www.walla.co.il Open in urlscan Pro
52.222.236.78 Public Scan

URL: https://mail.walla.co.il/

URL: https://happy10.walla.co.il/start?utm_source=Walla&utm_medium=logo&utm_campaign=happy_Thursday

URL: https://happy10.walla.co.il/start?utm_source=Walla&utm_medium=button&utm_campaign=happy_Thursday
Title: חמישי שמחהטבות ב-10 ש״ח

URL: https://news.walla.co.il/
Title: חדשות

URL: https://sports.walla.co.il/
Title: ספורט

URL: https://finance.walla.co.il/
Title: כסף

URL: https://e.walla.co.il/
Title: תרבות

URL: https://celebs.walla.co.il/
Title: סלבס

URL: https://food.walla.co.il/
Title: אוכל

URL: https://fashion.walla.co.il/
Title: אופנה

URL: https://healthy.walla.co.il/
Title: בריאות

URL: https://travel.walla.co.il/
Title: תיירות

URL: https://mekomi.walla.co.il/
Title: מקומי

URL: https://tech.walla.co.il/
Title: טכנולוגיה

URL: https://gaming.walla.co.il/
Title: גיימינג

URL: https://cars.walla.co.il/
Title: רכב

URL: https://www.wallashops.co.il/?utm_source=wallahp1&utm_medium=walla&utm_campaign=hpnemalakniut_1
Title: קניות

URL: https://www.sheee.co.il/
Title: Sheee

URL: https://www.drushim.co.il/
Title: דרושים

URL: https://www.yad2.co.il/?utm_source=walla&utm_medium=logo

URL: https://www.wallashops.co.il/?utm_source=WALLA&utm_medium=text_linkHP&utm_campaign=kniyot
Title: קניות

URL: https://bit.ly/3tk0q7d
Title: קניות!באילת

URL: https://www.wallashops.co.il/?utm_source=WALLA&utm_medium=text_linkHP&utm_campaign=wallashops
Title: וואלה!שופס

URL: https://bit.ly/3cy45s1
Title: וואלה!פרינט

URL: https://b.walla.co.il/
Title: ברנז'ה

URL: https://judaism.walla.co.il/
Title: יהדות

URL: https://law.walla.co.il/
Title: משפטי

URL: https://yarokkl.walla.co.il/
Title: שומרים על כדור הארץ

URL: https://healthy.walla.co.il/category/13034
Title: הורים טריים

URL: https://tmirecycle.walla.co.il/
Title: קיץ של מחזור

URL: https://paisculture.walla.co.il/
Title: פיס בתרבות

URL: https://career.walla.co.il/
Title: חיפוש עבודה

URL: https://yoram.walla.co.il/
Title: לימודים

URL: https://horoscope.walla.co.il/
Title: הורוסקופ

URL: https://mazaltov.walla.co.il/
Title: וואלה! מזל טוב

URL: https://viva.walla.co.il/
Title: ויוה

URL: https://vod.walla.co.il/hot
Title: HOT VOD

URL: https://marketing.walla.co.il/
Title: שיווק ודיגיטל

URL: https://home.walla.co.il/
Title: בית

URL: https://horoscope.walla.co.il/zodiacs
Title: הורוסקופ

URL: https://nadlan.walla.co.il/
Title: נדל"ן

URL: https://tld.walla.co.il/
Title: טוב לדעת

URL: https://beauty.walla.co.il/
Title: ביוטי

URL: https://fun.walla.co.il/
Title: משחקים

URL: https://healthy.walla.co.il/category/594
Title: הורות וילדים

URL: https://calendar.walla.co.il/
Title: לוח שנה

URL: https://tv-guide.walla.co.il/
Title: לוח שידורים

URL: https://walla.co.il/shabbat-times
Title: כניסת שבת

URL: https://www.b144.co.il/?sitecode=10&subsitecode=1406&site=walla&utm_source=walla&utm_medium=header
Title: B144

URL: https://mazaltov.walla.co.il/weddingdresses/
Title: שמלות כלה

URL: https://perfectmatch.walla.co.il/
Title: חיבורים מושלמים

URL: https://mumlazim.walla.co.il/
Title: מומלצים

URL: https://b144.walla.co.il/
Title: עסקים קטנים

URL: https://starkist.walla.co.il/
Title: כל מה שטוב בטונה

URL: https://www.democratv.org/
Title: דמוקרטTV

URL: https://thetop.walla.co.il/
Title: הטופ

URL: https://dogsandcats.walla.co.il/
Title: כלבים וחתולים

URL: https://galil.walla.co.il/
Title: גליל, תשאלו כל דחליל

URL: https://www.wallashops.co.il/%D7%93%D7%99%D7%9C-%D7%99%D7%95%D7%9E%D7%99?utm_source=WALLA&utm_medium=text_linkHP&utm_campaign=dilyomi
Title: דיל יומי

URL: https://www.wallashops.co.il/?utm_source=WALLA&utm_medium=text_linkHP&utm_campaign=mivtzeim
Title: מבצעים

URL: https://www.wallatours.co.il/zimmer/
Title: צימרים

URL: https://www.wallaprint.co.il/?utm_source=WALLA&utm_medium=HP&utm_campaign=PRINTtext
Title: אלבומים

URL: https://vod.walla.co.il/movies
Title: סרטים

URL: https://vod.walla.co.il/tvshows
Title: סדרות

URL: https://www.facebook.com/wallanews

URL: https://twitter.com/WallaNews

URL: https://www.instagram.com/wallanews/

URL: https://www.tiktok.com/@walla.news

URL: https://help.walla.co.il/
Title: עזרה

URL: https://help.walla.co.il/section/12344
Title: כתבו לנו

URL: https://dcx.walla.co.il/walla/terms/terms.pdf
Title: תנאי שימוש

URL: https://dcx.walla.co.il/walla_news_files/a516a87cfcaef229b342c437fe2b95f7.pdf
Title: מדיניות פרטיות

URL: https://apps.walla.co.il/
Title: אפליקציות

URL: https://news.walla.co.il/breaking
Title: מבזקי חדשות

URL: https://news.walla.co.il/break/3519736
Title: 14:24הבית הלבן: הנשיא ג'ו ביידן חלה בנגיף הקורונה

URL: https://news.walla.co.il/break/3519727
Title: 13:46הח"כים הנדל והאוזר נפגשו עם איילת שקד בנסיון להסכים על ריצה משותפת

URL: https://news.walla.co.il/break/3519720
Title: 13:12סרי לנקה: מחוקק בכיר מונה לראש הממשלה החדש של המדינה

URL: https://news.walla.co.il/break/3519709
Title: 12:01בור נפער בקרקעית בריכה פרטית בבית בשפלה - סריקות לאיתור נעדר

URL: https://news.walla.co.il/break/3519740
Title: 14:51בית המשפט העליון בולם פנוי בית משפחה בסילוואן שבמזרח ירושלים

URL: https://bit.ly/3fiH39w

URL: https://news.walla.co.il/item/3519702

URL: https://travel.walla.co.il/category/5735
Title: מגזין סופ"ש

URL: https://e.walla.co.il/item/3518733
Title: האפור אפור מאודהסרט היקר בתולדות נטפליקס הוא בזבוז של זמן וכסף | אבנר שביט

URL: https://nadlan.walla.co.il/item/3519252
Title: בית המוותרעידת אדמה? משחק ילדים לעומת האסון הבא

URL: https://travel.walla.co.il/item/3516481
Title: קדימה לגלילהכפר שלא שמעתם עליו או הייתם בו

URL: https://sports.walla.co.il/item/3519110
Title: איל ברקוביץ' מעיד"גיא יצחק היה אמור להיות אחד הגדולים"

URL: https://finance.walla.co.il/item/3519705
Title: הליגה האנושיתהחברה שמחברת בין משפיענים וחברות

URL: https://news.walla.co.il/item/3519735
Title: "סימפטומים קלים"הבית הלבן: הנשיא ביידן חלה בקורונה

URL: https://healthy.walla.co.il/item/3519476
Title: זה לא רק אתםנדבקתם כמה פעמים בקורונה? זה מה שעלול לקרות לכם

URL: https://e.walla.co.il/item/3519305
Title: ריאיון נוקב"40 דקות מהבית שלנו כולאים ילדים פלסטינים"

URL: https://travel.walla.co.il/item/3519448
Title: הכינו את הסטורי: מוזיאוני האינסטגרם מגיעים לישראלבשיתוף Candy Hotel

URL: https://celebs.walla.co.il/item/3519712
Title: רגע לפני הכניסהמתמודד "האח הגדול" נמצא חיובי לקורונה

URL: https://mekomi.walla.co.il/item/3519603
Title: סיפור מרגשרק רצתה לשחק בגן: הסטודנטים ששינו את חייה של הודיה

URL: https://fashion.walla.co.il/item/3519233
Title: טוויסט ורסטיליבסימן רבגוניות: 8 פריטים שאהבנו במיוחד השבוע

URL: https://travel.walla.co.il/item/3516283
Title: הרים, חופים ואוזו: 6 סיבות לבקר באי לסבוסבשיתוף לשכת התיירות של יוון

URL: https://e.walla.co.il/item/3519344
Title: בצפון קוריאה לא היו עושים פרופגנדה בוטה יותר מהסרט על שמעון פרסעמית סלונים

URL: https://finance.walla.co.il/item/3519198
Title: מדד הלאפה: למה המחירים בישראל רק עולים?ליאת רון

URL: https://now.walla.co.il/item/3519081
Title: רועי סנדלר יעשה את אנה זק גאהלירז עוזרי

URL: https://tld.walla.co.il/item/3516305?lm_supplier=16893&lm_bc=9701
Title: האנשים שהצליחו להיפטר מכאבים כרוניים חושפים את הפתרוןמוגש מטעם בי קיור לייזר

URL: https://www.outbrain.com/what-is/default/he

URL: https://ad.doubleclick.net/ddm/trackclk/N798102.1984505OUTBRAIN/B28132050.340540918;dc_trk_aid=532305642;dc_trk_cid=174155780;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=?obOrigUrl=true
Title: הקרוסאובר האולטימטיבי החל מ-1,194 ש״ח לחודש לפרטים נוספים NISSAN | ממומן

URL: https://news.walla.co.il/item/3519697
Title: רוסיה ביקשה להפסיק את פעילותה של הסוכנות היהודית במדינה

URL: https://news.walla.co.il/item/3519725
Title: חשד: אישה הרעילה את בעלה הרופא בחומר מסוכן

URL: https://news.walla.co.il/item/3519684
Title: משפחות הרוגי אסון מירון זועמות על התנערות נתניהו מאחריות

URL: https://news.walla.co.il/item/3519681
Title: המודיעין האמריקני חושף את האמת על מצבו של פוטין

URL: https://news.walla.co.il/item/3519673
Title: בריטניה: אלה הם שני המועמדים הסופיים לראשות הממשלה

URL: https://news.walla.co.il/item/3519655
Title: גרינלנד: כמות הקרח שנמס ביומיים יכולה למלא 7.2 מיליון בריכות אולימפיות

URL: https://www.wallashops.co.il/home?cfm=CDEA13186F40&utm_source=walla.co.il&utm_medium=exposebox
Title: קניות

URL: https://news.walla.co.il/category/5108
Title: אסור לפספס

URL: https://horoscope.walla.co.il/item/3518689
Title: המכשפה העיוורת צדקה כבר בחצי מהנבואות ל-2022

URL: https://e.walla.co.il/item/3519423
Title: כוכבי "משמר המפרץ" התאחדו והם בלתי ניתנים לזיהוי

URL: https://finance.walla.co.il/item/3509508
Title: בואו להנות: מגוון הטבות שוות מחכות לכם בפניםבשיתוף Poalim Wonder

URL: https://sports.walla.co.il/item/3519675
Title: "כנראה בגלל משחק אירוטי": תעלומת מותו של הכוכב

URL: https://sports.walla.co.il/item/3519592
Title: מכוון או לא? חזיזה "מועמד לשער השנה בעולם", ורק ביוון עוקצים

URL: https://sports.walla.co.il/item/3519726
Title: חי: בדרך לעוד הישג ענק? נבחרת העתודה בקרב על חצי הגמר

URL: https://sports.walla.co.il/item/3519732
Title: רימוני עשן ושירים באיסטנבול: צפו בחגיגה של אוהדי נתניה

URL: https://sport1.maariv.co.il/square/article/916646/
Title: הכוכב שוב תועד עם אישה: "הספורטאי הבוגדני אי פעם"

URL: https://sports.walla.co.il/item/3519558
Title: בכיין ופלופר? לברון ג'יימס מצהיר: "שם עליכם ז--"

URL: https://sports.walla.co.il/item/3519450
Title: גוף מושלם? מסתבר שרונאלדו מנותח מכף רגל ועד ראש

URL: https://tld.walla.co.il/item/3375383
Title: בשל ביקוש גובר: בי-קיור לייזר במבצע מיוחד (תוכן מקודם)מוגש מטעם בי קיור לייזר

URL: https://tld.walla.co.il/item/3516305
Title: אנשים שנפתרו מכאבים כרוניים חושפים את הפתרון (תוכן מקודם)מוגש מטעם בי קיור לייזר

URL: https://tld.walla.co.il/item/3518092?lm_supplier=16893&lm_bc=9857
Title: "זה מה שהציל לי את חיי המין והזוגיות" (תוכן מקודם)מוגש מטעם גברא

URL: https://tld.walla.co.il/item/3512046?lm_supplier=16893&lm_bc=9857
Title: בי-קיור לייזר מציגה: מהפכת טיפולי הפנים בבית (תוכן מקודם)מוגש מטעם בי קיור לייזר

URL: https://e.walla.co.il/item/3519552
Title: ואז הגיע משפט אחד שבזכותו משה הצליח לקנות את לבי באמת

URL: https://e.walla.co.il/item/3519477
Title: מה עוד יש לומר? שוב הסדרה הזו מוכיחה שהיא יצירת מופת

URL: https://e.walla.co.il/item/3519669
Title: פרל ג'אם ביטלו מופע ענק - והסיבה לכך תדהים אתכם לגמרי

URL: https://paisculture.walla.co.il/item/3517980
Title: מהריאליטי ועד לצה"ל: עד כמה באמת מכירים המעריצים את רביב כנר?בשיתוף מפעל הפיס

URL: https://law.walla.co.il/item/3503197
Title: בדרך לרילוקיישן: כך תוציאו ויזת עסקים לארה"בבשיתוף zap משפטי

URL: https://law.walla.co.il/item/3518053
Title: משכנתא לפושטי רגל לשעבר: 5 צעדים בדרך לאישור המיוחלבשיתוף zap משפטי

URL: https://law.walla.co.il/item/3518056
Title: האם המשטרה ערכה בדיקת אלכוהול לאדם הלא נכון?בשיתוף zap משפטי

URL: https://tech.walla.co.il/item/3517728
Title: יחד עבור המחר: סמסונג מתחייבת לייצר מסכים בגישה ירוקהבשיתוף סמסונג

URL: https://magazine.shufersal.co.il/%D7%94%D7%9E%D7%92%D7%96%D7%99%D7%9F-%D7%A7%D7%95%D7%9C%D7%99%D7%A0%D7%A8%D7%99/%D7%94%D7%A8%D7%A9%D7%99%D7%9E%D7%95%D7%AA-%D7%A9%D7%9C-%D7%90%D7%9E%D7%90/%D7%A0%D7%92%D7%99%D7%A1%D7%99-%D7%A4%D7%A8%D7%A0%D7%A5-%D7%98%D7%95%D7%A1%D7%98-%D7%A2%D7%9D-%D7%97%D7%9E%D7%90%D7%AA-%D7%91%D7%95%D7%98%D7%A0%D7%99%D7%9D-%D7%95%D7%A7%D7%99%D7%A0%D7%9E%D7%95%D7%9F/?utm_source=walla&utm_medium=referral&utm_campaign=food_walla_magazin_shufersal&utm_term=general&utm_content=food_shufersal_walla_magazin_shufersal_text_mehadshim_french_toast_20-7-2022
Title: הלהיט מהטיקטוק: קוביות פרנץ' טוסט חלומיותבשיתוף שופרסל

URL: https://beauty.walla.co.il/item/3514155
Title: אתן כבר מכירות את הסוד לאיפור מושלם? מעכשיו הוא גם מגן לכן על העורבשיתוף SMASHBOX

URL: https://friends-hist.walla.co.il/item/3512377
Title: אבי סינגולדה: "נולדתי וגדלתי בפריפריה ואני חלק ממנה עד היום"בשיתוף FRIENDS

URL: https://om.elvenar.com/ox/de?ref=out_de_dach_001&external_param=$section_name$&pid=$publisher_name$&bid=00fc7a2367bc2fe7f89d2a362adfe9ebb3&ob_cvr_pixel_domain=elvenar.com&obOrigUrl=true
Title: Wenn du Zeit am Computer totschlagen musst, ist dieses Vintage Spiel ein Muss. Kein Install. Elvenar | ממומן

URL: https://tld.walla.co.il/item/3469896?lm_supplier=17030&lm_bc=24846&obOrigUrl=true
Title: הפתרון לכאב הברכיים קרוב מתמיד וואלה

URL: https://sports.walla.co.il/item/3519453?obOrigUrl=true
Title: מכבי תל אביב פועלת לצמצום כמות משחקי היורוליג ביום שישי וואלה

URL: https://www.inpixio.com/static/lp/photostudio/DE/?tracking=INPIXIO_GERMANO_PP_OB_PSTUDIO12_CPA&campaignid=Outbrain_IPX&filter=INPIXIO_GERMANO_PP_OB_PSTUDIO12_CPA&keyword=SeagirlV2&clickid=$ob_click_id$&obOrigUrl=true
Title: Neu: inPixio Photo Studio 12 - Unterhaltsame Bilder mit Fotomontage KI erstellen. InPixio | ממומן

URL: https://experis.co.il/kickstart/?utm_source=walla&utm_medium=circle&utm_content=hitech_career_change
Title: הסבה להייטק

URL: https://www.manpower.co.il/?utm_source=walla&utm_medium=circle&utm_content=job_search
Title: עבודה בהייטק

URL: https://jobs.experis.co.il/?utm_source=walla&utm_medium=circle&utm_content=hitech_job
Title: חיפוש עבודה

URL: https://finance.walla.co.il/item/3519642
Title: מקס פיין: המנכ"ל רון פאינרו על הדרך שהובילה אותו ל-Max

URL: https://finance.walla.co.il/item/3519602
Title: פוסט-קורונה כלכלית: הנגיף שעולה לנו 20,000 שקלים בשנה

URL: https://finance.walla.co.il/item/3519474
Title: לבייב נגד לבייב: מילארדרים מול 'נוכל הטינדר'. מה הסיכויים?

URL: https://nadlan.walla.co.il/item/3519023
Title: עינוי בינוי: למה כל כך קשה לבצע פרויקטים בישראל?

URL: https://mekomi.walla.co.il/item/3518707
Title: בלי להתבלבל: כך סימון קטן אחד צפוי לחולל שינוי גדולבשיתוף תאגיד המיחזור תמיר

URL: https://celebs.walla.co.il/item/3519659
Title: הפוליטיקאית הבכירה שהתגרשה מבעלה הבוגדני

URL: https://celebs.walla.co.il/item/3519621
Title: גיא ומתן: "אנחנו חברים טובים, אבל הפרידה הייתה קשה"

URL: https://celebs.walla.co.il/item/3519674
Title: אליאב מחכה לבר? כי לנו נראה שהוא דווקא מסתדר

URL: https://now.walla.co.il/
Title: NOW

URL: https://now.walla.co.il/item/3518345
Title: שחר טבוך גונב מאדיסון ריי

URL: https://www.manpower.co.il/?utm_source=walla&utm_medium=content&utm_campaign=jobs_search_new

URL: https://healthy.walla.co.il/item/3518988
Title: האם המשקה הזה יכול להיות תחליף בריא לקפה של הבוקר?

URL: https://healthy.walla.co.il/item/3512652
Title: צפו: אילו טיפולים חדשניים קיימים לסרטן שד גרורתי?בשיתוף אסטרהזניקה

URL: https://healthy.walla.co.il/item/3096852
Title: גמורים? 7 שינויים קטנים בתזונה שיעזרו לכם להילחם בעייפות

URL: https://healthy.walla.co.il/item/3505028
Title: כך תוכלו לבחור שמן זית איכותיבשיתוף יד מרדכי

URL: https://healthy.walla.co.il/item/3517576
Title: לא נח לרגע: כך תתמודדו עם תינוק בעל טמפרמנט פעיל

URL: https://healthy.walla.co.il/item/3519014
Title: הילד שלכם חורק שיניים? כך תזהו אם זה מסוכן לו

URL: https://e.walla.co.il/category/12992

URL: https://e.walla.co.il/item/3519657
Title: מחקר חדש בדק: מי מוגן יותר מפני מחלות וזיהומים - גברים או נשים?בשיתוף רשת 13

URL: https://e.walla.co.il/item/3519683
Title: האח הגדול | הכה את המנחה: קאזם משתלט על השעשועון הגדול של הביתבשיתוף רשת 13

URL: https://e.walla.co.il/item/3519682
Title: האח הגדול | מרינה נשברת: "איך אפשר שלא לאהוב אותך?"בשיתוף רשת 13

URL: https://e.walla.co.il/item/3519441
Title: בן 14 מצא סכין בים מול חופי אילת - והפליל חשוד ברצחבשיתוף רשת 13

URL: https://food.walla.co.il/category/13202
Title: מתכונים לחופש הגדול

URL: https://food.walla.co.il/recipe/641210
Title: מתכון לפנקייק

URL: https://food.walla.co.il/recipes
Title: מתכונים

URL: https://food.walla.co.il/item/3519201
Title: הבו לנו עוד מסעדות כאלה! (זה באמת לא כזה מסובך)

URL: https://food.walla.co.il/item/3073120
Title: זה מגיע לכם, תאמינו לנו, אין דרך אחרת לחתום כזה שבוע

URL: https://food.walla.co.il/item/3518610
Title: שקדי מרק?! מה גולדה לא מספרת לנו על הטעם החדש שלה?

URL: https://food.walla.co.il/item/3519149
Title: יום העוגות הוא רק תירוץ: 7 מתכוני עוגות שלעולם לא יאכזבו אתכם

URL: https://career.walla.co.il/item/3514098
Title: כל מה שאתם צריכים לדעת על כתיבת קורות חיים בשנת 2022בשיתוף ManpowerGroup

URL: https://career.walla.co.il/item/3510524
Title: כך תעשו זאת נכון: איך לחפש עבודה בעולם התעסוקה החדש?בשיתוף ManpowerGroup

URL: https://career.walla.co.il/item/3509333
Title: זום, עבודה היברידית ומבחני בית: כך השתנה שוק העבודה בישראלבשיתוף ManpowerGroup

URL: https://fashion.walla.co.il/item/3519218
Title: סקירת מעצבים: הטבע משתלט על הבגדים, וזה יפה מתמיד

URL: https://fashion.walla.co.il/item/3518979
Title: לוק לגיטימי לאירוע? טופ חזייה מתחת לחולצת כפתורים פתוחה

URL: https://fashion.walla.co.il/item/3518704
Title: הדוגמנית שי זנקו: "אני רוצה שלכל בחורה יהיה מה ללבוש"

URL: https://www.sheee.co.il/item/3519670
Title: וידוי: "בשנתיים האחרונות אני שוכבת עם אבא של בעלי"

URL: https://www.sheee.co.il/item/3519021
Title: החזה הגדול ביותר בעולם: שיאי סקס שלא יאומנו

URL: https://travel.walla.co.il/item/3519733
Title: זה כריש? צפו בתיעוד נדיר של כינורן לבן נקוד במפרץ אילת

URL: https://travel.walla.co.il/item/3519031
Title: הכתבה הכי חשובה לקיץ: ככה אורזים טרולי לשבועיים

URL: https://travel.walla.co.il/item/3519645
Title: ה"עיניים של המדינה" בוכות: כך צה"ל שורף את החרמון

URL: https://travel.walla.co.il/item/3519513
Title: הסיבה ההזויה שבגללה טייס עזב את המטוס לפני ההמראה

URL: https://beauty.walla.co.il/item/3494887
Title: האביב מגיע וזה בדיוק הזמן להתחדש בניחוח משלךבשיתוף ג'ו מלון לונדון

URL: https://beauty.walla.co.il/item/3490795
Title: MAC השיקה מסקרה עם פורמולה פורצת דרךבשיתוף MAC

URL: https://beauty.walla.co.il/item/3495198
Title: תקשיבו למומחים: הכול מתחיל בעיצוב גבות מושלמותבשיתוף בובי בראון

URL: https://tech.walla.co.il/item/3519632
Title: לא רק סמארטפונים: המהלך המפתיע של שיאומי | וואלה! תתחברו

URL: https://tech.walla.co.il/item/3519338
Title: רשמי: סמסונג תכריז על המתקפלים החדשים ב-10 באוגוסט

URL: https://tech.walla.co.il/item/3519638
Title: "דרימז": הרשת החברתית שתעזור לכם להגשים חלומות

URL: https://tech.walla.co.il/item/3518985
Title: פיתוח ותפעול יד ביד: המהפכה הרעיונית הגדולה של עולם ההייטקבשיתוף "הטכנולוגית", חטיבת הטכנולוגיה של בנק הפועלים

URL: https://tech.walla.co.il/item/3519488
Title: העט שהציל את אפולו 11 יימכר במכירה פומבית

URL: https://tech.walla.co.il/item/3519185
Title: צילום מהחלל: גל החום הקיצוני מייבש את אדמת בריטניה

URL: https://marketing.walla.co.il/item/3519529
Title: טרנדים בטיקטוק: ההזדמנות של המותגים הגדולים

URL: https://marketing.walla.co.il/item/3519291
Title: הנזק שקמפיינים כמו ה"נידה" עלולים לגרום לשיווק

URL: https://b.walla.co.il/item/3518659
Title: מצליח בדרך החוצה? בחדשות 12 נערכים לשינוי

URL: https://b.walla.co.il/item/3518636
Title: מהפך: לראשונה - אילה חסון עוקפת את רינה מצליח

URL: https://gaming.walla.co.il/item/3519677
Title: מציאותי מתמיד: פיפ"א 23 נחשף בטריילר חדש

URL: https://gaming.walla.co.il/item/3519475
Title: המשחק The Last of Us דלף (בפעם השלישית) לרשת

URL: https://gaming.walla.co.il/item/3519465
Title: שרתי Roblox נפרצו, ההאקרים הדליפו מידע אישי ודרשו כופר

URL: https://gaming.walla.co.il/item/3519434
Title: דו"ח חדש: תעשיית "הגיימינג" הישראלי משגשגת

URL: https://horoscope.walla.co.il/item/3518235
Title: צפו: בית חולים "רדוף רוחות" הבריח את המבקרים

URL: https://horoscope.walla.co.il/item/3518982
Title: יש לכם את האותיות ח' או ט' בשם? זו משמעותן

URL: https://home.walla.co.il/item/3519510
Title: לא מתפנים: חדרי מתבגרים שגם אתם לא הייתם רוצים לעזוב

URL: https://home.walla.co.il/item/3519278
Title: איזה חום! המלצות שופינג שלא יגרמו לכם להזיע

URL: https://home.walla.co.il/item/3519240
Title: לשפץ או למכור? המשפחה שהתחדשה מבלי לשנות כתובת

URL: https://home.walla.co.il/item/3519033
Title: משפחה מודרנית: קנו דירת קבלן ושיפצו אותה ב-350 אלף ש"ח

URL: https://vod.walla.co.il/episode/3444761
Title: VODנחמה

URL: https://vod.walla.co.il/
Title: VOD

URL: https://vod.walla.co.il/tvshow/2965903
Title: VODנפלת חזק

URL: https://vod.walla.co.il/tvshow/2896949
Title: VODאניגמה

URL: https://vod.walla.co.il/movie/2849527
Title: VODאני יודעת מי הרג אותי

URL: https://vod.walla.co.il/tvshow/2599604
Title: VODלגעת בסיפור

URL: https://judaism.walla.co.il/item/3519616
Title: מדוע ישנם צדיקים שיצאו להם ילדים מקולקלים?מוגש מטעם שובה ישראל

URL: https://judaism.walla.co.il/item/3519707
Title: פריז: האדמו"ר הרב פינטו ביקר במוסדות השליח החב"דימוגש מטעם שובה ישראל

URL: https://judaism.walla.co.il/item/3519438
Title: בין הפצצה להפצצה: הרב הצבאי שמחזק את חיילי אוקראינהמוגש מטעם שובה ישראל

URL: https://cars.walla.co.il/item/3519447
Title: על חשמל ועם 7 מושבים: מרצדס EQB

URL: https://cars.walla.co.il/item/3519398
Title: אלפא רומיאו טונאלה בישראל

URL: https://cars.walla.co.il/item/3518850
Title: נהגנו בחשמלית שלא דורשת שימוש בעמדת טעינה

URL: https://cars.walla.co.il/item/3518611
Title: דריסת השוטר: מחיר ההפקרות של תחום גניבות הרכב

URL: https://havazingboimworld.walla.co.il/
Title: חווה זינגבויים

URL: https://havazingboimworld.walla.co.il/item/3516235
Title: חוה זינגבוים מציגה טכנולוגיה פורצת דרך והקהילה המדעית נסערתבשיתוף חוה זינגבוים

URL: https://havazingboimworld.walla.co.il/item/3504207
Title: יופי פנימי: חרדית, דרוזית וערבייה ישראליות מדברות עצמאותחוה זינגבוים

URL: https://havazingboimworld.walla.co.il/item/3504213
Title: נשים חוגגות נשים: רשימת המבריקות של העשורחוה זינגבוים

URL: https://tld.walla.co.il/item/3509818?lm_supplier=16893&lm_bc=9857
Title: חובה בכל בית: ככה מצננים את הקיץ בסטייל (תוכן מקודם)מוגש מטעם colder

URL: https://paisculture.walla.co.il/item/3516739
Title: מיזם בימות פיס: מה באמת יודעים המעריצים על מירי מסיקה?בשיתוף מפעל הפיס

URL: https://mekomi.walla.co.il/item/3517721
Title: מחנן יובל ועד למירי אלוני: פסטיבל זמר עברי ייערך לראשונה בגבעתייםבשיתוף עיריית גבעתיים

URL: https://finance.walla.co.il/item/3517376
Title: אף פעם לא מאוחר: הכשרה מקצועית בתחום העיצוב בשנתיים בלבדבשיתוף לימודי חוץ ויצו חיפה

URL: https://mazaltov.walla.co.il/article/celebs-weddings/7995/?fbclid=IwAR2x5jOxJEXJfRXFn4w4jW_l9vT2jKLXt86sI-r3F9WaZVOGBTmAhL3QdZA#utm_source=walla_news&utm_campaign=merkaz
Title: "אחרי הטרגדיה, בחרנו בחיים": ראיון עם שלומית אזרד

URL: https://mazaltov.walla.co.il/article/event-place/8060/#utm_source=walla_news&utm_campaign=merkaz
Title: הכירו: המתחם שמעניק טאץ' קסום וטבעי לכל אירוע

URL: https://mazaltov.walla.co.il/article/event-place/8054/?utm_source=walla_news&utm_campaign=merkaz
Title: Farm to LAGO: התפריט שעושה הרבה כבוד לבטן שלכם

URL: https://fun.walla.co.il/game/1578384
Title: מאג'ונג נגד השעון

URL: https://fun.walla.co.il/game/3406144
Title: סוליטר רומא העתיקה

URL: https://fun.walla.co.il/game/3436121
Title: ניקוי מרצפות: פרפרים

URL: https://fun.walla.co.il/game/3342854
Title: ארבע בשורה

URL: https://fun.walla.co.il/item/3321998
Title: פרוט נינג'ה

URL: https://fun.walla.co.il/game/3409290
Title: סנומן

URL: https://yarokkl.walla.co.il/item/3516157
Title: כולל בישולי שדה וסדנאות: פעילויות הקיץ של קק"ל לכל המשפחהבשיתוף קק"ל

URL: https://healthy.walla.co.il/item/3516402
Title: לטפל בסרטן בזכות בדיקת דם פשוטהבשיתוף אונקוטסט

URL: https://milucca.walla.co.il/item/3514113
Title: משנה את החיים: סדרת הסטיקים החדשה שעונה על כל הצרכיםבשיתוף מילוקה

URL: https://nadlan.walla.co.il/item/3517560
Title: במיקום מנצח, 700 מטרים מהים: פרויקט צרפתי מטרו יוצא לדרךבשיתוף צרפתי צבי ובניו

URL: http://www.enaim.co.il/
Title: הסרת משקפיים

URL: http://dominos.walla.co.il/?utm_source=Walla&utm_medium=Cooperation&utm_campaign=ongoing&utm_content=more_online
Title: פיצה אונליין

URL: https://www.b144.co.il/%D7%A4%D7%A8%D7%97%D7%99%D7%9D/%D7%AA%D7%9C-%D7%90%D7%91%D7%99%D7%91-%D7%99%D7%A4%D7%95/?&sitecode=10&subsitecode=1400&site=walla&d=1
Title: כל חנויות הפרחים

URL: https://www.b144.co.il/%D7%97%D7%A9%D7%9E%D7%9C%D7%90%D7%99%D7%9D/%D7%97%D7%A9%D7%9E%D7%9C%D7%90%D7%99%D7%9D-24-%D7%A9%D7%A2%D7%95%D7%AA/%D7%90%D7%96%D7%95%D7%A8-%D7%AA%D7%9C-%D7%90%D7%91%D7%99%D7%91-%D7%95%D7%94%D7%9E%D7%A8%D7%9B%D7%96/?&sitecode=10&subsitecode=1402&site=walla&d=1
Title: חשמלאים

URL: https://www.b144.co.il/%D7%92%D7%A0%D7%99-%D7%99%D7%9C%D7%93%D7%99%D7%9D-%D7%95%D7%A4%D7%A2%D7%95%D7%98%D7%95%D7%A0%D7%99%D7%9D/%D7%AA%D7%9C-%D7%90%D7%91%D7%99%D7%91-%D7%99%D7%A4%D7%95/?&sitecode=10&subsitecode=1401&site=walla&d=1
Title: גני ילדים

URL: https://www.b144.co.il/%D7%A0%D7%93%D7%9C%D7%9F/%D7%AA%D7%99%D7%95%D7%95%D7%9A/%D7%90%D7%96%D7%95%D7%A8-%D7%AA%D7%9C-%D7%90%D7%91%D7%99%D7%91-%D7%95%D7%94%D7%9E%D7%A8%D7%9B%D7%96/?&sitecode=10&subsitecode=1403&site=walla&d=1
Title: תיווך

URL: https://www.wallashops.co.il/?utm_source=walla&utm_medium=wallahp2&utm_campaign=hpnemalawallashops_2
Title: וואלה שופס

URL: https://www.seolinks.co.il/
Title: קידום אתרים

URL: https://hayoetzet.co.il/
Title: מציאת רופא מומלץ

URL: https://www.wallashops.co.il/%D7%94%D7%9E%D7%95%D7%A6%D7%A8%D7%99%D7%9D-%D7%94%D7%A0%D7%9E%D7%9B%D7%A8%D7%99%D7%9D-%D7%91%D7%99%D7%95%D7%AA%D7%A8#intref=HP-DealCubes&meta=%D7%94%D7%A0%D7%9E%D7%9B%D7%A8%D7%99%D7%9D-%D7%91%D7%99%D7%95%D7%AA%D7%A8?utm_source=walla&utm_medium=wallahp2&utm_campaign=hpnemalasale_2
Title: מבצעים

URL: https://www.leumi.co.il/Campaign/loan_all_clients/47071/
Title: הלוואה לכל מטרה

URL: https://www.sugat.com/all-recipes/
Title: מתכונים מנצחים

URL: https://www.wallashops.co.il/%D7%93%D7%99%D7%9C-%D7%99%D7%95%D7%9E%D7%99?utm_source=walla&utm_mediumhp2=walla&utm_campaign=hpnemaladeal_2
Title: דיל יומי

URL: http://m.onelink.me/b3fbc033
Title: חדשות בזמן אמת

URL: https://www.wallaprint.co.il/?utm_source=WALLA&utm_medium=textSEO&utm_campaign=odBAinternet
Title: וואלה! פרינט

URL: http://pricelist.yad2.co.il/
Title: מחירון רכב

URL: http://www.yad2.co.il/Nadlan/sales.php
Title: דירות למכירה

URL: http://www.yad2.co.il/Nadlan/rent.php
Title: דירות להשכרה

URL: https://yoram.walla.co.il/mivdak?utm_source=wallacampaign
Title: המבדק של יורם

URL: https://rfvtgb.novelodge.com/worldwide/guitar-ob-ge?utm_source=outbrainjk&utm_campaign=nl-guitar-bc2-win-gr-zt-21072&utm_term=$section_name$&utm_medium=$section_id$&utm_bid=$cpc$&obOrigUrl=true
Title: [Bilder] Das sind die besten Gitarrenspieler aller Zeiten Novelodge | ממומן

URL: https://www.fanbrace.com/2022/06/10/wenn-sie-auf-der-strase-unterwegs-sind-beruhmtheiten-und-ihre-autos-2/?utm_medium=$section_name$&utm_source=$section_id$&utm_content=00d94d9bd2020ae1d6937002950a60f2eb-clickid-obsource-$ob_click_id$&utm_campaign=outbrain-0016&utm_term=$publisher_name$&obOrigUrl=true
Title: (Galerie) Hier ist das Auto, das Greta Thumberg mit 19 Jahren fährt Fanbrace | ממומן

URL: https://rfvtgb.topbunt.com/worldwide/waxfig-cp-ob-ge?utm_source=outbrainjk&utm_campaign=tb-waxfig-bc4-win-gr-ff-21072&utm_term=$section_name$&utm_medium=$section_id$&utm_bid=$cpc$&obOrigUrl=true
Title: [Bilder] So sahen historische Figuren wirklich aus Topbunt | ממומן

URL: https://rfvtgb.flights10.com/worldwide/welt-von-oben-kilo-ta-ge?utm_source=outbrainjk&utm_campaign=fl-drone-win-gr-yy-26022d&utm_term=$section_name$&utm_medium=$section_id$&utm_bid=$cpc$&obOrigUrl=true
Title: [Bilder] Diese 22 Drohnen-Fotos sind nichts für schwache Nerven Flights10 | ממומן

URL: https://rfvtgb.novelodge.com/worldwide/tattoo-ob-ge?utm_source=outbrainjk&utm_campaign=nl-tattoo-bc2-spv-win-gr-rl-19032d&utm_term=$section_name$&utm_medium=$section_id$&utm_bid=$cpc$&obOrigUrl=true
Title: [Fotos] Versuchen Sie, durch diese Tätowierungen zu kommen, ohne zu lachen Novelodge | ממומן

URL: https://rfvtgb.housecoast.com/worldwide/konige-flugzeuge-reinfall-ta-ge?utm_source=outbrainjk&utm_campaign=hc-badpln-win-gr-yy-24062d&utm_term=$section_name$&utm_medium=$section_id$&utm_bid=$cpc$&obOrigUrl=true
Title: [Bilder] Die 20 unsinnigsten Flugzeuge die je gebaut wurden Housecoast | ממומן

URL: https://sports.walla.co.il/item/3519450?obOrigUrl=true
Title: כריסטיאנו רונאלדו הגדיל את איבר המין שלו "כמו שחקן פורנו" וואלה

URL: https://news.walla.co.il/item/3519349?obOrigUrl=true
Title: ההחלטה של כוכבי היא אחת מהחשובות ביותר שקיבל רמטכ"ל בשנים האחרונות וואלה

URL: https://www.sheee.co.il/item/3519670?obOrigUrl=true
Title: וידוי: "בשנתיים האחרונות אני שוכבת עם אבא של בעלי" וואלה

URL: https://rfvtgb.novelodge.com/worldwide/foilh-ob-ge?utm_source=outbrainjk&utm_campaign=nl-foilh-bc3-win-gr-zt-21072&utm_term=$section_name$&utm_medium=$section_id$&utm_bid=$cpc$&obOrigUrl=true
Title: [Bilder] Der Aluminiumfolien-Trick den jeder kennen sollte Novelodge | ממומן

URL: https://rfvtgb.crowdyfan.com/worldwide/land-der-traume-lima-ta-ge?utm_source=outbrainjk&utm_campaign=cf-sleepan-win-gr-yy-21042d&utm_term=$section_name$&utm_medium=$section_id$&utm_bid=$cpc$&obOrigUrl=true
Title: [Bilder] Nicht lachen - diese Tiere haben sich gegen ihr Bett entschieden Crowdyfan | ממומן

URL: http://trk.ajaska.de/click/NDA0MA==/?utm_source=o&utm_campaign=00c1a56c7ee138daab4f6e8e9b07770bdd&utm_medium=$section_id$&shortmode=adx&obOrigUrl=true
Title: Das Militär gab 1 Milliarde Dollar für dieses neue Fahrzeug aus, und hier ist der erste Blick darauf Auto-motor-seite.de | ממומן

URL: https://rfvtgb.crowdyfan.com/worldwide/stars-des-serienhits-charlie-ge?utm_source=outbrainjk&utm_campaign=cf-twohalf-win-gr-yy-26022d&utm_term=$section_name$&utm_medium=$section_id$&utm_bid=$cpc$&obOrigUrl=true
Title: [Bilder] Erinnerst du dich an Kandi von 'Two and a Half Men'? So sieht sie jetzt aus Crowdyfan | ממומן

URL: https://www.deutsches-gesundheits-journal.com/die-4-besten-stoffwechsel-tabletten-fuer-eine-schlanke-figur-im-vergleich-v2/?utm_source=Outbrain&utm_medium=Discovery&utm_campaign=DGJ_TOP4_STOFFWECHSEL_TABLETTEN_V2_NATIVE_DESKTOP_BROAD&obOrigUrl=true
Title: Der große Vergleich: 5 Abnehm-Kapseln im Test Mehr erfahren Deutsches Gesundheits Journal | ממומן

URL: https://rfvtgb.gloriousa.com/worldwide/strwrs-ob-ge?utm_source=outbrainjk&utm_campaign=gu-strwrs-bc1-win-gr-sg-19072&utm_term=$section_name$&utm_medium=$section_id$&utm_bid=$cpc$&obOrigUrl=true
Title: [Bilder] 20 coole Fotos, die während der Dreharbeiten von Star Wars geschossen wurden Gloriousa | ממומן

URL: http://www.oref.org.il/11093-he/Pakar.aspx
Title: פיקוד העורף

URL: https://news.walla.co.il/category/1
Title: חדשות בארץ

URL: https://bama.bio/b2b
Title: הבמה שלך באינטרנט

URL: https://www.maariv.co.il/jewishism/shabat-times
Title: כניסת שבת

URL: https://www.hamal.co.il/
Title: חמ"ל

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://walla.co.il/ HTTP 301
https://walla.co.il/ HTTP 301
https://www.walla.co.il/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 159

https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent= HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/freewheel/729a63af81b54747169872ac77c5a7e

Request Chain 160

https://creativecdn.com/cm-notify?pi=smilewanted HTTP 302
https://creativecdn.com/cm-notify?pi=smilewanted&tc=1 HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/DmBriWGbjyLQzZ93XN3U?pi=smilewanted&tc=1

Request Chain 161

https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 302
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=09b6e8fe602f87860209682331428310

Request Chain 171

https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid] HTTP 302
https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1

Request Chain 173

https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010 HTTP 302
https://ice.360yield.com/ul_cb/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/%7BPUB_USER_ID%7D&partner_id=1010 HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/improve/60d68201-f647-48b2-98f0-5128f1476049&partner_id=1010

Request Chain 179

https://ssum-sec.casalemedia.com/usermatchredir?s=193216&cb=https://csync.smilewanted.com/set_partner_userid_get/indexexchange/ HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Findexexchange%2F&s=193216&C=1 HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/indexexchange/YtlqGmNDH3nKuhWYH7btgAAA%261145

Request Chain 180

https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID&__user_check__=1&sync_id=e44284e0-0905-11ed-b2a5-1348667f0506 HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/spotx/e4428496-0905-11ed-b2a5-1348667f0506

Request Chain 201

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOlsx63kSr83xl3GrZikmIE&google_cver=1&google_push=AehlK4B9UQXdUB-_2s1hIZ79TLxcMkUULUkXU6OVaUAM9ePxDT46suN4DaE7KjpGKQNt-uhWWW_YgvhX-JI2yvrreZnaZLW6pKJI HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOlsx63kSr83xl3GrZikmIE&google_cver=1&google_push=AehlK4B9UQXdUB-_2s1hIZ79TLxcMkUULUkXU6OVaUAM9ePxDT46suN4DaE7KjpGKQNt-uhWWW_YgvhX-JI2yvrreZnaZLW6pKJI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=YnNDclhwbVMxT2V4Rm81&google_gid=CAESEOlsx63kSr83xl3GrZikmIE&google_cver=1&google_push=AehlK4B9UQXdUB-_2s1hIZ79TLxcMkUULUkXU6OVaUAM9ePxDT46suN4DaE7KjpGKQNt-uhWWW_YgvhX-JI2yvrreZnaZLW6pKJI

Request Chain 202

https://ads.travelaudience.com/google_pixel?google_gid=CAESEDGctGv6talpqIHP5f_WVJ0&google_cver=1&google_push=AehlK4AFuGD1QtRnxaJQcMLz6yf_SbmzulDjz8r8p37HnoVAFdTdrBEo9EM3Zlt9GCdBSbu7TfYqtKeTCkCnX-JPoAOP5m7G4uok HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=pjSfaPErRLKbrH47ZF4idg2&google_push=AehlK4AFuGD1QtRnxaJQcMLz6yf_SbmzulDjz8r8p37HnoVAFdTdrBEo9EM3Zlt9GCdBSbu7TfYqtKeTCkCnX-JPoAOP5m7G4uok

Request Chain 203

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEMjHlK834u-6d-u6hX3Q3_0&google_cver=1&google_push=AehlK4Cf5iYnhqA7mSO62hDPKmKdXQ5IwD9OI98-6kG7HllAMhBbbtBW_uWByrlch6Inorm6GpMJWXx-WiNfkT322_LLlWyEzFNq HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEMjHlK834u-6d-u6hX3Q3_0&google_cver=1&google_push=AehlK4Cf5iYnhqA7mSO62hDPKmKdXQ5IwD9OI98-6kG7HllAMhBbbtBW_uWByrlch6Inorm6GpMJWXx-WiNfkT322_LLlWyEzFNq HTTP 302
https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=d642bae2-72d8-4c75-a4c2-afef32f738b7&ssp=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4CZSdkdSIrG-0S0a2Xc7EMqdkcvq_HH7KFHm5NnMELrgEZV6bzQ9tA6pWIg_j1dBd-YI1wy4P9lPjjtym9OL36X4QfmbA&google_hm=DbSRmG_0TIKLYv_5GjWaQQ==

Request Chain 205

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEJUb2x_w6sofuejVB3T0aWU&google_cver=1&google_push=AehlK4AQIb_ZOZqof5wf8vFRUBNJePD0lDksPjLqUgtTIabAEq5DDnQ1FMxxvjLcp3rq0DG_qXEsT6k0-dSXcPy0BvqVPCg0o8JI HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AehlK4AQIb_ZOZqof5wf8vFRUBNJePD0lDksPjLqUgtTIabAEq5DDnQ1FMxxvjLcp3rq0DG_qXEsT6k0-dSXcPy0BvqVPCg0o8JI&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1658415642910 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-65f7c529-b0a3-4999-91ac-5781c301a959-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAehlK4AQIb_ZOZqof5wf8vFRUBNJePD0lDksPjLqUgtTIabAEq5DDnQ1FMxxvjLcp3rq0DG_qXEsT6k0-dSXcPy0BvqVPCg0o8JI%26google_hm%3DA2X3xSmwo0mZkaxXgcMBqVk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4AQIb_ZOZqof5wf8vFRUBNJePD0lDksPjLqUgtTIabAEq5DDnQ1FMxxvjLcp3rq0DG_qXEsT6k0-dSXcPy0BvqVPCg0o8JI&google_hm=A2X3xSmwo0mZkaxXgcMBqVk

Request Chain 206

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEJUsIJV1CfuwfmJDDRar3jA&google_cver=1&google_push=AehlK4AoRrGDiPrxVPFyu6bojShNP_CR_XigyK0hAtvR5eqVUDZGCw-wFeZqhnPafuobG6kAxTgpGn9wSUDttlVb0FYHZ1ct9SEI HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AehlK4AoRrGDiPrxVPFyu6bojShNP_CR_XigyK0hAtvR5eqVUDZGCw-wFeZqhnPafuobG6kAxTgpGn9wSUDttlVb0FYHZ1ct9SEI&google_gid=CAESEJUsIJV1CfuwfmJDDRar3jA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDIxMjk1NjYzNTExNjI1NDIwNzgzOQ%3D%3D&google_push=AehlK4AoRrGDiPrxVPFyu6bojShNP_CR_XigyK0hAtvR5eqVUDZGCw-wFeZqhnPafuobG6kAxTgpGn9wSUDttlVb0FYHZ1ct9SEI

Request Chain 215

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEIKcqwe4AHZ7R_B5uusZsX0&google_cver=1&google_push=AehlK4C2nKsTsZulGz49TDQmU7EgS31FE4HUz91q4-w3WP5bAcTNhLoaWjTWX0tnTqgGFZPO_SvPRgGG9_XRR7pEsDVVAKh2E6xH HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzEyMjg0MDk0OTg2MDI2ODE3Mw%3D%3D&google_push=AehlK4C2nKsTsZulGz49TDQmU7EgS31FE4HUz91q4-w3WP5bAcTNhLoaWjTWX0tnTqgGFZPO_SvPRgGG9_XRR7pEsDVVAKh2E6xH

Request Chain 216

https://ads.travelaudience.com/google_pixel?google_gid=CAESEDGctGv6talpqIHP5f_WVJ0&google_cver=1&google_push=AehlK4D7PHtjlhEcu9PbvFQDsdj7pmHZk9RcXGA-3Lg9J-0ELf_vjJIMO5QssVKs62mjq4ZbHb7ORklp34BpQZTBpzUmiFFX3S8n HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=KifziuM1QGqJZ_utFN7h2w2&google_push=AehlK4D7PHtjlhEcu9PbvFQDsdj7pmHZk9RcXGA-3Lg9J-0ELf_vjJIMO5QssVKs62mjq4ZbHb7ORklp34BpQZTBpzUmiFFX3S8n

Request Chain 217

https://match.360yield.com/match/ebda?google_gid=CAESEO8-OOZKoN7UAIlUoqRJPO8&google_cver=1&google_push=AehlK4DKNRnVPa7KAI-SFqd6cnHnuZgMXf-LF8JR3pD35sVpnfYf9pGTpS7YTGAYeFFA7agqnpjdu_urFocbzo02DRp9QbrBRdB_ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=YNaCAfZHSLKY8FEo8UdgSQ&google_push=AehlK4DKNRnVPa7KAI-SFqd6cnHnuZgMXf-LF8JR3pD35sVpnfYf9pGTpS7YTGAYeFFA7agqnpjdu_urFocbzo02DRp9QbrBRdB_

Request Chain 218

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEJ3nEhyKLLbOkZ6EkqrKCw0&google_cver=1&google_push=AehlK4Cq7G_4z0gDsY2iVT6y2d1OEI_hVfXGEg_4JaeWRCfiKqVFXzZhnYsA-5T_pnQlIYJUD_0c_8NJqgNi3qRpNfUrtLf6jRORhg HTTP 302
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEJ3nEhyKLLbOkZ6EkqrKCw0&google_cver=1&google_push=AehlK4Cq7G_4z0gDsY2iVT6y2d1OEI_hVfXGEg_4JaeWRCfiKqVFXzZhnYsA-5T_pnQlIYJUD_0c_8NJqgNi3qRpNfUrtLf6jRORhg&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1fWjNpQzB0RTJ1SEJLVkl3NFFfX1VrSGtMY2pjcUd1b35B&google_push=AehlK4Cq7G_4z0gDsY2iVT6y2d1OEI_hVfXGEg_4JaeWRCfiKqVFXzZhnYsA-5T_pnQlIYJUD_0c_8NJqgNi3qRpNfUrtLf6jRORhg

Request Chain 297

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF3Qxt6BKR0n1KoZRP0ufT4&google_cver=1

Request Chain 298

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YtlqGmNDH3nKuhWYH7btgAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF3Qxt6BKR0n1KoZRP0ufT4&google_cver=1

Request Chain 299

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEG5B75OWZaxQHOGm9nbZkc0&google_cver=1

Request Chain 300

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDUwMTgyMzU0OTcxMzMxMzYxNA%3D%3D

Request Chain 301

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF3Qxt6BKR0n1KoZRP0ufT4&google_cver=1

Request Chain 302

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YtlqGmNDH3nKuhWYH7btgAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF3Qxt6BKR0n1KoZRP0ufT4&google_cver=1

Request Chain 303

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEG5B75OWZaxQHOGm9nbZkc0&google_cver=1

Request Chain 304

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDUwMTgyMzU0OTcxMzMxMzYxNA%3D%3D

Request Chain 305

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF3Qxt6BKR0n1KoZRP0ufT4&google_cver=1

Request Chain 306

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YtlqGmNDH3nKuhWYH7btgAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF3Qxt6BKR0n1KoZRP0ufT4&google_cver=1

Request Chain 307

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEG5B75OWZaxQHOGm9nbZkc0&google_cver=1

Request Chain 308

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDUwMTgyMzU0OTcxMzMxMzYxNA%3D%3D

Request Chain 325

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEIndeHAqUB-nq52qF_oWNFM&google_cver=1&google_push=AehlK4BozTjRzsnBSV8a8082ZHh1n9m61bJB_MCj-_JRUezEY1eRxdgxcyBVsMrGA0Gpo-eVLzWvP4BkT9EX0xKx4gqnEsmIORc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzI3NTUyMzQ5MTE5Njk0MjcwNw==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEIndeHAqUB-nq52qF_oWNFM&google_cver=1

Request Chain 326

https://um.simpli.fi/gp_match?google_gid=CAESEGR2b2onSj-EGUKtmhqY1HE&google_cver=1&google_push=AehlK4DE--1wEYiGMNtNRcwBJFKNQLDmYSlAEVARcf5I5pFNwVCm787xLekam4x7FtkYdac8Z-4HVN30krKHlLsFKOThF1yrt6o HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C75506021E674776875B4E66779F354F&google_push=AehlK4DE--1wEYiGMNtNRcwBJFKNQLDmYSlAEVARcf5I5pFNwVCm787xLekam4x7FtkYdac8Z-4HVN30krKHlLsFKOThF1yrt6o

Request Chain 328

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEBFZ6m4QLVNyrxcW0JTYlp8&google_cver=1&google_push=AehlK4D31WIAtHtLFwATLWr_qvANof7wryVaItisY5NG91MwgSCagtf15H9Sq4lDXa6iE_kTXRA1f7AeSR-P-TOIo-7Eof7Olvk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzEyMjg0MDk0OTg2MDI2ODE3Mw%3D%3D&google_push=AehlK4D31WIAtHtLFwATLWr_qvANof7wryVaItisY5NG91MwgSCagtf15H9Sq4lDXa6iE_kTXRA1f7AeSR-P-TOIo-7Eof7Olvk

Request Chain 329

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEP1UntdQ1tBLrBfaIfiZvZA&google_cver=1&google_push=AehlK4CZSdkdSIrG-0S0a2Xc7EMqdkcvq_HH7KFHm5NnMELrgEZV6bzQ9tA6pWIg_j1dBd-YI1wy4P9lPjjtym9OL36X4QfmbA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4CZSdkdSIrG-0S0a2Xc7EMqdkcvq_HH7KFHm5NnMELrgEZV6bzQ9tA6pWIg_j1dBd-YI1wy4P9lPjjtym9OL36X4QfmbA&google_hm=DbSRmG_0TIKLYv_5GjWaQQ==

Request Chain 330

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEMopz3dhPvtKqu_MNFSWhxk&google_cver=1&google_push=AehlK4DMSXShRmVO-Nswep9qLD9ATRNEn1p6z7WwnckLWnwFpoXZeurbhi0KCXD0PqTARBHeGLP-WYR_6xSCFH1WrSlxtBkghxA HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEMopz3dhPvtKqu_MNFSWhxk&google_hm=YtlqGmNDH3nKuhWYH7btgAAABHkAAAIB&google_nid=index&google_push=AehlK4DMSXShRmVO-Nswep9qLD9ATRNEn1p6z7WwnckLWnwFpoXZeurbhi0KCXD0PqTARBHeGLP-WYR_6xSCFH1WrSlxtBkghxA

Request Chain 331

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESENZ6jylDytYj2ksboZgqhQo&google_cver=1&google_push=AehlK4ASsMJt5XM-ngkW4z3vSNeOidPcTO0yKg5ovbivXaygPmhHaQrf58OZiHXtlCusvDFQodw6716WvQCFPm9EEZTI-MRjR14 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AehlK4ASsMJt5XM-ngkW4z3vSNeOidPcTO0yKg5ovbivXaygPmhHaQrf58OZiHXtlCusvDFQodw6716WvQCFPm9EEZTI-MRjR14

Request Chain 348

https://d.adtriba.com/collect?atb_ptid=f65079e0&atb_dcaid=202202_es_ukraine_dv_pros_330033534&atb_dpuid=di_dv&gdpr=&gdpr_consent= HTTP 302
https://d.adtriba.com/px.gif

Request Chain 354

https://d.adtriba.com/collect?atb_ptid=f65079e0&atb_dcaid=202202_es_ukraine_dv_pros_330033534&atb_dpuid=di_dv&gdpr=&gdpr_consent= HTTP 302
https://d.adtriba.com/px.gif

Request Chain 358

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEIndeHAqUB-nq52qF_oWNFM&google_cver=1&google_push=AehlK4Be9f6lRkDeVaPMGzJbgh4aK2LQfd12fZS1N_fJ-KnCnl28VQUDc0qhLsniijK3r8PONRZrO0DuhNFZ1hvz8Vm3VlZC_gU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzI3NTUyMzQ5MTE5Njk0MjcwNw==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEIndeHAqUB-nq52qF_oWNFM&google_cver=1

Request Chain 359

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEFDXdNfwgssCJzHYnVcpl0k&google_cver=1&google_push=AehlK4ARkZ6g1_SxVsVXZWbrzEvUBowgqXRzDvsy9gndO6cYV2IQpQST11noH_8947Ugdu5cJgICzxHVRZgOUXKAw0c0GKjooQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEFDXdNfwgssCJzHYnVcpl0k&google_push=AehlK4ARkZ6g1_SxVsVXZWbrzEvUBowgqXRzDvsy9gndO6cYV2IQpQST11noH_8947Ugdu5cJgICzxHVRZgOUXKAw0c0GKjooQ

Request Chain 362

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEMxdfogvoxY0dRyjfrxRscc&google_cver=1&google_push=AehlK4CuaaL3IuUyIt72pu5_73H2ZI_zltOlf69HO-QvR2k_-mZjSSPxmoxzdgKLP_LQg1qCAQH0u-H1Pvn3f6Zv9I9VNoyiRek HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1fWjNpQzB0RTJ1SEJLVkl3NFFfX1VrSGtMY2pjcUd1b35B&google_push=AehlK4CuaaL3IuUyIt72pu5_73H2ZI_zltOlf69HO-QvR2k_-mZjSSPxmoxzdgKLP_LQg1qCAQH0u-H1Pvn3f6Zv9I9VNoyiRek

Request Chain 366

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEIndeHAqUB-nq52qF_oWNFM&google_cver=1&google_push=AehlK4BPprXQ7QD6TFK0hlifr2n573Fje43jjtmvcXN_1dL756dqfEiypPuxcdB9lrpPYH_7ntql1o1H2FUzMb9NwQt9VsfkUasurA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzI3NTUyMzQ5MTE5Njk0MjcwNw==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEIndeHAqUB-nq52qF_oWNFM&google_cver=1

Request Chain 368

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEGxTiiguw_AhH7PaAxzq7yE&google_cver=1&google_push=AehlK4CrLhbWRHCDLANNOh0FAZfAzyK1GGotW_Klw20lLH-qUPNP30QTqKiUUrNToeXjGDI8eniGKP0oJzFpLU6qIQDa7SFpfdOzpw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=YnNDclhwbVMxT2V4Rm81&google_gid=CAESEGxTiiguw_AhH7PaAxzq7yE&google_cver=1&google_push=AehlK4CrLhbWRHCDLANNOh0FAZfAzyK1GGotW_Klw20lLH-qUPNP30QTqKiUUrNToeXjGDI8eniGKP0oJzFpLU6qIQDa7SFpfdOzpw

Request Chain 369

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEKjhiKDUiW-hehSrnvkO1Qg&google_cver=1&google_push=AehlK4DsuOUed_yUZOmg5bySy0SEpIH4KOo2ERTjnZ5SOSGsa2oNv_ZWxNCXuUcpVDTEwWDKbqSxR8cF-cp6E4CNd5YAR6FHMrf_ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4DsuOUed_yUZOmg5bySy0SEpIH4KOo2ERTjnZ5SOSGsa2oNv_ZWxNCXuUcpVDTEwWDKbqSxR8cF-cp6E4CNd5YAR6FHMrf_

Request Chain 370

https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEKYVVy1uUSrKNHKW5ClxLaw&google_cver=1&google_push=AehlK4Dj9DRnQDbSoPyeM5LkkkIxeoLusIm_UXs02mEbvNGrTQxHisXVCRA_7402Mdx2JHRYmsc1SIhVdgBszwqpDtVmzuMEc9gdlg HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AehlK4Dj9DRnQDbSoPyeM5LkkkIxeoLusIm_UXs02mEbvNGrTQxHisXVCRA_7402Mdx2JHRYmsc1SIhVdgBszwqpDtVmzuMEc9gdlg&google_hm=hmLZahujVNKVbSSm2A&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D62D96A1BA354D2956D24A6D8BLIS

Request Chain 371

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEL6uzN8MtItH5d-4BDUJlpc&google_cver=1&google_push=AehlK4B2NOFeCZVR--aIYeoAFri4TN8_Bx-6rWgHdKGuy952WSpltf5fG7oBk-q2OZi5o2dVu_J1bQvvwzdL0isVwHT4l6nRPnqi HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVWNVVSNTEtUS1FWTdH&google_push=AehlK4B2NOFeCZVR--aIYeoAFri4TN8_Bx-6rWgHdKGuy952WSpltf5fG7oBk-q2OZi5o2dVu_J1bQvvwzdL0isVwHT4l6nRPnqi

Request Chain 376

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEDWnjKJOMO2R09ncXBBz7TE&google_cver=1&google_push=AehlK4AlAp0QOr6M1liaCkUWESJ0LDmZcdY_b8565ccIGvFd55TJUMmP76oQCHlilPxIHagrrCJXQNqz3HrtRYaIrC8Zpc0-uoO5_A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4AlAp0QOr6M1liaCkUWESJ0LDmZcdY_b8565ccIGvFd55TJUMmP76oQCHlilPxIHagrrCJXQNqz3HrtRYaIrC8Zpc0-uoO5_A&google_hm=Nzk5Nzg0OTgwNzA3Nzg0NTgzMQ%3D%3D

Request Chain 378

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEL6uzN8MtItH5d-4BDUJlpc&google_cver=1&google_push=AehlK4A5SfFPKw1SEFU-zMmBPy9q6-8SESlew-3lTsQ4vGIlF9jDvMJe9V60yum64_cz-sweC-DJq75py_21U953dLe_H8_x2KctiQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVWNVVSNTEtUS1FWTdH&google_push=AehlK4A5SfFPKw1SEFU-zMmBPy9q6-8SESlew-3lTsQ4vGIlF9jDvMJe9V60yum64_cz-sweC-DJq75py_21U953dLe_H8_x2KctiQ

Request Chain 379

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEG_IeqK0FVn_vYVMjVclmPU&google_cver=1&google_push=AehlK4CMgNSWel0Fk1L21cZNnO9HlrA3-1g11-9TcIq-lq8gnhwxkOC-f3dLx0ck0AgErsRjlqdJO6afk0YxpGH28j9nZ89oRBSDnQ HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEG_IeqK0FVn_vYVMjVclmPU&google_cver=1&google_push=AehlK4CMgNSWel0Fk1L21cZNnO9HlrA3-1g11-9TcIq-lq8gnhwxkOC-f3dLx0ck0AgErsRjlqdJO6afk0YxpGH28j9nZ89oRBSDnQ&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AehlK4CMgNSWel0Fk1L21cZNnO9HlrA3-1g11-9TcIq-lq8gnhwxkOC-f3dLx0ck0AgErsRjlqdJO6afk0YxpGH28j9nZ89oRBSDnQ&google_hm=FA2EpGZH3H9sMPAtRY6OPI-v

Request Chain 380

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESENWrCpmm5gdsh_VOhJUGRCA&google_cver=1&google_push=AehlK4CpSI4zln70onXKcF7Z3o1YmbAlV3LBM7qlKctt-GGyBSI7HDxcHYjqowoPKQU3gfIlAc-wXT1FZbawhfaRDtboPl6iqzqU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AehlK4CpSI4zln70onXKcF7Z3o1YmbAlV3LBM7qlKctt-GGyBSI7HDxcHYjqowoPKQU3gfIlAc-wXT1FZbawhfaRDtboPl6iqzqU

Request Chain 443

https://gum.criteo.com/sid/json?origin=publishertag&domain=walla.co.il&sn=ChromeSyncframe&so=0&topUrl=www.walla.co.il&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=snbfgXxXNFk1aHZpeWZqcUk3TGxLTEMwU2RpOXZ4VFloRHJHSGllemF1UlhHNnRPV1V1TXVCbjB1SEVRa2VsTHFxUG90MDExTko4WEYvZUtlcmYrR1Fuc1dId0R2ZW9DbjJCMXd3eEI4bjZ0UlFROEFXYjNnSjNIYW1iLzNURlorQmpUdTBZZnl1VFRYQWZITW52OWxUYVBtWnFCVTlDNW9iMU9GcnhPODlNQWJYSnRSUkh4WVFuUVdEZCtpNzh2VEdYMm9neXBNSGE5WlBPSzJHWHRzT2ZreE1HdGplNm9tWURtTjVZbmxNNlZ3Yzhyc3F4ejhnTGxSRFpXUGJZNS9ObGJzRWhYOEFtOXF1OWt6VEpNNzQ3UnRJZz09fA&cppv=2

Request Chain 444

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.walla.co.il%2F&domain=www.walla.co.il&cw=1&pbt=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=95V8pnxLMVhkUkpxTHNwckdpOFZ0RXNXWWVKcXlTYW4vdWR1UzJuUG8zMEs3cExXZzlvRnNvMEFVZ1BDUFhoVHNEZUVFeDhOdGJEOU5Mb1ROd0VLeXBJL1lQT0RoaEdkRTFEUWdUNDRFVk9FSHNkL3NrVnJJaUpHMytqcHVsQnhXNEFXd0l3Y1VUV1Uzd3JSWVhLdHlGaTFObGJtc1JxQ1g3TjdOMjY2R0pEWVRpT2xSTEpucFNCWENZMkw0THZCZXZxYklvc3ZSNkhVNHRXbkZPNnNhdndTdERWVDR4NnZWK25LOU1XRkxtOW12eDEwbi9NcldoSmpSWjd0THBxTXNFcXZRMUR6WjlVTFZRckNMejRBeEFMQktuZz09fA&cppv=2

Request Chain 464

https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 302
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=09b6e8fe602f87860209682331428310

Request Chain 467

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YtlqGmNDH3nKuhWYH7btgAAABHkAAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YtlqGmNDH3nKuhWYH7btgAAABHkAAAIB&dcc=t

Request Chain 475

https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid] HTTP 302
https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1

Request Chain 476

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVWNVVSNTEtUS1FWTdH

Request Chain 477

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=eilss2H9QQigwzj6ajauPQ&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=eilss2H9QQigwzj6ajauPQ

Request Chain 479

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=j42ckRgzSCOedTgK2hpXMw&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=j42ckRgzSCOedTgK2hpXMw

Request Chain 480

https://token.rubiconproject.com/token?pid=26594 HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L5V5UR51-Q-EY7G&sigv=1&esig=2~483cbf686cfd4ed62e5dd5909f988d15260907e7

Request Chain 481

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L5V5UR51-Q-EY7G

Request Chain 482

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGgO5ufW-5vqTlYFeUo0Wqs&google_cver=1

Request Chain 483

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjFmODZmZTBlZGUzNDFjMWQzYmQwNjgwM2ZmNTMwMjg0MjNkMzA3Mw

Request Chain 487

https://ssum-sec.casalemedia.com/usermatchredir?s=193216&cb=https://csync.smilewanted.com/set_partner_userid_get/indexexchange/ HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/indexexchange/YtlqGmNDH3nKuhWYH7btgAAA%261145

Request Chain 489

https://b1sync.zemanta.com/usersync/smilewanted?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Foutbrain%2F__ZUID__ HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0

Request Chain 490

https://csync.loopme.me/?redirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Floopme%2F%7Bdevice_id%7D&gdpr=0&gdpr_consent= HTTP 307
https://csync.smilewanted.com/set_partner_userid_get/loopme/01bfd919-eb5a-47c7-91d3-f456fe0904cd?gdpr_consent=null&gdpr=0

Request Chain 491

https://ups.analytics.yahoo.com/ups/58618/occ?gdpr=0&gdpr_consent= HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/yahoo/y-R8COq3tE2uEk28djeUmGoFfCYQmAHedgeWWnUOA-~A&gdpr=0&gdpr_consent=

Request Chain 492

https://u.openx.net/w/1.0/cm?id=158474f5-20ec-4fcc-8ba8-4c101c556b25&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fopenx%2F HTTP 302
https://u.openx.net/w/1.0/cm?cc=1&id=158474f5-20ec-4fcc-8ba8-4c101c556b25&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fopenx%2F HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/openx/88218977-7a02-4316-8132-0e11d03ff92b

491 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.walla.co.il/
Redirect Chain

http://walla.co.il/
https://walla.co.il/
https://www.walla.co.il/

617 KB
308 KB

278ms
43ms

Document
text/html

52.222.236.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-78.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: bfb624602cc9b9b1c26cbe01ff097ab676d2dbf6d1699bae285e52ade3c04ad2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 24
cache-control: public, max-age=30
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 21 Jul 2022 15:00:15 GMT
etag: W/"9a307-qG5Sb1G56LTpY5HltwLKhTC6lKk"
server: openresty/1.15.8.1
vary: Accept-Encoding
via: 1.1 9987fa8ab620895e83d1d8f10c40f6d2.cloudfront.net (CloudFront)
x-amz-cf-id: _tVNhjBAQUEsVFkmlJQYEERjQTcxN23SEWVnc8-iYnbxjcZcqMi-Bw==
x-amz-cf-pop: FRA56-P4
x-cache: Hit from cloudfront
x-cached: HIT

Redirect headers

age: 4178
content-length: 0
date: Thu, 21 Jul 2022 13:51:02 GMT
location: https://www.walla.co.il/
server: AmazonS3
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
x-amz-cf-id: eX0oVxzWXGLzIqGuQK9GeDvPzq9l5cU48M0mJqYlwZxIxvv9ubWzpw==
x-amz-cf-pop: FRA56-P2
x-cache: Hit from cloudfront

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 82 KB
28 KB 129ms
45ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62bd8f903d191dce795d7e7529ebf32b3a9b21a6297db99270e57b6eaccdff10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28354
x-xss-protection: 0
server: sffe
etag: "1279 / 238 of 1000 / last-modified: 1658401751"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 21 Jul 2022 15:00:39 GMT

GET
H2 200 chartbeat_mab.js Show response
static.chartbeat.com/js/ 23 KB
10 KB 146ms
40ms Script
application/x-javascript 2600:9000:223c:a400:18:1fcd:351:7bc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_mab.js
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:a400:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 13:03:59 GMT
content-encoding: gzip
last-modified: Wed, 20 Jul 2022 00:57:56 GMT
server: nginx
age: 7000
etag: W/"62d75314-5d6b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 7ed0982309781d390a105a3ead66dbfa.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: Q0u_VBfRGH8wD1j49aNOgrRhv58toqM9REmmgIWehWOHaypyodS7SQ==
expires: Thu, 21 Jul 2022 15:03:59 GMT

GET
H2 200 new-logo-mobile.svg
www.walla.co.il/public/assets/homepage2/ 1 KB
965 B 38ms
38ms Image
image/svg+xml 52.222.236.78
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/homepage2/new-logo-mobile.svg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-78.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: a1cb876b8d4ac161aa3960063801ce2a3e1f893863524b9132de74867fe9d16b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 13:46:18 GMT
content-encoding: gzip
last-modified: Thu, 21 Jul 2022 13:29:46 GMT
server: openresty/1.15.8.1
age: 4461
etag: W/"473-18220f33510"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 9987fa8ab620895e83d1d8f10c40f6d2.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: 1d3-EiIN6b3boWQ4qX7vbtPmCIAffr5NsmbQY-rjGvupJsilzZ0OVA==
x-cached: MISS

GET
H2 200 icon-weather-mobile.svg
www.walla.co.il/public/assets/icons/ 2 KB
1 KB 37ms
37ms Image
image/svg+xml 52.222.236.78
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/icons/icon-weather-mobile.svg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-78.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: fd3121a04a4b745f71058c38f7902b207de37f86aa3a9674eda80a2baf366382

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 13:46:17 GMT
content-encoding: gzip
last-modified: Thu, 21 Jul 2022 13:29:46 GMT
server: openresty/1.15.8.1
age: 4462
etag: W/"7ee-18220f33510"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 9987fa8ab620895e83d1d8f10c40f6d2.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: l_1NZ3iFVbEVW7dRaEzfjJnk-jITypPPGf4jbYibAKD374RYnUaJ6g==
x-cached: MISS

GET
H2 200 icon-mail-no-bg.svg
www.walla.co.il/public/assets/homepage2/ 464 B
822 B 37ms
37ms Image
image/svg+xml 52.222.236.78
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/homepage2/icon-mail-no-bg.svg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-78.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 50795dddaa17612e809ddf339489bc1fdff6f7bcc76115ba6eeb17eccb68eb47

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 13:46:17 GMT
via: 1.1 9987fa8ab620895e83d1d8f10c40f6d2.cloudfront.net (CloudFront)
last-modified: Thu, 21 Jul 2022 13:29:46 GMT
server: openresty/1.15.8.1
age: 4461
etag: W/"1d0-18220f33510"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
content-length: 464
x-cached: MISS
x-amz-cf-id: 2qkPyqHAO5_MLU4_eogTktrb0mGdGNSMgHsEKxwhj4CfZcy0ZGfJcA==

GET
H2 200 new-logo.svg
www.walla.co.il/public/assets/homepage2/ 1 KB
991 B 37ms
37ms Image
image/svg+xml 52.222.236.78
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/homepage2/new-logo.svg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-78.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: a0321d7f4006d1ef24eb6f33f7252ab8bcbb9237a56c49aad5abe30b085ae3fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 13:46:17 GMT
content-encoding: gzip
last-modified: Thu, 21 Jul 2022 13:29:46 GMT
server: openresty/1.15.8.1
age: 4462
etag: W/"492-18220f33510"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 9987fa8ab620895e83d1d8f10c40f6d2.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: IXEZO-8ZvK-UAjXCJgHVlftnX_3OzGtpg3bKfSV5gjL8AXij2D6Eyw==
x-cached: MISS

GET
H2 200 yad2.png
www.walla.co.il/public/assets/icons/ 1 KB
1 KB 37ms
37ms Image
image/png 52.222.236.78
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/icons/yad2.png
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-78.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: a374b60100f2559a33f142d53bf332d5efad58e505683bff5cf0523abacc0274

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 13:46:17 GMT
via: 1.1 9987fa8ab620895e83d1d8f10c40f6d2.cloudfront.net (CloudFront)
last-modified: Thu, 21 Jul 2022 13:29:46 GMT
server: openresty/1.15.8.1
age: 4462
etag: W/"488-18220f33510"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
content-length: 1160
x-cached: MISS
x-amz-cf-id: 31GiJzagPsQXh11XK-lv451lKLxVKxsqoOJH4UxfTLLjfB8RJF8rjw==

GET
H2 200 103fm.png
www.walla.co.il/public/assets/homepage2/radio-stations/ 895 B
1 KB 37ms
37ms Image
image/png 52.222.236.78
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/homepage2/radio-stations/103fm.png
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-78.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: e28df0d1ecf0a67bfe7db32c3aafada6f839721734581e6a36cd5a5fcdf55fdb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 13:46:18 GMT
via: 1.1 9987fa8ab620895e83d1d8f10c40f6d2.cloudfront.net (CloudFront)
last-modified: Thu, 21 Jul 2022 13:29:46 GMT
server: openresty/1.15.8.1
age: 4461
etag: W/"37f-18220f33510"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
content-length: 895
x-cached: MISS
x-amz-cf-id: l9KVEztZsRY97-bH4AgQlcxKOFEJt24iW4J_QNS6PCkmfkLBMx_H6g==

GET
H2 200 99fm.png
www.walla.co.il/public/assets/homepage2/radio-stations/ 933 B
1 KB 38ms
37ms Image
image/png 52.222.236.78
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/homepage2/radio-stations/99fm.png
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-78.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 3008b4354e1b60f29f320cfa65b9725167ad632656392673a4785d836bf3f14d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 13:46:18 GMT
via: 1.1 9987fa8ab620895e83d1d8f10c40f6d2.cloudfront.net (CloudFront)
last-modified: Thu, 21 Jul 2022 13:29:46 GMT
server: openresty/1.15.8.1
age: 4461
etag: W/"3a5-18220f33510"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
content-length: 933
x-cached: MISS
x-amz-cf-id: 6VdJawQmZ-P6j48VqZVVNXfjQ2JKa_9rrqyI8PxWlFKe_D4NBCn4VA==

GET
H2 200 3290903-46.png
images.wcdn.co.il/f_auto,q_auto,w_300,t_100/3/2/9/0/ 7 KB
8 KB 129ms
42ms Image
image/avif 18.66.122.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wcdn.co.il/f_auto,q_auto,w_300,t_100/3/2/9/0/3290903-46.png
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-88.fra60.r.cloudfront.net
Software: cloudinary /
Resource Hash: 93f4c8c43ab35418ebde3ee110ceec788e03d6b90a250ab01d84daffb5892e48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 04:54:22 GMT
via: 1.1 varnish, 1.1 1b3f5dc0b3c577dc5e7394bf12aed238.cloudfront.net (CloudFront)
age: 36377
edge-cache-tag: 266630752751827266064544189755700403331,134119208106065605577453037400131398643,d2bce9e04f88d43dd8350e859c701704
cache-tag: 266630752751827266064544189755700403331,134119208106065605577453037400131398643,d2bce9e04f88d43dd8350e859c701704
status: 200 OK
x-cache: Hit from cloudfront
content-length: 7483
x-request-id: eb533d5be97f106fd701b786480e39c2
x-served-by: cache-iad-kiad7000122-IAD
last-modified: Thu, 21 Jul 2022 04:54:23 GMT
server: cloudinary
x-timer: S1658379262.160037,VS0,VE725
etag: "cc3073a6adc314e4f9aac402c22f3d97"
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: i6wbWNN2ydFotLsl5SEfKM255ygLGOrB9AAY1c-nMTAJnAT8zj3qzA==
x-cache-hits: 0

GET
H2 200 3403643-46.jpeg
images.wcdn.co.il/f_auto,q_auto,w_100,t_53/3/4/0/3/ 2 KB
3 KB 126ms
44ms Image
image/avif 18.66.122.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wcdn.co.il/f_auto,q_auto,w_100,t_53/3/4/0/3/3403643-46.jpeg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-88.fra60.r.cloudfront.net
Software: cloudinary /
Resource Hash: 4bed57664774b94062768bcd69000a77972308c60e1abab556ec44430db43bde

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 04:54:23 GMT
via: 1.1 varnish, 1.1 1b3f5dc0b3c577dc5e7394bf12aed238.cloudfront.net (CloudFront)
age: 36376
edge-cache-tag: 247998387347212588019629173717594149125,306203375693801197655716570686984313563,d2bce9e04f88d43dd8350e859c701704
cache-tag: 247998387347212588019629173717594149125,306203375693801197655716570686984313563,d2bce9e04f88d43dd8350e859c701704
status: 200 OK
x-cache: Hit from cloudfront
content-length: 2334
x-request-id: f6f8fb679d43bc41e56f4aa0f8b60887
x-served-by: cache-iad-kiad7000162-IAD
last-modified: Thu, 21 Jul 2022 04:54:24 GMT
server: cloudinary
x-timer: S1658379262.276877,VS0,VE742
etag: "5984fc71c93de4dfb54cbcce2d9d918a"
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: DL4djretq3z-KQ530RcsrrK0IA4xIwUccKYcvy6QWsrk_-OwFSzZxQ==
x-cache-hits: 0

GET
H2 200 2996865-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_100,t_53/2/9/9/6/ 2 KB
3 KB 109ms
48ms Image
image/avif 18.66.122.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wcdn.co.il/f_auto,q_auto,w_100,t_53/2/9/9/6/2996865-46.jpg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-88.fra60.r.cloudfront.net
Software: cloudinary /
Resource Hash: cd9cf15ee83092e5028e20a2d35597203528fd3e56ac27636b97e39e5fca02b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 04:24:02 GMT
via: 1.1 varnish, 1.1 1b3f5dc0b3c577dc5e7394bf12aed238.cloudfront.net (CloudFront)
age: 124596
edge-cache-tag: 169049671291686628741114834761647337608,126791851644153346182560705225699570347,d2bce9e04f88d43dd8350e859c701704
cache-tag: 169049671291686628741114834761647337608,126791851644153346182560705225699570347,d2bce9e04f88d43dd8350e859c701704
status: 200 OK
x-cache: Hit from cloudfront
content-length: 2193
x-request-id: 97386eab49c6a3cfc7b5b26284de7541
x-served-by: cache-iad-kiad7000124-IAD
last-modified: Wed, 20 Jul 2022 04:24:03 GMT
server: cloudinary
x-timer: S1658291041.873582,VS0,VE2126
etag: "e22b4632b7a8efe48974b66e81051ca1"
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: c217fszNI-lxAd25HWi8tPFtu3QbDUGDEzZHmM1Mke4BR4medHDrlQ==
x-cache-hits: 0

GET
H2 200 3315097-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/3/1/5/ 4 KB
5 KB 107ms
47ms Image
image/avif 18.66.122.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/3/1/5/3315097-46.jpg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-88.fra60.r.cloudfront.net
Software: cloudinary /
Resource Hash: 05b8108f6a09aba29cf7a87316797093cf922bde8f9880e7414793c761b98936

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 09:23:31 GMT
via: 1.1 varnish, 1.1 1b3f5dc0b3c577dc5e7394bf12aed238.cloudfront.net (CloudFront)
age: 1402628
edge-cache-tag: 119195674468759028470984493825608972791,212496020108147977840311483917559093332,d2bce9e04f88d43dd8350e859c701704
cache-tag: 119195674468759028470984493825608972791,212496020108147977840311483917559093332,d2bce9e04f88d43dd8350e859c701704
x-cache: Hit from cloudfront
content-length: 4233
x-served-by: cache-iad-kjyo7100046-IAD
last-modified: Wed, 01 Jun 2022 10:21:58 GMT
server: cloudinary
x-timer: S1657013012.525347,VS0,VE1
etag: "fce5f66160d266aa8eada150c4cb090f"
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: D-617l7l2tWg6AOWumDKkjTGi7xQQVkqHNeVPs7sacHRxQe4QVuHmg==
x-cache-hits: 1

GET
H2 200 wallashops_logo.png
www.walla.co.il/public/assets/icons/homepage/ 5 KB
5 KB 40ms
38ms Image
image/png 52.222.236.78
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/icons/homepage/wallashops_logo.png
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-78.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: e7d98427ffa023f8246a0cdccf386c034f6006c5a32f7d16398c8a588b2950c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 13:46:17 GMT
via: 1.1 9987fa8ab620895e83d1d8f10c40f6d2.cloudfront.net (CloudFront)
last-modified: Thu, 21 Jul 2022 13:29:46 GMT
server: openresty/1.15.8.1
age: 4462
etag: W/"125f-18220f33510"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
content-length: 4703
x-cached: MISS
x-amz-cf-id: 4K1-dNzMtX-vaNOhzhSnjW-5vaTW4MBXvgVkBx8zN8nh4mMFNM2I6A==

GET
H2 200 mishpati.png
www.walla.co.il/public/assets/icons/homepage/ 4 KB
4 KB 41ms
38ms Image
image/png 52.222.236.78
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/icons/homepage/mishpati.png
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-78.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 03baca21d7a98bc118436bcb698ecaafefff81373d472afdf259fdfe3f5c1a03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 13:46:17 GMT
via: 1.1 9987fa8ab620895e83d1d8f10c40f6d2.cloudfront.net (CloudFront)
last-modified: Thu, 21 Jul 2022 13:29:46 GMT
server: openresty/1.15.8.1
age: 4462
etag: W/"f8c-18220f33510"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
content-length: 3980
x-cached: MISS
x-amz-cf-id: V8NdMjEp8WWxvk8YzK4PwCsPiYAADIRrARt1RuA5iuVj25N-f7_Mng==

GET
H2 200 3329203-46.png
img.wcdn.co.il/f_auto,w_66/3/3/2/9/ 732 B
1 KB 129ms
38ms Image
image/png 52.222.214.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.wcdn.co.il/f_auto,w_66/3/3/2/9/3329203-46.png
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-80.fra56.r.cloudfront.net
Software: cloudinary /
Resource Hash: de6bf035e9195f0b9f69ddc8a8a0431deaa22504c56412d03dd103beb35ab2d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 26 May 2022 09:44:28 GMT
via: 1.1 varnish, 1.1 8af5231b014ab5e8c35000dd4cf4b68c.cloudfront.net (CloudFront)
age: 4857371
edge-cache-tag: 315444705734958248972687902270172938779,275138840448101508428674266858349850681,d2bce9e04f88d43dd8350e859c701704
cache-tag: 315444705734958248972687902270172938779,275138840448101508428674266858349850681,d2bce9e04f88d43dd8350e859c701704
x-cache: Hit from cloudfront
content-length: 732
x-served-by: cache-iad-kiad7000034-IAD
last-modified: Mon, 03 Jan 2022 09:47:54 GMT
server: cloudinary
x-timer: S1653558268.473317,VS0,VE1
etag: "79624ac971cffa490d9827a952393183"
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: UxzMJltgYLoclQY1HkU2i3sq5xDKwd20lKMQdUpSUxx5MnNGq3khgg==
x-cache-hits: 1

GET
H2 200 career.jpg
www.walla.co.il/public/assets/icons/homepage/ 3 KB
3 KB 41ms
38ms Image
image/jpeg 52.222.236.78
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/icons/homepage/career.jpg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-78.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: edd4d9c515c398baf420a025641816721bdc7f67945144fe15a1058f6c75e667

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 13:46:17 GMT
via: 1.1 9987fa8ab620895e83d1d8f10c40f6d2.cloudfront.net (CloudFront)
last-modified: Thu, 21 Jul 2022 13:29:46 GMT
server: openresty/1.15.8.1
age: 4462
etag: W/"be7-18220f33510"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
content-length: 3047
x-cached: MISS
x-amz-cf-id: VSaVcdBDKRR-nijGU8bCc8lBNBse8n5cRmEDw4V40eYZOjFjY7FgZQ==

GET
H2 200 mazaltov-logo-new.png
www.walla.co.il/public/assets/icons/homepage/ 2 KB
3 KB 41ms
39ms Image
image/png 52.222.236.78
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/icons/homepage/mazaltov-logo-new.png
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-78.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 9c2fff24329f1fe904135f52256900469efd1e77ae3da4b0f528094cd2123e1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 13:46:17 GMT
via: 1.1 9987fa8ab620895e83d1d8f10c40f6d2.cloudfront.net (CloudFront)
last-modified: Thu, 21 Jul 2022 13:29:46 GMT
server: openresty/1.15.8.1
age: 4462
etag: W/"9ce-18220f33510"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
content-length: 2510
x-cached: MISS
x-amz-cf-id: quRQibu32sWHWncJlNa4cZZX_cHix0Xdwr6UamLCE-L6QBXSBupmLA==

GET
H2 200 new-logo-walla-negativ.png
www.walla.co.il/public/assets/icons/ 636 B
991 B 61ms
59ms Image
image/png 52.222.236.78
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/icons/new-logo-walla-negativ.png
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-78.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: f6a69ae74374cd68efa0256c89a99d1cccbb7095e33ffb88d1ae54ee900d4741

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 13:46:17 GMT
via: 1.1 9987fa8ab620895e83d1d8f10c40f6d2.cloudfront.net (CloudFront)
last-modified: Thu, 21 Jul 2022 13:29:46 GMT
server: openresty/1.15.8.1
age: 4462
etag: W/"27c-18220f33510"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
content-length: 636
x-cached: MISS
x-amz-cf-id: gYRg01YZIn4NwyVLznpk43L5LxA3Q-VRJP3U1PzmWQZ792OU_ICWQw==

GET
H2 200 148_248b4149632420b886ad_248b4149632420b886ad_walla.js Show response
www.walla.co.il/public/ 11 KB
4 KB 41ms
39ms Script
application/javascript 52.222.236.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.walla.co.il/public/148_248b4149632420b886ad_248b4149632420b886ad_walla.js
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-78.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: bdf39a7fddcfb048c35c871282ce0f1de7866e18be3cf1353da9262b509fa0e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 13:46:17 GMT
content-encoding: gzip
last-modified: Thu, 21 Jul 2022 13:32:07 GMT
server: openresty/1.15.8.1
age: 4462
etag: W/"2b34-18220f55bd8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 9987fa8ab620895e83d1d8f10c40f6d2.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: jPfQP8k7hGjI9uBMHz5ifYDukEIJWsKGFH0TipCfglRbfjsIXSbNcQ==
x-cached: MISS

GET
H2 200 218_ecead03b6da4e81fa118_ecead03b6da4e81fa118_walla.js Show response
www.walla.co.il/public/ 307 KB
100 KB 62ms
60ms Script
application/javascript 52.222.236.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.walla.co.il/public/218_ecead03b6da4e81fa118_ecead03b6da4e81fa118_walla.js
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-78.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: ebe404ff7f3ac7c25c55e4d8459d5fb7d1084de6f770852251235eaa52556d77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 13:46:17 GMT
content-encoding: gzip
last-modified: Thu, 21 Jul 2022 13:32:07 GMT
server: openresty/1.15.8.1
age: 4462
etag: W/"4cc3c-18220f55bd8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 9987fa8ab620895e83d1d8f10c40f6d2.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: KqUFS8vxZBkJrIjoiZ2PerjEGGwYtUfPtGKmR5SySZlXXlDHJBh5VQ==
x-cached: MISS

GET
H2 200 main_d565d4d0084d58c3fa7c_d565d4d0084d58c3fa7c_walla.js Show response
www.walla.co.il/public/ 1 MB
247 KB 42ms
40ms Script
application/javascript 52.222.236.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.walla.co.il/public/main_d565d4d0084d58c3fa7c_d565d4d0084d58c3fa7c_walla.js
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-78.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 0000a576797e8ba6510bb9e6c7248d1d29807caae4780a7ac61cbd56754572f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 13:46:17 GMT
content-encoding: gzip
last-modified: Thu, 21 Jul 2022 13:32:07 GMT
server: openresty/1.15.8.1
age: 4462
etag: W/"10f722-18220f55bd8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 9987fa8ab620895e83d1d8f10c40f6d2.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: 1TPDBnTT55m2klS5d2uJAmIXM8gWEtgVorDpXWDQHIsdyv8N5N8ovQ==
x-cached: MISS

GET
H2 200 homepage_928450787428e69425db_928450787428e69425db_walla.js Show response
www.walla.co.il/public/ 240 KB
51 KB 62ms
61ms Script
application/javascript 52.222.236.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.walla.co.il/public/homepage_928450787428e69425db_928450787428e69425db_walla.js
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-78.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: d8958861692d6ba7c37409c269789eb24b3ece3e8ad8fdaa36ca44e19925af99

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 13:46:17 GMT
content-encoding: gzip
last-modified: Thu, 21 Jul 2022 13:32:07 GMT
server: openresty/1.15.8.1
age: 4462
etag: W/"3c067-18220f55bd8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 9987fa8ab620895e83d1d8f10c40f6d2.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: RocVWHwD6B8m9PP_THdaPIoNUTIbAsQpJ-Bf5R6caNfAK4wtwhEIeQ==
x-cached: MISS

GET
H2 200 pubads_impl_2022071801.js Show response
securepubads.g.doubleclick.net/gpt/ 377 KB
129 KB 124ms
40ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071801.js?cb=31068544

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f761aab3bf051efa97b8361efb44ec6aeab54bbdd9605bf673c401164fc9a21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Thu, 21 Jul 2022 09:41:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19129
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131644
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 08:35:47 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 21 Jul 2023 09:41:50 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 905 B
933 B 129ms
46ms XHR
application/json 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.walla.co.il

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9f6af34cbf74347cc35ce04835485b5d4bb48bb961134c12396d8ff30d65821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 21 Jul 2022 15:00:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 296
x-xss-protection: 0
expires: Thu, 21 Jul 2022 15:00:39 GMT

GET
H/1.1 200
OK walla-v2-prod.js Show response
cdn.valuad.cloud/hb/ 964 KB
263 KB 206ms
59ms Script
application/javascript 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1658361600000

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

b15e14f83263ed7eefc1d9e17d95dbf691ed652af5ebfc451b9523d71e0f942c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Thu, 21 Jul 2022 15:00:40 GMT
Content-Encoding: gzip
Connection: Keep-Alive
Last-Modified: Tue, 19 Jul 2022 07:53:53 GMT
x-amz-request-id: tx00000000000003ffa7197-0062d93fd9-280ab81f-fra1a
etag: "7ea4f54b179c7c564e341bace28bca32"
Vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW: 1658415639.dop016.fr8.t,1658415639.cds055.fr8.shn,1658415640.dop016.fr8.t,1658415640.cds288.fr8.c
Content-Type: application/javascript
cache-control: public, max-age=86400
x-rgw-object-type: Normal
strict-transport-security: max-age=15552000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 269147

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 384 KB
76 KB 200ms
116ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T728TH

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3a21257ad24dfde51a859043834b9c300e91f75d9df1cefbc0d15446c1fedc4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:39 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 77372
x-xss-protection: 0
expires: Thu, 21 Jul 2022 15:00:39 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 476 KB
69 KB 131ms
47ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WGMK7ZS

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a0ee015b43227686db9a781169833156cadfacf211ee0689cafa5c192c447e2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:39 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69982
x-xss-protection: 0
expires: Thu, 21 Jul 2022 15:00:39 GMT

GET
H2 200 wallawb.js Show response
cf.dxmcdn.com/dta/ 4 KB
2 KB 138ms
39ms Script
application/javascript 2600:9000:2240:e00:11:da61:a100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cf.dxmcdn.com/dta/wallawb.js
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:e00:11:da61:a100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 94c0a6a1ca27813a96c8286b7e1e6dee5b6af23babad416606784366748417b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id: qZmD6iSiSNKopHEgv3XRn4Et4epkBb1Z
content-encoding: gzip
last-modified: Sun, 29 May 2022 13:46:35 GMT
server: AmazonS3
age: 42638
etag: W/"c6a8b1a7ee5ce83efe089c14c99eefad"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 0dec5f752f0f332c449471a83f050dd2.cloudfront.net (CloudFront)
date: Thu, 21 Jul 2022 03:10:43 GMT
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: aFgLmdWJevWGhq7WqMkyJdRi0yEhMOEfUbOKXFIvtTwhqhjQKSycEA==

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 37 KB
15 KB 44ms
43ms Script
application/x-javascript 2600:9000:223c:a400:18:1fcd:351:7bc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:a400:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 300706e57de1a7af148bd670379c4b39bb36dda8160e42d92747a3139af37816

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 14:51:14 GMT
content-encoding: gzip
last-modified: Wed, 20 Jul 2022 00:50:34 GMT
server: nginx
age: 565
etag: W/"62d7515a-933f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 7ed0982309781d390a105a3ead66dbfa.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: 2gQ1sfaXxUydrXYJclGUQHysaPqpDrJIQy5CtSE9lxafPJxJ7VPE1g==
expires: Thu, 21 Jul 2022 16:51:14 GMT

GET
H2 200 google.gif
www.walla.co.il/public/assets/icons/ 1 KB
2 KB 75ms
74ms Image
image/gif 52.222.236.78
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/icons/google.gif
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-78.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: a9556451882c7b86d689ee82a86c2b360cf0acea6d92a4165c80054371e52336

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 13:46:17 GMT
via: 1.1 9987fa8ab620895e83d1d8f10c40f6d2.cloudfront.net (CloudFront)
last-modified: Thu, 21 Jul 2022 13:29:46 GMT
server: openresty/1.15.8.1
age: 4462
etag: W/"5b6-18220f33510"
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
content-length: 1462
x-cached: MISS
x-amz-cf-id: SfqSbxj3P-dx906KtCHSvWilshKsFta52LLLnidDbgpptW8mojJH_Q==

GET
H2 200 icon-serch.svg
www.walla.co.il/public/assets/homepage2/ 743 B
1 KB 81ms
80ms Image
image/svg+xml 52.222.236.78
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/homepage2/icon-serch.svg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-78.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: b7ee2e2c1f36198a263d4d442d6752e78d61fecd54473cb5c1c3dbb8b6053817

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 13:46:17 GMT
via: 1.1 9987fa8ab620895e83d1d8f10c40f6d2.cloudfront.net (CloudFront)
last-modified: Thu, 21 Jul 2022 13:29:46 GMT
server: openresty/1.15.8.1
age: 4462
etag: W/"2e7-18220f33510"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
content-length: 743
x-cached: MISS
x-amz-cf-id: Ja37UzS4PYX8R55W_xUOCBGFQLO-qLWpf1T5gYgUvRS_CgWeVBzGvQ==

GET
H2 200 icon-gift.svg
www.walla.co.il/public/assets/icons/ 2 KB
1 KB 77ms
76ms Image
image/svg+xml 52.222.236.78
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/icons/icon-gift.svg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-78.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: e95400057dd7ae4a125105d074c3fe47e9d4a9ed6ba9d66eef4fedca0ba376f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 13:46:17 GMT
content-encoding: gzip
last-modified: Thu, 21 Jul 2022 13:29:46 GMT
server: openresty/1.15.8.1
age: 4462
etag: W/"723-18220f33510"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 9987fa8ab620895e83d1d8f10c40f6d2.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: NN5QOWH0_NFZ-pZgpPLmHZPR9jDGWDoOvDWjwZlEgI4Fv7Yyy8_kbA==
x-cached: MISS

GET
H2 200 icon-wather.svg
www.walla.co.il/public/assets/icons/ 2 KB
1 KB 80ms
79ms Image
image/svg+xml 52.222.236.78
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/icons/icon-wather.svg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-78.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: c2095f6920579eb6938ef2ddecc5652d5a9557555a32b019969e329a93731897

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 13:46:17 GMT
content-encoding: gzip
last-modified: Thu, 21 Jul 2022 13:29:46 GMT
server: openresty/1.15.8.1
age: 4462
etag: W/"85c-18220f33510"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 9987fa8ab620895e83d1d8f10c40f6d2.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: eq7yJubyVPIA_HjtTqYD1Q0wDvwMrgtEekWywvmUAMliDKoaiogoIw==
x-cached: MISS

GET
H2 200 icon-mail-empty.svg
www.walla.co.il/public/assets/homepage2/ 1 KB
1 KB 77ms
77ms Image
image/svg+xml 52.222.236.78
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/homepage2/icon-mail-empty.svg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-78.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 56dc3f20e9bfd5faaa6cb74b9e2b1c4f6ef120732aa1f111b56e988123800fbd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 13:46:17 GMT
content-encoding: gzip
last-modified: Thu, 21 Jul 2022 13:29:46 GMT
server: openresty/1.15.8.1
age: 4462
etag: W/"5f6-18220f33510"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 9987fa8ab620895e83d1d8f10c40f6d2.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: ErkW-NmNMeQXVlHbkur9tqKUbNRA0AFAeP9_6wTyHk2ZEDb6-dDI2A==
x-cached: MISS

GET
H2 200 almoni-neue-aaa-600.woff
www.walla.co.il/public/font/almoni/ 58 KB
59 KB 75ms
75ms Font
font/woff 52.222.236.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.walla.co.il/public/font/almoni/almoni-neue-aaa-600.woff
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-78.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 963bd10345f70bf05d8735d5e33a7586d1c4b5e8a5b45861d36febe8be0d9af8

Request headers

Referer: https://www.walla.co.il/
Origin: https://www.walla.co.il
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 13:46:17 GMT
via: 1.1 9987fa8ab620895e83d1d8f10c40f6d2.cloudfront.net (CloudFront)
last-modified: Thu, 21 Jul 2022 13:29:46 GMT
server: openresty/1.15.8.1
age: 4462
etag: W/"e954-18220f33510"
x-cache: Hit from cloudfront
content-type: font/woff
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
content-length: 59732
x-cached: MISS
x-amz-cf-id: wbhOAOJgOVlXtVbTYK5l4hYuLGt5FqtzpCqOfZeWu7j63Ci5Kly9Jg==

GET
H2 200 smoplotag_hp.html Show response
www.walla.co.il/public/ads/ Frame B180 5 KB
2 KB 59ms
59ms Document
text/html 52.222.236.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.walla.co.il/public/ads/smoplotag_hp.html?nocache=1
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-78.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 993218cea406315804949bf9d90d6ae36d18e0f992da19985ad3887191383305

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 4462
cache-control: public, max-age=2592000
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 21 Jul 2022 13:46:17 GMT
etag: W/"14ba-18220f33510"
last-modified: Thu, 21 Jul 2022 13:29:46 GMT
server: openresty/1.15.8.1
vary: Accept-Encoding
via: 1.1 9987fa8ab620895e83d1d8f10c40f6d2.cloudfront.net (CloudFront)
x-amz-cf-id: zvA55m-UYek-Wr18q8Ucmwfz8q6GaO_baxwOd7RTcBFsawOxrB1jaA==
x-amz-cf-pop: FRA56-P4
x-cache: Hit from cloudfront
x-cached: MISS

GET
H2 200 smoplotag_hp.html Show response
www.walla.co.il/public/ads/ Frame 4E03 5 KB
2 KB 57ms
57ms Document
text/html 52.222.236.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.walla.co.il/public/ads/smoplotag_hp.html?nocache=1
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-78.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 993218cea406315804949bf9d90d6ae36d18e0f992da19985ad3887191383305

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 4462
cache-control: public, max-age=2592000
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 21 Jul 2022 13:46:17 GMT
etag: W/"14ba-18220f33510"
last-modified: Thu, 21 Jul 2022 13:29:46 GMT
server: openresty/1.15.8.1
vary: Accept-Encoding
via: 1.1 9987fa8ab620895e83d1d8f10c40f6d2.cloudfront.net (CloudFront)
x-amz-cf-id: 3nzA50i13Ygq_kpWGUZecb6R8lUKee4rd9em5hvyeP9tfTSGP7_K9Q==
x-amz-cf-pop: FRA56-P4
x-cache: Hit from cloudfront
x-cached: MISS

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ 203 KB
70 KB 143ms
38ms Script
application/x-javascript 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/outbrain.js
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a47f2a80814067dfc9c9034230138f02b41c1aec66be654d0eb61b51b85e00f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:39 GMT
content-encoding: gzip
last-modified: Tue, 19 Jul 2022 13:44:28 GMT
etag: "15-cH+pI3XN2UhXOS9pByhz3TGJt9k"
vary: Accept-Encoding
edge-cache-tag: widget-cheetah
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
x-traceid: 9f68532b6bade3a2fd0f50b1907d6c4a
timing-allow-origin: *, *
content-length: 71616

GET
H2 200 / Show response
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 6 KB
2 KB 151ms
38ms XHR
application/json 2a04:4e42:400::714
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=walla.co.il&domain=walla.co.il&path=%2F
Requested by: Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3eb3bbe4f10ce8bffac775c7be32e01dda33aad8cf6e22312773786936145c34

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:40 GMT
content-encoding: gzip
x-cache-hits: 1
age: 392
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1242
x-served-by: cache-ams21065-AMS
access-control-allow-origin: *
x-timer: S1658415640.005237,VS0,VE0
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: application/json
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
cache-control: no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges: bytes
expires: Tue, 19 Jul 2022 14:54:07 GMT

GET
H2 206 3412355-46.mp4
images.wcdn.co.il/q_auto,w_700,t_54/3/4/1/2/ 2 MB
2 MB 75ms
75ms Media
video/mp4 18.66.122.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.wcdn.co.il/q_auto,w_700,t_54/3/4/1/2/3412355-46.mp4
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-88.fra60.r.cloudfront.net
Software: cloudinary /
Resource Hash: c7fab74e52b282fb11b3fcaf6eecbc97ca77d4def42d60307431df8644fc672b

Request headers

Referer: https://www.walla.co.il/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Range: bytes=0-

Response headers

date: Thu, 21 Jul 2022 13:22:13 GMT
via: 1.1 varnish, 1.1 1b3f5dc0b3c577dc5e7394bf12aed238.cloudfront.net (CloudFront)
age: 5906
edge-cache-tag: 275312491208917376529330783362073292827,292835170494430563060850067344775541485,d2bce9e04f88d43dd8350e859c701704
cache-tag: 275312491208917376529330783362073292827,292835170494430563060850067344775541485,d2bce9e04f88d43dd8350e859c701704
status: 206 Partial Content
x-cache: Hit from cloudfront
Content-Length: 1735419
x-request-id: 3a03dee5477e3fe35e97c631c4a141a4
x-ua-compatible: IE=Edge,chrome=1
Content-Range: bytes 0-1735418/1735419
last-modified: Thu, 21 Jul 2022 13:22:01 GMT
server: cloudinary
x-timer: S1658409734.858112,VS0,VE1
etag: "735e8080920fd6049a234d4361392047"
x-served-by: cache-lga21949-LGA
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: y5kD3ZgvbzGXN37uV86yy3vWlxz3YdPyCbDjdJ9hNjwPaOQChe-vOw==
x-cache-hits: 1

GET
H2 200 arrow-forward.svg
www.walla.co.il/public/assets/homepage2/ 475 B
843 B 45ms
45ms Image
image/svg+xml 52.222.236.78
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/homepage2/arrow-forward.svg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-78.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 00df84c0176ae68719671b3cf670d45da854c8e4b092eb72eb0b36f6737ae111

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 13:46:18 GMT
via: 1.1 9987fa8ab620895e83d1d8f10c40f6d2.cloudfront.net (CloudFront)
last-modified: Thu, 21 Jul 2022 13:29:46 GMT
server: openresty/1.15.8.1
age: 4461
etag: W/"1db-18220f33510"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
content-length: 475
x-cached: MISS
x-amz-cf-id: ByGjqSyybXnraSWBsRkTgK66NmwH5oIrbDsK0RPq8NZH42Eo5qR0wA==

GET
H2 200 magazine-blue.svg
www.walla.co.il/public/assets/homepage2/ 9 KB
4 KB 42ms
42ms Image
image/svg+xml 52.222.236.78
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/homepage2/magazine-blue.svg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-78.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: b6e94550997c4e312df073085fa16ca99d92ada4576cc0376b4c00e3aeb856d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 13:46:29 GMT
content-encoding: gzip
last-modified: Thu, 21 Jul 2022 13:29:46 GMT
server: openresty/1.15.8.1
age: 4450
etag: W/"2230-18220f33510"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 9987fa8ab620895e83d1d8f10c40f6d2.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: TvT1d9VVO96c64SenMSsagxg7ZZE31h2qHTUF351GwziNaii7ukdXQ==
x-cached: MISS

GET
H2 200 play103fm.svg
www.walla.co.il/public/assets/homepage2/radio-stations/ 409 B
776 B 42ms
41ms Image
image/svg+xml 52.222.236.78
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/homepage2/radio-stations/play103fm.svg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-78.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: f20eeef8fb712ad2bf5e21dfe5944ab2b62010e44ffa8f79a3bfa354973ab517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 13:46:18 GMT
via: 1.1 9987fa8ab620895e83d1d8f10c40f6d2.cloudfront.net (CloudFront)
last-modified: Thu, 21 Jul 2022 13:29:46 GMT
server: openresty/1.15.8.1
age: 4461
etag: W/"199-18220f33510"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
content-length: 409
x-cached: MISS
x-amz-cf-id: 7qGmsGcQgYJgpWN_jvtWERonarqTM9yXEo56tsEXX-RZ7n9GgqQl7w==

GET
H2 200 play99fm.svg
www.walla.co.il/public/assets/homepage2/radio-stations/ 409 B
776 B 42ms
41ms Image
image/svg+xml 52.222.236.78
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/homepage2/radio-stations/play99fm.svg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-78.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: e5bf77a4605d9bb4c0ecfc1127ab95009dc2fa6ec763418424cf36f523db8e08

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 13:46:18 GMT
via: 1.1 9987fa8ab620895e83d1d8f10c40f6d2.cloudfront.net (CloudFront)
last-modified: Thu, 21 Jul 2022 13:29:46 GMT
server: openresty/1.15.8.1
age: 4461
etag: W/"199-18220f33510"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
content-length: 409
x-cached: MISS
x-amz-cf-id: gzqFdFeaLtfOSWY6KZopdB6DecH0Wvg44R_9ur2fmDWxRnnPFDPCJg==

GET
H2 200 walla-sprite.svg
www.walla.co.il/public/assets/icons/ 19 KB
6 KB 41ms
41ms Image
image/svg+xml 52.222.236.78
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/icons/walla-sprite.svg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-78.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 3241bf3866d5c2c02fd32bc792aa155f587efc0780ad197d0040d3377ff5af3f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 13:46:18 GMT
content-encoding: gzip
last-modified: Thu, 21 Jul 2022 13:29:46 GMT
server: openresty/1.15.8.1
age: 4461
etag: W/"4a05-18220f33510"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 9987fa8ab620895e83d1d8f10c40f6d2.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: sF10K07CkJCGRZnVdNu3Hgcu9g2C0yqeRcSZwnkninYSdAgWXAbSQw==
x-cached: MISS

GET
H2 200 icons-play-live.svg
www.walla.co.il/public/assets/icons/ 298 B
656 B 37ms
37ms Image
image/svg+xml 52.222.236.78
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/icons/icons-play-live.svg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-78.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: e8edb024e688dad4a4dbb15cc90e7cbcae1f1426f34ddb2c22523625f46aafde

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 13:46:18 GMT
via: 1.1 9987fa8ab620895e83d1d8f10c40f6d2.cloudfront.net (CloudFront)
last-modified: Thu, 21 Jul 2022 13:29:46 GMT
server: openresty/1.15.8.1
age: 4461
etag: W/"12a-18220f33510"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
content-length: 298
x-cached: MISS
x-amz-cf-id: mFUfYPJsuLEHI2aNEud1ELdtG2GXOIi4gmFo_F_r8wpx8tC3DmJIfA==

GET
H2 200 wallaicons.woff
www.walla.co.il/public/font/fonticon/ 15 KB
15 KB 39ms
37ms Font
font/woff 52.222.236.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.walla.co.il/public/font/fonticon/wallaicons.woff
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-78.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 5927b526dea517c6d58a54685beb027c35c2f7dfef38f318d487ff4275d3913a

Request headers

Referer: https://www.walla.co.il/
Origin: https://www.walla.co.il
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 13:46:17 GMT
via: 1.1 9987fa8ab620895e83d1d8f10c40f6d2.cloudfront.net (CloudFront)
last-modified: Thu, 21 Jul 2022 13:29:46 GMT
server: openresty/1.15.8.1
age: 4462
etag: W/"3bdc-18220f33510"
x-cache: Hit from cloudfront
content-type: font/woff
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
content-length: 15324
x-cached: MISS
x-amz-cf-id: OKZaLCdD32nLUbS6crSM3rgoVyBymth_OZlEzj6HqBis4MYv52FVig==

GET
H2 200 almoni-neue-aaa-500.woff
www.walla.co.il/public/font/almoni/ 58 KB
58 KB 40ms
38ms Font
font/woff 52.222.236.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.walla.co.il/public/font/almoni/almoni-neue-aaa-500.woff
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-78.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 3ce180dce4e114166047284e549a6dae0c28ec609c5539920da8fa3a0c6a9034

Request headers

Referer: https://www.walla.co.il/
Origin: https://www.walla.co.il
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 13:46:17 GMT
via: 1.1 9987fa8ab620895e83d1d8f10c40f6d2.cloudfront.net (CloudFront)
last-modified: Thu, 21 Jul 2022 13:29:46 GMT
server: openresty/1.15.8.1
age: 4462
etag: W/"e7c0-18220f33510"
x-cache: Hit from cloudfront
content-type: font/woff
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
content-length: 59328
x-cached: MISS
x-amz-cf-id: ZscqdpjqyD-Aqki3BDKe-wQmvsinSe0cpJ4TDdtamnVjb_NiYZeW7A==

GET
H2 200 almoni-neue-aaa-700.woff
www.walla.co.il/public/font/almoni/ 59 KB
59 KB 40ms
39ms Font
font/woff 52.222.236.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.walla.co.il/public/font/almoni/almoni-neue-aaa-700.woff
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-78.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: bfde7d8c3faf39da42713b587dbed55d088a5afc1664a79565a8391735c63df1

Request headers

Referer: https://www.walla.co.il/
Origin: https://www.walla.co.il
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 13:46:17 GMT
via: 1.1 9987fa8ab620895e83d1d8f10c40f6d2.cloudfront.net (CloudFront)
last-modified: Thu, 21 Jul 2022 13:29:46 GMT
server: openresty/1.15.8.1
age: 4462
etag: W/"ea00-18220f33510"
x-cache: Hit from cloudfront
content-type: font/woff
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
content-length: 59904
x-cached: MISS
x-amz-cf-id: idY2Dq2Vbi9vSFnTvKhMhkm-8kyLexPpsdRahjHMfj-3GEsc83rTng==

GET
H2 200 new-tag.min.js Show response
cdn.somplo.com/prod/test/251119/ Frame B180 35 KB
35 KB 133ms
37ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.somplo.com/prod/test/251119/new-tag.min.js?cb=8
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/public/ads/smoplotag_hp.html?nocache=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 61539205d56624d72efb22ae6dc279637588ba1c0f5725047d1767126ea0130b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-id: am3-up-gc89, fr5-up-gc37
date: Thu, 21 Jul 2022 15:00:40 GMT
via: 1.1 ef674a9df28e4fc8d944ae07304fa954.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
x-cache: Miss from cloudfront
content-length: 35520
last-modified: Mon, 28 Mar 2022 08:10:45 GMT
server: nginx
etag: "1ae62b0367e3f6f7d0418c15050b13e5"
vary: Accept-Encoding, Origin
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=345600
cache: HIT, HIT
accept-ranges: bytes
x-cached-since: 2022-04-12T11:28:58+00:00, 2022-07-21T11:57:02+00:00
x-amz-cf-id: 7n18-kRoaPNkCCYdUi7tlIFJ1Jp08-anP_AlamfFjl0aCwDVFisIDQ==
expires: Mon, 25 Jul 2022 15:00:40 GMT

GET
H2 200 new-tag.min.js Show response
cdn.somplo.com/prod/test/251119/ Frame 4E03 35 KB
35 KB 167ms
74ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.somplo.com/prod/test/251119/new-tag.min.js?cb=8
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/public/ads/smoplotag_hp.html?nocache=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 61539205d56624d72efb22ae6dc279637588ba1c0f5725047d1767126ea0130b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-id: am3-up-gc89, fr5-up-gc37
date: Thu, 21 Jul 2022 15:00:40 GMT
via: 1.1 ef674a9df28e4fc8d944ae07304fa954.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
x-cache: Miss from cloudfront
content-length: 35520
last-modified: Mon, 28 Mar 2022 08:10:45 GMT
server: nginx
etag: "1ae62b0367e3f6f7d0418c15050b13e5"
vary: Accept-Encoding, Origin
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=345600
cache: HIT, HIT
accept-ranges: bytes
x-cached-since: 2022-04-12T11:28:58+00:00, 2022-07-21T11:57:02+00:00
x-amz-cf-id: 7n18-kRoaPNkCCYdUi7tlIFJ1Jp08-anP_AlamfFjl0aCwDVFisIDQ==
expires: Mon, 25 Jul 2022 15:00:40 GMT

GET
H2 200 mab
mabping.chartbeat.net/ping/ 43 B
200 B 379ms
124ms Image
image/gif 35.175.55.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=oqgxOCdDIKfDmfN4y&c=0&V=136&x=YX8yIjRzAyvBn&v=B&ml=m&sl=DmdSFq&e=-1
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.175.55.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-175-55-208.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:40 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 mab
mabping.chartbeat.net/ping/ 43 B
200 B 380ms
124ms Image
image/gif 35.175.55.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=oqgxOCdDIKfDmfN4y&c=0&V=136&x=3bGAQbYIHPl1G&v=A&ml=m&sl=qSbSH&e=-1
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.175.55.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-175-55-208.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:40 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 mab
mabping.chartbeat.net/ping/ 43 B
201 B 378ms
123ms Image
image/gif 35.175.55.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=oqgxOCdDIKfDmfN4y&c=0&V=136&x=qUUhWSHdZWlUt&v=A&ml=m&sl=suH5-,suH5-&e=-1
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.175.55.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-175-55-208.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:40 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 mab
mabping.chartbeat.net/ping/ 43 B
200 B 499ms
244ms Image
image/gif 35.175.55.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=oqgxOCdDIKfDmfN4y&c=0&V=136&x=NAHg78MlnPgeg&v=A&ml=m&sl=CXBWkt&e=-1
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.175.55.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-175-55-208.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:40 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 mab
mabping.chartbeat.net/ping/ 43 B
200 B 378ms
123ms Image
image/gif 35.175.55.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=oqgxOCdDIKfDmfN4y&c=0&V=136&x=AkVp3Yjd2Smki&v=B&ml=m&sl=DeeayK,DeeayK&e=-1
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.175.55.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-175-55-208.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:40 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 mab
mabping.chartbeat.net/ping/ 43 B
200 B 498ms
243ms Image
image/gif 35.175.55.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=oqgxOCdDIKfDmfN4y&c=0&V=136&me=3&ml=m&x=uncLLpvvLdbrS
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.175.55.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-175-55-208.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:40 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 379ms
124ms Image
image/gif 35.175.55.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=walla.co.il&p=%2F&u=oqgxOCdDIKfDmfN4y&d=walla.co.il&g=20047&g0=%D7%95%D7%95%D7%90%D7%9C%D7%94&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=10393&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=1225&t=BEMyDva4nPDnrk8DHadpMCLRNai&V=136&i=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20-%20%D7%94%D7%90%D7%AA%D7%A8%20%D7%94%D7%9E%D7%95%D7%91%D7%99%D7%9C%20%D7%91%D7%99%D7%A9%D7%A8%D7%90%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%9E%D7%A1%D7%91%D7%99%D7%91%20%D7%9C%D7%A9%D7%A2%D7%95%D7%9F&tz=0&sn=1&sv=DcgQmADfwGQkID8dKC0LuzIBbi3BK&sd=1&im=067b2fff&_
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.175.55.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-175-55-208.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:40 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 391_d0a39e2fd64a80b00db2_d0a39e2fd64a80b00db2_walla.js Show response
www.walla.co.il/public/ 121 KB
36 KB 38ms
38ms Script
application/javascript 52.222.236.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.walla.co.il/public/391_d0a39e2fd64a80b00db2_d0a39e2fd64a80b00db2_walla.js
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/public/main_d565d4d0084d58c3fa7c_d565d4d0084d58c3fa7c_walla.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-78.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 9a4274142fd080ea0f59f10122d71f16e9e704d7b5d22ba4abdd03337a44a20c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 13:46:17 GMT
content-encoding: gzip
last-modified: Thu, 21 Jul 2022 13:32:07 GMT
server: openresty/1.15.8.1
age: 4463
etag: W/"1e5b3-18220f55bd8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 9987fa8ab620895e83d1d8f10c40f6d2.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: Dm7eP4IG5eZCI6WiDcf15toGf4gfjyo-lQRxanK4GsSCYWl19fGlcg==
x-cached: MISS

GET
H2 200 PikudInner_8c1991b5dc442b6a04da_8c1991b5dc442b6a04da_walla.js Show response
www.walla.co.il/public/ 3 KB
2 KB 38ms
37ms Script
application/javascript 52.222.236.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.walla.co.il/public/PikudInner_8c1991b5dc442b6a04da_8c1991b5dc442b6a04da_walla.js
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/public/main_d565d4d0084d58c3fa7c_d565d4d0084d58c3fa7c_walla.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-78.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: c6163b79541e39dee513e65dbe9879c888d980c1884cce20d2ce25f225542320

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 13:46:17 GMT
content-encoding: gzip
last-modified: Thu, 21 Jul 2022 13:32:07 GMT
server: openresty/1.15.8.1
age: 4463
etag: W/"cfc-18220f55bd8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 9987fa8ab620895e83d1d8f10c40f6d2.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: Y77K84D9SpNQFfNoX-jsE9WfsxTNJxz_fHjRuKSoSQYL1eLAIUnSBA==
x-cached: MISS

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 82 KB
28 KB 46ms
46ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/public/218_ecead03b6da4e81fa118_ecead03b6da4e81fa118_walla.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89d6c6128bbf90670cc4663c0fa9df73ddc4846d2a5bc9bb3a5f71c7f72b75cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28308
x-xss-protection: 0
server: sffe
etag: "1279 / 197 of 1000 / last-modified: 1658401751"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 21 Jul 2022 15:00:40 GMT

GET
H2 200 yomHameshi.svg
www.walla.co.il/public/assets/homepage2/ 7 KB
2 KB 40ms
37ms Image
image/svg+xml 52.222.236.78
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/homepage2/yomHameshi.svg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-78.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: b5692754567d3c753ef5ce6d233b4e985c03278874536a75b42ddd54fe8aad69

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 13:46:17 GMT
content-encoding: gzip
last-modified: Thu, 21 Jul 2022 13:29:46 GMT
server: openresty/1.15.8.1
age: 4462
etag: W/"1ac9-18220f33510"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 9987fa8ab620895e83d1d8f10c40f6d2.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: M4xOg2_fFnZnvXrV54ubPggvXEQ4gbGjewon91I6OXy5CKYGS2l18w==
x-cached: MISS

GET
H2 200 close.png
www.walla.co.il/public/assets/ads/ 1 KB
1 KB 40ms
37ms Image
image/png 52.222.236.78
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/ads/close.png
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-78.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 526570790fb55c7376917efb0561bac7302c8946d3cfb0daf15e3669c6ee1ee5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 13:46:17 GMT
via: 1.1 9987fa8ab620895e83d1d8f10c40f6d2.cloudfront.net (CloudFront)
last-modified: Thu, 21 Jul 2022 13:29:46 GMT
server: openresty/1.15.8.1
age: 4463
etag: W/"46c-18220f33510"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
content-length: 1132
x-cached: MISS
x-amz-cf-id: 0X8XLfUrGQyRVNzbwimsoDHoeo6Z_cF-1uRZi1EFriTnKMS99dqfFw==

GET
H2 200 3396166-46.png
images.wcdn.co.il//3/3/9/6/ 8 KB
8 KB 43ms
40ms Image
image/png 18.66.122.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wcdn.co.il//3/3/9/6/3396166-46.png
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-88.fra60.r.cloudfront.net
Software: cloudinary /
Resource Hash: c754a025cf0832d8187f0d206f2a49170354338368d134568be9fe62a22e39ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 11:16:48 GMT
via: 1.1 varnish, 1.1 1b3f5dc0b3c577dc5e7394bf12aed238.cloudfront.net (CloudFront)
age: 3815032
edge-cache-tag: 305275855198156367470870806952093685290,d2bce9e04f88d43dd8350e859c701704
cache-tag: 305275855198156367470870806952093685290,d2bce9e04f88d43dd8350e859c701704
x-cache: Hit from cloudfront
content-length: 7985
x-served-by: cache-iad-kiad7000071-IAD
last-modified: Tue, 07 Jun 2022 11:16:02 GMT
server: cloudinary
x-timer: S1654600608.458335,VS0,VE30
etag: "0a115c88950798050ecf99d1b6abc446"
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: TtgLZdL1LYSZTRgM33usJzPfjNldyNBwmrQP5pCbjmKjGXbuRu7dqQ==
x-cache-hits: 0

GET
H2 200 3410029-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_400,t_18/3/4/1/0/ 11 KB
12 KB 51ms
48ms Image
image/avif 18.66.122.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wcdn.co.il/f_auto,q_auto,w_400,t_18/3/4/1/0/3410029-46.jpg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-88.fra60.r.cloudfront.net
Software: cloudinary /
Resource Hash: d5ef5e3d160799fe5daadad27878c50e7c394e8c630a0c7b1058b6fc30aefa77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 14:40:09 GMT
via: 1.1 varnish, 1.1 1b3f5dc0b3c577dc5e7394bf12aed238.cloudfront.net (CloudFront)
age: 1233
edge-cache-tag: 285864854404221941811931035245392430536,381573010157131071558488767622808407530,d2bce9e04f88d43dd8350e859c701704
cache-tag: 285864854404221941811931035245392430536,381573010157131071558488767622808407530,d2bce9e04f88d43dd8350e859c701704
status: 200 OK
x-cache: Hit from cloudfront
content-length: 11313
x-request-id: b36eccc25a29b874b191ddfa74e1d8b4
x-served-by: cache-iad-kjyo7100156-IAD
last-modified: Thu, 21 Jul 2022 14:40:08 GMT
server: cloudinary
x-timer: S1658414408.319043,VS0,VE1117
etag: "1f942cfeb09f624ee754d00b4c10dd41"
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: 92zG24lOUPxqNQ8a9ycB9cqm0spE4ivl64fk0g2OncWDScRbCB_6sw==
x-cache-hits: 0

GET
H2 200 3411276-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_200,t_41/3/4/1/1/ 8 KB
9 KB 52ms
50ms Image
image/avif 18.66.122.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wcdn.co.il/f_auto,q_auto,w_200,t_41/3/4/1/1/3411276-46.jpg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-88.fra60.r.cloudfront.net
Software: cloudinary /
Resource Hash: 2aeae71738eb06d33f782e99218acc63d0e874a29d57a8400e419f3230bce7c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 14:40:08 GMT
via: 1.1 varnish, 1.1 1b3f5dc0b3c577dc5e7394bf12aed238.cloudfront.net (CloudFront)
age: 1231
edge-cache-tag: 383192772603619916990029125838261882249,283430647936075344067903404271322648154,d2bce9e04f88d43dd8350e859c701704
cache-tag: 383192772603619916990029125838261882249,283430647936075344067903404271322648154,d2bce9e04f88d43dd8350e859c701704
status: 200 OK
x-cache: Hit from cloudfront
content-length: 8681
x-request-id: db4b694fc20adbaf82916759f6e60d8b
x-served-by: cache-iad-kiad7000050-IAD
last-modified: Thu, 21 Jul 2022 14:40:09 GMT
server: cloudinary
x-timer: S1658414407.590677,VS0,VE2387
etag: "f989ae8b704a5cc57a81e799eb7bda7c"
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: ZNHEVltNRRn513dMfab7CjZSBQn5HbX2SADOZqgFMr5kN-g1v8Xn7A==
x-cache-hits: 0

GET
H2 200 3409053-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_200,t_41/3/4/0/9/ 14 KB
14 KB 55ms
52ms Image
image/avif 18.66.122.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wcdn.co.il/f_auto,q_auto,w_200,t_41/3/4/0/9/3409053-46.jpg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-88.fra60.r.cloudfront.net
Software: cloudinary /
Resource Hash: c643213396e6c22c246297864a35b20544e7643bc40fe93a15a621848a14399f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 14:40:08 GMT
via: 1.1 varnish, 1.1 1b3f5dc0b3c577dc5e7394bf12aed238.cloudfront.net (CloudFront)
age: 1232
edge-cache-tag: 283635793931017423515982533143705625147,283430647936075344067903404271322648154,d2bce9e04f88d43dd8350e859c701704
cache-tag: 283635793931017423515982533143705625147,283430647936075344067903404271322648154,d2bce9e04f88d43dd8350e859c701704
status: 200 OK
x-cache: Hit from cloudfront
content-length: 13929
x-request-id: 81e4cb54ed1be80f78de8c7c62c15592
x-served-by: cache-iad-kiad7000093-IAD
last-modified: Thu, 21 Jul 2022 14:40:09 GMT
server: cloudinary
x-timer: S1658414407.594245,VS0,VE1895
etag: "de3e1d0d0f7ed3dff0aaeb96e1aa3543"
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: pPKLoVJPdm_cAi1UPHoe1sBeBQCn6MrEFjPriM4i8ygTHA4_jMzS3A==
x-cache-hits: 0

GET
H2 200 3408489-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_200,t_41/3/4/0/8/ 9 KB
10 KB 43ms
41ms Image
image/avif 18.66.122.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wcdn.co.il/f_auto,q_auto,w_200,t_41/3/4/0/8/3408489-46.jpg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-88.fra60.r.cloudfront.net
Software: cloudinary /
Resource Hash: 1afaa05825e8a0534d3793aca37e25b6d14bbba5e5fefdf31e07a6b280154ac6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 14:40:08 GMT
via: 1.1 varnish, 1.1 1b3f5dc0b3c577dc5e7394bf12aed238.cloudfront.net (CloudFront)
age: 1231
edge-cache-tag: 249737412472193717379663418442192474519,283430647936075344067903404271322648154,d2bce9e04f88d43dd8350e859c701704
cache-tag: 249737412472193717379663418442192474519,283430647936075344067903404271322648154,d2bce9e04f88d43dd8350e859c701704
status: 200 OK
x-cache: Hit from cloudfront
content-length: 9035
x-request-id: badc5b590aa404ebe6f7c7b674218fad
x-served-by: cache-iad-kiad7000054-IAD
last-modified: Thu, 21 Jul 2022 14:40:09 GMT
server: cloudinary
x-timer: S1658414407.762193,VS0,VE2195
etag: "3d54519dd28130cd2572e99a98a152b3"
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: ukkekhQkG30U8wVCtSFdhJFzykPsWt08hDqFcCYESBlliRx_EK2pyQ==
x-cache-hits: 0

GET
H2 200 3412290-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_200,t_41/3/4/1/2/ 12 KB
13 KB 46ms
44ms Image
image/avif 18.66.122.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wcdn.co.il/f_auto,q_auto,w_200,t_41/3/4/1/2/3412290-46.jpg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-88.fra60.r.cloudfront.net
Software: cloudinary /
Resource Hash: 6f8a4206e34e9664bd9d8af5562514d649fbc248e4f007561236cda2ce87ae18

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 14:40:08 GMT
via: 1.1 varnish, 1.1 1b3f5dc0b3c577dc5e7394bf12aed238.cloudfront.net (CloudFront)
age: 1232
edge-cache-tag: 291314032894891709924737566964446818084,283430647936075344067903404271322648154,d2bce9e04f88d43dd8350e859c701704
cache-tag: 291314032894891709924737566964446818084,283430647936075344067903404271322648154,d2bce9e04f88d43dd8350e859c701704
status: 200 OK
x-cache: Hit from cloudfront
content-length: 12214
x-request-id: ac31129d2b2cd42cf91110d9d2cd4e43
x-served-by: cache-iad-kiad7000170-IAD
last-modified: Thu, 21 Jul 2022 14:40:09 GMT
server: cloudinary
x-timer: S1658414407.764295,VS0,VE2127
etag: "9c4c4b982dc108dc9fe80ea202da0d4a"
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: ZDEg6p_mx6vgpKVxmF-OdI-MrVvlPCtXZbjk7UrzUt9xjjbCNOlIwg==
x-cache-hits: 0

GET
H2 200 3412072-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/4/1/2/ 7 KB
7 KB 46ms
45ms Image
image/avif 18.66.122.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/4/1/2/3412072-46.jpg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-88.fra60.r.cloudfront.net
Software: cloudinary /
Resource Hash: c816c4e8df1815e0a1e169e3ad3ddc0fd61ab330fa78616b3b8c73e928dc4857

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 00:14:45 GMT
via: 1.1 varnish, 1.1 1b3f5dc0b3c577dc5e7394bf12aed238.cloudfront.net (CloudFront)
age: 53155
edge-cache-tag: 257478756056906309807445882737684747681,212496020108147977840311483917559093332,d2bce9e04f88d43dd8350e859c701704
cache-tag: 257478756056906309807445882737684747681,212496020108147977840311483917559093332,d2bce9e04f88d43dd8350e859c701704
status: 200 OK
x-cache: Hit from cloudfront
content-length: 6913
x-request-id: 0bae730ad050ecd096577c61d0f7598c
x-served-by: cache-iad-kjyo7100170-IAD
last-modified: Thu, 21 Jul 2022 00:14:46 GMT
server: cloudinary
x-timer: S1658362481.484012,VS0,VE4132
etag: "5b9106d04da13643f7573061cae59155"
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: MLpcBllFIUB7xDlxWb_-Ry_PV4kRWP0i0CbrR_SuIIVxtz4ZTaXSPg==
x-cache-hits: 0

GET
H2 200 3344389-46.jpeg
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/3/4/4/ 5 KB
6 KB 48ms
46ms Image
image/avif 18.66.122.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/3/4/4/3344389-46.jpeg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-88.fra60.r.cloudfront.net
Software: cloudinary /
Resource Hash: 5a123f0309c1bd67a467e3e2e1652ebd1f69749c5d48fdb15a03fce2c3fc4f01

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 05 Mar 2022 08:15:01 GMT
via: 1.1 varnish, 1.1 1b3f5dc0b3c577dc5e7394bf12aed238.cloudfront.net (CloudFront)
age: 11947539
edge-cache-tag: 259451210397643629279469005266957894779,418564181582767519421549110210876597074,d2bce9e04f88d43dd8350e859c701704
cache-tag: 259451210397643629279469005266957894779,418564181582767519421549110210876597074,d2bce9e04f88d43dd8350e859c701704
x-cache: Hit from cloudfront
content-length: 5290
x-served-by: cache-wdc5537-WDC
last-modified: Mon, 07 Feb 2022 15:12:03 GMT
server: cloudinary
x-timer: S1646468102.698238,VS0,VE1
etag: "057e11905921c10022f5182eba9cf18e"
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: sU8rNihKBvi0ZfzOThg543dEJa5QrIlMkeIucGWw1bpoinFWcDHG8g==
x-cache-hits: 1

GET
H2 200 3411098-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/4/1/1/ 2 KB
3 KB 48ms
47ms Image
image/avif 18.66.122.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/4/1/1/3411098-46.jpg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-88.fra60.r.cloudfront.net
Software: cloudinary /
Resource Hash: e625f156503844e42ec7e4ac9026b49f33c11405fb487d1faa2fdb9062e2b99d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 05:24:12 GMT
via: 1.1 varnish, 1.1 1b3f5dc0b3c577dc5e7394bf12aed238.cloudfront.net (CloudFront)
age: 34588
edge-cache-tag: 428672610178264831150371429206849756272,212496020108147977840311483917559093332,d2bce9e04f88d43dd8350e859c701704
cache-tag: 428672610178264831150371429206849756272,212496020108147977840311483917559093332,d2bce9e04f88d43dd8350e859c701704
status: 200 OK
x-cache: Hit from cloudfront
content-length: 2265
x-request-id: ceef48cbc055ee2f4f4705bf2fc49631
x-served-by: cache-iad-kiad7000176-IAD
last-modified: Wed, 20 Jul 2022 23:33:08 GMT
server: cloudinary
x-timer: S1658381053.644272,VS0,VE1
etag: "e3f477b0f66d73a7fb67ed53806f071f"
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: _d6N0iDaLYBbqgGPsAt_umyqodcx2pk3jMvWlqffcyMb03UeSWvz3A==
x-cache-hits: 1

GET
H2 200 3181422-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_100,t_53/3/1/8/1/ 2 KB
3 KB 49ms
47ms Image
image/avif 18.66.122.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wcdn.co.il/f_auto,q_auto,w_100,t_53/3/1/8/1/3181422-46.jpg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-88.fra60.r.cloudfront.net
Software: cloudinary /
Resource Hash: a19eb3f67e6a489ccd9059230889b99512c80a0d915234a21a0b495de8dc5b0f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:00:54 GMT
via: 1.1 varnish, 1.1 1b3f5dc0b3c577dc5e7394bf12aed238.cloudfront.net (CloudFront)
age: 3027586
edge-cache-tag: 215737703099682237701957666757742446613,126791851644153346182560705225699570347,d2bce9e04f88d43dd8350e859c701704
cache-tag: 215737703099682237701957666757742446613,126791851644153346182560705225699570347,d2bce9e04f88d43dd8350e859c701704
x-cache: Hit from cloudfront
content-length: 2325
x-served-by: cache-iad-kiad7000079-IAD
last-modified: Thu, 06 Jan 2022 15:00:32 GMT
server: cloudinary
x-timer: S1655388055.697293,VS0,VE68
etag: "d120f0588b6b03c60e2b26d8baa018a6"
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: 0AEo8H0xPGD0fflHI5yb74dYobgEqZK9jFL6gGuGbXzx5_4AmKl8OQ==
x-cache-hits: 0

GET
H2 200 3257814-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_100,t_53/3/2/5/7/ 4 KB
4 KB 75ms
74ms Image
image/avif 18.66.122.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wcdn.co.il/f_auto,q_auto,w_100,t_53/3/2/5/7/3257814-46.jpg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-88.fra60.r.cloudfront.net
Software: cloudinary /
Resource Hash: 088cbca83571a9ca068d0cede10541c39245ae3b3ee42a5782065545ce868a76

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 15:00:40 GMT
via: 1.1 varnish, 1.1 1b3f5dc0b3c577dc5e7394bf12aed238.cloudfront.net (CloudFront)
age: 11750400
edge-cache-tag: 100849633808619424421432673154196013018,126791851644153346182560705225699570347,d2bce9e04f88d43dd8350e859c701704
cache-tag: 100849633808619424421432673154196013018,126791851644153346182560705225699570347,d2bce9e04f88d43dd8350e859c701704
x-cache: Hit from cloudfront
content-length: 3655
x-served-by: cache-bwi5073-BWI
last-modified: Tue, 28 Dec 2021 15:01:11 GMT
server: cloudinary
x-timer: S1646665241.550499,VS0,VE0
etag: "b91ce2f10fca54c567728dadb0259b1d"
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: GrhSpwWeoI4SS6DJoekkvhZe-yCRXCFtN-VW1iz4LXlm6ga0NxS-aA==
x-cache-hits: 2

GET
H2 403 bdbae668-c577-4545-8fc2-4ad4eab52b2c-web.js
cdn.permutive.com/ 0
0 136ms
51ms Script
text/html 104.19.150.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.permutive.com/bdbae668-c577-4545-8fc2-4ad4eab52b2c-web.js?d=2022-07-21
Requested by: Host: cf.dxmcdn.com
URL: https://cf.dxmcdn.com/dta/wallawb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.150.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

GET
H2 200 kahoona-idx-live.js Show response
d2r08ja41ypc0t.cloudfront.net/WALLA/ 13 KB
5 KB 124ms
37ms Script
application/javascript 2600:9000:223e:7000:4:1c73:c740:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2r08ja41ypc0t.cloudfront.net/WALLA/kahoona-idx-live.js
Requested by: Host: cf.dxmcdn.com
URL: https://cf.dxmcdn.com/dta/wallawb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:7000:4:1c73:c740:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 54d37b1d8e55538c904d0c26be548aa93c286fa78f78cd1e3793a9d07bf9819a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 11:36:47 GMT
content-encoding: br
last-modified: Mon, 27 Jun 2022 11:25:58 GMT
server: AmazonS3
age: 12233
etag: W/"c3aebce9dd4cb2b70f6efb88aed32c08"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: emw9SetOOS1UJ3o6QvOxdL9AaNxsuhLL
via: 1.1 d04699b52d8873377c4b5f4e7dcf7068.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
content-type: application/javascript
x-amz-cf-id: 6H4Ha0N4ouKAyNvWYacVlw0M6UEKjTXvkAHuLqA38J4yh_wX_EZzew==

GET
H/1.1 200
OK d3d3LndhbGxhLmNvLmls Show response
tcheck.outbrainimg.com/tcheck/check/ 16 B
464 B 136ms
38ms XHR
application/json 23.35.229.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tcheck.outbrainimg.com/tcheck/check/d3d3LndhbGxhLmNvLmls
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-181.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Thu, 21 Jul 2022 15:00:40 GMT
ETag: W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=35345
Access-Control-Allow-Credentials: false
Connection: keep-alive
X-TraceId: c4f570243c935ddb9d5071e7b28f1ed7
Content-Length: 16
Expires: Fri, 22 Jul 2022 00:49:45 GMT

GET
H2 200 px.gif
widget-pixels.outbrain.com/widget/detect/ 43 B
341 B 51ms
43ms Image
image/gif 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:40 GMT
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 43
expires: Sat, 20 Aug 2022 15:00:40 GMT

GET
H2 206 3412355-46.mp4
images.wcdn.co.il/q_auto,w_700,t_54/3/4/1/2/ 31 KB
32 KB 41ms
40ms Media
video/mp4 18.66.122.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.wcdn.co.il/q_auto,w_700,t_54/3/4/1/2/3412355-46.mp4
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-88.fra60.r.cloudfront.net
Software: cloudinary /
Resource Hash: 18fdb8be330112ec73e6dbb8634ae5a9109e745039b934dd8480d68858e58a1a

Request headers

Referer: https://www.walla.co.il/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Range: bytes=1703936-

Response headers

date: Thu, 21 Jul 2022 13:22:13 GMT
via: 1.1 varnish, 1.1 1b3f5dc0b3c577dc5e7394bf12aed238.cloudfront.net (CloudFront)
age: 5907
edge-cache-tag: 275312491208917376529330783362073292827,292835170494430563060850067344775541485,d2bce9e04f88d43dd8350e859c701704
cache-tag: 275312491208917376529330783362073292827,292835170494430563060850067344775541485,d2bce9e04f88d43dd8350e859c701704
status: 206 Partial Content
x-cache: Hit from cloudfront
Content-Length: 31483
x-request-id: 3a03dee5477e3fe35e97c631c4a141a4
x-ua-compatible: IE=Edge,chrome=1
Content-Range: bytes 1703936-1735418/1735419
last-modified: Thu, 21 Jul 2022 13:22:01 GMT
server: cloudinary
x-timer: S1658409734.858112,VS0,VE1
etag: "735e8080920fd6049a234d4361392047"
x-served-by: cache-lga21949-LGA
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: BKOxUwsY7qe5cUV6xULl-YKm0NsgjAOat_wTAxHKfUQpXS9I--CFRA==
x-cache-hits: 1

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 117ms
39ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6e164ad4aa1f1905c44c2e4e57088f313738d18320a99a7e6a984b862523d96d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26001
x-xss-protection: 0
pragma: public
x-fb-debug: u/bo9QOJQvE5KVGhv6LfB1GYc8oTtdujH/CPb+9MHKEvvUW49k5IZH4VMt/P+vDaDrdAaEPSmda/MZV1yFpO2A==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Thu, 21 Jul 2022 15:00:40 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

OPTIONS
H2 200 init
hb-dot-valuad.appspot.com/ Frame 0
0 245ms
136ms Preflight
text/html 2a00:1450:4001:827::2014
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://hb-dot-valuad.appspot.com/init?d=pubsub
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-request-id,x-vad-version
Access-Control-Request-Method: POST
Origin: https://www.walla.co.il
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-request-id,x-vad-version
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin: https://www.walla.co.il
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Thu, 21 Jul 2022 15:00:40 GMT
server: Google Frontend
x-cloud-trace-context: b50ba0a70787463cc468d877e30f933e
x-request-id: undefined

POST
H3 200 init Show response
hb-dot-valuad.appspot.com/ 38 B
87 B 214ms
138ms Fetch
application/json 2a00:1450:4001:827::2014
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://hb-dot-valuad.appspot.com/init?d=pubsub
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1658361600000
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 4fd404a3dd41ba5796289aa477fbab1ca6d8417713f348dc46088f0f304a4c86

Request headