-68512a7bb108
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 138.199.38.132; 138.199.38.132; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame F6A4 0
745 B 7ms
7ms Script
text/html 37.252.173.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 02 Oct 2022 11:27:12 GMT
AN-X-Request-Uuid: 5fff0d41-0f81-472a-8336-4635366f1a61
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 138.199.38.132; 138.199.38.132; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 usermatch Show response
ssum-sec.casalemedia.com/ Frame FD0A 1 KB
1 KB 40ms
38ms Document
text/html 104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9786a54e9462227d63b9a4506bc36a2a17cf03771330acf29e86ba1d19bc9c3f

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 753d16674da2bba3-FRA
content-encoding: br
content-type: text/html
date: Sun, 02 Oct 2022 11:27:12 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SDmD2mDYZeKyfXibjuK7VvmW9ZQdaUODcyD1LjlXent4uCtdoIEwDevM8FoDpFZou5Xs6YeIex56D6bWYMAw7v0PUjsN3KnwRe6WuntQ22NIpm2tjhdRcsqEUmVipB4kmW7HooCB2mLQ7g%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 decode_consent.js Show response
static.smilewanted.com/js/decode_consent/ Frame 03DE 48 KB
12 KB 34ms
32ms Script
application/javascript 104.18.24.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.smilewanted.com/js/decode_consent/decode_consent.js

Requested by

Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.24.121 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://csync.smilewanted.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:27:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 156443
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Thu, 15 Apr 2021 17:11:55 GMT
server: cloudflare
etag: W/"607873db-c1ce"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=315360000
cf-ray: 753d16674c64910c-FRA
expires: Wed, 29 Sep 2032 11:27:12 GMT

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 07AC
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7149875131891710105

0
74 B

19ms
18ms

Document
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7149875131891710105
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 02 Oct 2022 11:27:12 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Date: Sun, 02 Oct 2022 11:27:12 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7149875131891710105
Server: nginx
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 503 b9pj45k4 Show response
sync-tm.everesttech.net/upi/pid/ Frame BA9E 0
83 B 19ms
7ms Document
text/plain 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: no-cache
content-length: 0
date: Sun, 02 Oct 2022 11:27:12 GMT
pragma: no-cache
retry-after: 0
server: Varnish
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-hhn4026-HHN
x-timer: S1664710033.545926,VS0,VE0

GET
H/1.1

200
OK

redir Show response
rtb-csync.smartadserver.com/ Frame 2E66
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFJc0JrN0djdXNBQUI5cE9YNnNsZw&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAK1IE7GcusAAB4UALaRQQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_curre...

43 B
163 B

58ms
17ms

Document
image/gif

185.86.139.106
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAK1IE7GcusAAB4UALaRQQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.106 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-type: image/gif
date: Sun, 02 Oct 2022 11:27:12 GMT
transfer-encoding: chunked

Redirect headers

Connection: keep-alive
Content-Length: 0
Date: Sun, 02 Oct 2022 11:27:12 GMT
Server: gunicorn
location: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAK1IE7GcusAAB4UALaRQQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID
strict-transport-security: max-age=2592000; includeSubDomains

GET
H2

200

Artemis
aud.pubmatic.com/AdServer/ Frame 2599
Redirect Chain

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=ABA4E9BE-9366-46AF-8704-5C27B54DA2E6&gdpr=
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=ABA4E9BE-9366-46AF-8704-5C27B54DA2E6&gdpr=&fbounce=1
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=ABA4E9BE-9366-46AF-8704-5C27B54DA2E6&addseg=19,36,42

0
0

96ms
13ms

Image
application/json

185.64.189.229
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=ABA4E9BE-9366-46AF-8704-5C27B54DA2E6&addseg=19,36,42
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol: H2
Server: 185.64.189.229 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Redirect headers

date: Sun, 02 Oct 2022 11:27:12 GMT
via: 1.1 google
content-type: text/html; charset=utf-8
location: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=ABA4E9BE-9366-46AF-8704-5C27B54DA2E6&addseg=19,36,42
p3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141

GET
H/1.1

200
OK

info2
uipglob.semasio.net/pubmatic/1/ Frame 2599
Redirect Chain

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=ABA4E9BE-9366-46AF-8704-5C27B54DA2E6&sInitiator=external&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=ABA4E9BE-9366-46AF-8704-5C27B54DA2E6&sInitiator=external&gdpr=0&gdpr_consent=

42 B
603 B

32ms
31ms

Image
image/gif

77.243.60.138
NETIC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=ABA4E9BE-9366-46AF-8704-5C27B54DA2E6&sInitiator=external&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol: HTTP/1.1
Server: 77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:12 GMT
frontend-id: 5
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type: image/gif
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin: *
content-length: 42
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:12 GMT
frontend-id: 6
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location: /pubmatic/1/info2?sType=sync&sExtCookieId=ABA4E9BE-9366-46AF-8704-5C27B54DA2E6&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin: *
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H2 200 mw
mwzeom.zeotap.com/ Frame 2599 95 B
382 B 63ms
28ms Image
image/png 2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=ABA4E9BE-9366-46AF-8704-5C27B54DA2E6
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:27:12 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 753d16679e9bbbfb-FRA
access-control-allow-headers: *
content-length: 95

GET
H/1.1

200

p
a.audrte.com/ Frame 2599
Redirect Chain

https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=ABA4E9BE-9366-46AF-8704-5C27B54DA2E6
https://a.audrte.com/p

68 B
424 B

102ms
101ms

Image
image/png

54.175.220.103
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.audrte.com/p
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol: HTTP/1.1
Server: 54.175.220.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-175-220-103.compute-1.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Sun, 02 Oct 2022 11:27:13 GMT
Server: nginx/1.18.0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 68

Redirect headers

Date: Sun, 02 Oct 2022 11:27:12 GMT
Server: nginx/1.18.0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *
Location: https://a.audrte.com:443/p
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 2599
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=7f7495f7-28fe-461f-8799-6a5d3797d4e7&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
https://x.bidswitch.net/sync?dsp_id=283&user_id=893557d6-b9d6-4d6f-a623-814a7dbefb72&expires=1&user_group=5&ssp=pubmatic&bsw_param=7f7495f7-28fe-461f-8799-6a5d3797d4e7
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=7f7495f7-28fe-461f-8799-6a5d3797d4e7&gdpr=&gdpr_consent=&gdpr_pd=

0
74 B

20ms
18ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=7f7495f7-28fe-461f-8799-6a5d3797d4e7&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Sun, 02 Oct 2022 11:27:12 GMT
cache-control: no-store, no-cache, private
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=7f7495f7-28fe-461f-8799-6a5d3797d4e7&gdpr=&gdpr_consent=&gdpr_pd=
Date: Sun, 02 Oct 2022 11:27:12 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2 204 current
pubmatic-match.dotomi.com/match/bounce/ Frame 2599 0
103 B 168ms
14ms Image
text/plain 2a02:fa8:8806:20::2040
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=ABA4E9BE-9366-46AF-8704-5C27B54DA2E6&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2040 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:12 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2 200 ABA4E9BE-9366-46AF-8704-5C27B54DA2E6
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 2599 43 B
602 B 44ms
40ms Image
image/gif 2a05:d018:d29:3605:81f0:8432:14d1:181d
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/ABA4E9BE-9366-46AF-8704-5C27B54DA2E6?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3605:81f0:8432:14d1:181d Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:27:12 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 2599
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=ABA4E9BE-9366-46AF-8704-5C27B54DA2E6&redir=true&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-aExPBbRE2uXMzkKsfXtaHetFxBdTgKY-~A&gdpr=0&gdpr_consent=

0
47 B

13ms
12ms

Image
text/plain

198.47.127.20
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-aExPBbRE2uXMzkKsfXtaHetFxBdTgKY-~A&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol: H2
Server: 198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:27:12 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-aExPBbRE2uXMzkKsfXtaHetFxBdTgKY-~A&gdpr=0&gdpr_consent=
date: Sun, 02 Oct 2022 11:27:12 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 2599
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=b07c91c4-cec4-46f1-bf30-0505b25c986b-6339758e-5858&gdpr=0&gdpr_consent=

0
74 B

13ms
13ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=b07c91c4-cec4-46f1-bf30-0505b25c986b-6339758e-5858&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Sun, 02 Oct 2022 11:27:10 GMT
cache-control: no-store, no-cache, private
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:12 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=b07c91c4-cec4-46f1-bf30-0505b25c986b-6339758e-5858&gdpr=0&gdpr_consent=
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 2599
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3799589737759135567&gdpr=0&gdpr_consent=&us_privacy=

0
74 B

18ms
18ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3799589737759135567&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Sun, 02 Oct 2022 11:27:12 GMT
cache-control: no-store, no-cache, private
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3799589737759135567&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Sun, 02 Oct 2022 11:27:11 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 2599
Redirect Chain

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:ed7c7830-a26f-4511-87fb-fa86ada9ead6&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

0
74 B

18ms
18ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:ed7c7830-a26f-4511-87fb-fa86ada9ead6&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Sun, 02 Oct 2022 11:27:12 GMT
cache-control: no-store, no-cache, private
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:ed7c7830-a26f-4511-87fb-fa86ada9ead6&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date: Sun, 02 Oct 2022 11:27:12 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame FD0A
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yzl1jET6kH7tABQbQ_Cl4QAABJoAAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yzl1jET6kH7tABQbQ_Cl4QAABJoAAAIB&dcc=t

43 B
855 B

106ms
105ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yzl1jET6kH7tABQbQ_Cl4QAABJoAAAIB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 02 Oct 2022 11:27:13 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: T8K99HZCD27T233RB8D3
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 02 Oct 2022 11:27:12 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: Z78MDPGCT8J24ER1NY1N
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yzl1jET6kH7tABQbQ_Cl4QAABJoAAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame FD0A 70 B
264 B 32ms
32ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 02 Oct 2022 11:27:12 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

usermatchredir
ssum-sec.casalemedia.com/ Frame FD0A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yzl1jET6kH7tABQbQ_Cl4QAABJoAAAIB&gdpr_consent=&us_privacy=&gdpr=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEHOowOi1ef0QI5teBzLTMCs&google_cver=1

43 B
841 B

44ms
43ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEHOowOi1ef0QI5teBzLTMCs&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:12 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WIeR1yHORvliNi%2FKitUqufJw4bQKkjIfuOAdBdn5m19kksb21yFKUtdMiQCJ%2FwzJ6pCTTe2m3Fuxbsl0LIcH%2F6LtJ0jOdyl6BNnX0Z2TNrO4CJIDXW0vxvAgCSPYIZYAW7f0sGpxlcaIPw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 753d1667cefcbba3-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:12 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEHOowOi1ef0QI5teBzLTMCs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 342
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame FD0A
Redirect Chain

https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7541192142968515385

43 B
840 B

46ms
44ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7541192142968515385
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:12 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qcVfA9iMEFPBdG2x34nD4u8U%2Fj1CL8udX3WqWlvHIxrcH3QyqAoDw0vAqXcK2IGSevs%2BsulHHMB9Jc38v5VgFK6nUC8u0OkuucvDr8xs3qXFYZsSZui782Y1rQJ6DDlZDcqEKPCaaWPJUg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 753d16682e8cbbdd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

Pragma: no-cache
Date: Sun, 02 Oct 2022 11:27:12 GMT
AN-X-Request-Uuid: c1559599-5051-490e-b920-0960691b0bd1
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7541192142968515385
Connection: keep-alive
X-Proxy-Origin: 138.199.38.132; 138.199.38.132; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame FD0A
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=29
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=6653584868059426744&expiration=1665919632

43 B
839 B

69ms
68ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=6653584868059426744&expiration=1665919632
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:12 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OLPlSGadKKeukV9ePKeDfOhfgf086ykqoes%2Fy5FfGiyEA81Ub4yNUQH3MPFP7PaG%2BDpz7b1zg4SgtvIHLoIRF9Sv5nE3siL2xd30XL0GGted15Ozye3EL1pxupowTwx4ksKK6eGiX76N6w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 753d1667cd95bbdd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=6653584868059426744&expiration=1665919632
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame FD0A
Redirect Chain

https://ad.turn.com/r/cs?pid=21
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3799589737759135567

43 B
844 B

53ms
52ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3799589737759135567
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:12 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zB%2BwY3x%2B%2BvRa%2FjzRlzbR5jIXsOtq85dUVN3bzcVa5fbeYuZttUggMPHUlyePd17SIHGnVOxuFX8dV42%2B1NPYLAmqwSIw0J3d10JqCM464DfIeVQJCTJbz98BFp7iViTy5Ec8DVC6L6J1Ag%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 753d1667cd80bbdd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3799589737759135567
pragma: no-cache
date: Sun, 02 Oct 2022 11:27:11 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame FD0A
Redirect Chain

https://match.prod.bidr.io/cookie-sync/ie
https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAK1IE7GcusAAB4UALaRQQ&expiration=1665919632

43 B
845 B

61ms
61ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAK1IE7GcusAAB4UALaRQQ&expiration=1665919632
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:12 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TMac7pGUwpqkjFgn6828j3TPvwgsm037FBHDnpbvMLAUPWw4Q3PD%2FnQm%2BlZ2Ru6krzlIiFwP9oyqHyPxRBZH%2BFvHwdkWNyn0369fuaozZAe3PUJ0mbiTLLsg6gh%2F%2BBKzGCRYYFAlWb14cg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 753d1668a825bbdd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAK1IE7GcusAAB4UALaRQQ&expiration=1665919632
Date: Sun, 02 Oct 2022 11:27:12 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H2 200 tp_out
d.adroll.com/cm/index/ Frame FD0A 42 B
181 B 133ms
32ms Image
image/gif 34.240.197.120
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.240.197.120 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-240-197-120.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:27:12 GMT
cache-control: no-transform,public,max-age=300,s-maxage=900
server: nginx/1.20.0
content-length: 42
vary: Cookie
content-type: image/gif

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame FD0A 43 B
352 B 92ms
21ms Image
image/gif 2606:4700::6812:d4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?Yzl1jET6kH7tABQbQ-Cl4QAA%261178
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:27:12 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 248
etag: "da1f1d-2b-546dc3a097100"
vary: Accept-Encoding
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 753d16681daa9957-FRA
content-length: 43
expires: Sun, 02 Oct 2022 15:27:12 GMT

GET
H2 200 drop_cookie_sw.php Show response
csync.smilewanted.com/ Frame 6257 0
605 B 45ms
39ms Document
text/html 104.18.24.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/drop_cookie_sw.php
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.121 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 753d1667cd49910c-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 02 Oct 2022 11:27:12 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2 204 v1
match.sharethrough.com/universal/ Frame 088E 0
0 27ms
8ms Document
text/plain 18.198.13.189
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.13.189 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-13-189.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

date: Sun, 02 Oct 2022 11:27:12 GMT

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame B09F 70 B
264 B 38ms
32ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 02 Oct 2022 11:27:12 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B09F
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=N2NjNWI2MTExODNiZDQ1YmY5OTk1ZWE2MWU3MDE5Zjg1ZGRiMTNlZg

170 B
188 B

19ms
18ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=N2NjNWI2MTExODNiZDQ1YmY5OTk1ZWE2MWU3MDE5Zjg1ZGRiMTNlZg

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=N2NjNWI2MTExODNiZDQ1YmY5OTk1ZWE2MWU3MDE5Zjg1ZGRiMTNlZg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B09F
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhSOURBSUQtMU4tR0RIUA==

170 B
188 B

21ms
19ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhSOURBSUQtMU4tR0RIUA==

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhSOURBSUQtMU4tR0RIUA==
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame B09F
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/kUgNp0GwC0r6XojBzvQHk8n5EUdSAgOZEtemQ7w0kco?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4708496660135880586

0
239 B

9ms
9ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4708496660135880586
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Sun, 02 Oct 2022 11:27:12 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4708496660135880586
content-length: 0

GET
H2

200

setuid
px.ads.linkedin.com/ Frame B09F
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8R9DAID-1N-GDHP

0
704 B

207ms
185ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8R9DAID-1N-GDHP
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 11:27:12 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: AFAC0B9C2F104043B0DA1AA1B9B5D341 Ref B: FRAEDGE1309 Ref C: 2022-10-02T11:27:12Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXqC4Io+gsS41e1kMDCeA==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8R9DAID-1N-GDHP
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame B09F
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=5xhqUaOyRPGUwrES2Fn5hQ&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=5xhqUaOyRPGUwrES2Fn5hQ

43 B
720 B

107ms
106ms

Image
image/gif

52.95.115.255
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=5xhqUaOyRPGUwrES2Fn5hQ

Protocol

HTTP/1.1

Server

52.95.115.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 02 Oct 2022 11:27:13 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: H30WSYNHFE2FH6GMDE90
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=5xhqUaOyRPGUwrES2Fn5hQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame B09F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECHpEt1BRtNU9_lH5079Xhg&google_cver=1

0
239 B

11ms
9ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECHpEt1BRtNU9_lH5079Xhg&google_cver=1
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Sun, 02 Oct 2022 11:27:12 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECHpEt1BRtNU9_lH5079Xhg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame B09F
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=35Ny0QHjSKWtUEnTA7fw3g&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=35Ny0QHjSKWtUEnTA7fw3g

43 B
479 B

103ms
102ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=35Ny0QHjSKWtUEnTA7fw3g

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 02 Oct 2022 11:27:13 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: GZF11PWAP4VTD3F02DKT
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=35Ny0QHjSKWtUEnTA7fw3g
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

setuid Show response
ib.adnxs.com/prebid/ Frame 9D9B
Redirect Chain

https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%...
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=8b0dd08cb2e7c58df73197de7d9c1554

43 B
1 KB

16ms
16ms

Document
image/gif

37.252.173.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=8b0dd08cb2e7c58df73197de7d9c1554

Requested by

Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

AN-X-Request-Uuid: f675ee64-a57b-435d-a833-e04de4c0e310
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Sun, 02 Oct 2022 11:27:12 GMT
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma: no-cache
Server: nginx/1.21.3
X-Proxy-Origin: 138.199.38.132; 138.199.38.132; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 753d16682e05910c-FRA
content-type: text/html; charset=UTF-8
date: Sun, 02 Oct 2022 11:27:12 GMT
location: https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=8b0dd08cb2e7c58df73197de7d9c1554
server: cloudflare

GET
H3 200 connectmyusers.php Show response
cdn.connectad.io/ Frame 554A 1 KB
834 B 55ms
40ms Document
text/html 2606:4700:10::6816:36ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 753d16688df1694b-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 02 Oct 2022 11:27:12 GMT
server: cloudflare

GET
H/1.1

200
OK

getuid Show response
sync.smartadserver.com/ Frame 6596
Redirect Chain

https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]
https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1

0
75 B

17ms
17ms

Document
text/plain

185.86.139.115
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.115 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
date: Sun, 02 Oct 2022 11:27:12 GMT

Redirect headers

cache-control: no-cache,no-store
content-length: 0
date: Sun, 02 Oct 2022 11:27:11 GMT
location: https://sync.smartadserver.com:443/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
pragma: no-cache

GET
H3 204 1
sync-eu.connectad.io/syncer/ Frame 8090 0
0 35ms
35ms Document
text/plain 2606:4700:10::6816:36ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by: Host: cdn.connectad.io
URL: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://cdn.connectad.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 753d1668eebb694b-FRA
date: Sun, 02 Oct 2022 11:27:12 GMT
server: cloudflare
via: 1.1 google

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame F904 0
0 13ms
12ms Document
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache,no-store,must-revalidate
Content-Type: image/gif
Expires: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
X-RPHost: 66ef90d06496cfd000aab8206f2b6221

GET
H2

200

2934a194-4245-11ed-87cf-13ae17dc0306 Show response
csync.smilewanted.com/set_partner_userid_get/spotx/ Frame 75B0
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID&__user_check__=1&sync_id=2934a1f7-4245-11ed-87cf-13ae17dc0306
https://csync.smilewanted.com/set_partner_userid_get/spotx/2934a194-4245-11ed-87cf-13ae17dc0306

0
648 B

37ms
37ms

Document
text/html

104.18.24.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/spotx/2934a194-4245-11ed-87cf-13ae17dc0306
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.121 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 753d166a6a1d910c-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 02 Oct 2022 11:27:13 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection: keep-alive
Content-Length: 0
Content-Type: text/plain
Date: Sun, 02 Oct 2022 11:27:13 GMT
Location: https://csync.smilewanted.com/set_partner_userid_get/spotx/2934a194-4245-11ed-87cf-13ae17dc0306
Server: nginx
X-fe: 140

GET
H2

200

/ Show response
csync.smilewanted.com/set_partner_userid_get/outbrain/ Frame 169F
Redirect Chain

https://b1sync.zemanta.com/usersync/smilewanted?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Foutbrain%2F__ZUID__
https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0

0
80 B

61ms
61ms

Document
text/html

104.18.24.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.121 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 753d166e48f9910c-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 02 Oct 2022 11:27:13 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 92
Content-Type: text/html; charset=utf-8
Date: Sun, 02 Oct 2022 11:27:13 GMT
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Location: https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
Pragma: no-cache

GET
H2 204 /
csync.loopme.me/ Frame 0C06 0
0 110ms
74ms Document
text/plain 2606:4700::6813:ad6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.loopme.me/?redirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Floopme%2F%7Bdevice_id%7D&gdpr=0&gdpr_consent=
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:ad6c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 753d166a285f5c2c-FRA
date: Sun, 02 Oct 2022 11:27:13 GMT
server: cloudflare

GET
H2

200

y-zzV9z2NE2uHwOQX1fZSHsTqib_8Z6YtDNlmu9Pc-~A&gdpr=0&gdpr_consent= Show response
csync.smilewanted.com/set_partner_userid_get/yahoo/ Frame 232E
Redirect Chain

https://ups.analytics.yahoo.com/ups/58618/occ?gdpr=0&gdpr_consent=
https://csync.smilewanted.com/set_partner_userid_get/yahoo/y-zzV9z2NE2uHwOQX1fZSHsTqib_8Z6YtDNlmu9Pc-~A&gdpr=0&gdpr_consent=

0
880 B

42ms
42ms

Document
text/html

104.18.24.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/yahoo/y-zzV9z2NE2uHwOQX1fZSHsTqib_8Z6YtDNlmu9Pc-~A&gdpr=0&gdpr_consent=
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.121 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 753d166a59f8910c-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 02 Oct 2022 11:27:13 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

age: 0
content-length: 0
date: Sun, 02 Oct 2022 11:27:13 GMT
location: https://csync.smilewanted.com/set_partner_userid_get/yahoo/y-zzV9z2NE2uHwOQX1fZSHsTqib_8Z6YtDNlmu9Pc-~A&gdpr=0&gdpr_consent=
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server: ATS/9.1.10.25
strict-transport-security: max-age=31536000

GET
H2

200

078dafc4-ba39-4269-b7ea-71a73eb849ef Show response
csync.smilewanted.com/set_partner_userid_get/openx/ Frame A9BB
Redirect Chain

https://u.openx.net/w/1.0/cm?id=158474f5-20ec-4fcc-8ba8-4c101c556b25&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fopenx%2F
https://u.openx.net/w/1.0/cm?cc=1&id=158474f5-20ec-4fcc-8ba8-4c101c556b25&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fopenx%2F
https://csync.smilewanted.com/set_partner_userid_get/openx/078dafc4-ba39-4269-b7ea-71a73eb849ef

0
695 B

35ms
35ms

Document
text/html

104.18.24.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/openx/078dafc4-ba39-4269-b7ea-71a73eb849ef
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.121 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 753d166d3f35910c-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 02 Oct 2022 11:27:13 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 0
content-type: text/html
date: Sun, 02 Oct 2022 11:27:13 GMT
location: https://csync.smilewanted.com/set_partner_userid_get/openx/078dafc4-ba39-4269-b7ea-71a73eb849ef
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 89F4 0
745 B 8ms
7ms Script
text/html 37.252.173.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 02 Oct 2022 11:27:13 GMT
AN-X-Request-Uuid: 90bcd1bd-ea25-40e1-b716-722e5684fc6d
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 138.199.38.132; 138.199.38.132; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame F6A4 0
745 B 17ms
16ms Script
text/html 37.252.173.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 02 Oct 2022 11:27:13 GMT
AN-X-Request-Uuid: 03148576-eb04-466b-a733-624356ee02ca
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 138.199.38.132; 138.199.38.132; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 m1pxfe7f07bf-18f0-4375-9c94-23dd3a5c13e7.png
s0.2mdn.net/4528404/ Frame 16B3 157 B
188 B 25ms
25ms Image
image/png 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/m1pxfe7f07bf-18f0-4375-9c94-23dd3a5c13e7.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c32d94582973c620eee44273526d176fdbca5b8b36505c6142ed3c90c71882b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12809638294083468348/index.html?e=69&leftOffset=0&topOffset=0&c=6n9Ph8lTo9&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 13:05:19 GMT
x-content-type-options: nosniff
age: 80514
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 157
x-xss-protection: 0
last-modified: Tue, 25 Jan 2022 13:08:41 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 02 Oct 2022 13:05:19 GMT

GET
H2 200 dc_oe=ChMIsYLYj7jB-gIVaNwRCB0y6A44EAAYACC6vfdKQhMIr8mrj7jB-gIVlB0YCh1Q_Qtp;stragg=1;&timestamp=1664710033757;str=Show%20Slide%200;strtype=1
ade.googlesyndication.com/ddm/activity/ Frame 8D40 42 B
254 B 65ms
48ms Image
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIsYLYj7jB-gIVaNwRCB0y6A44EAAYACC6vfdKQhMIr8mrj7jB-gIVlB0YCh1Q_Qtp;stragg=1;&timestamp=1664710033757;str=Show%20Slide%200;strtype=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS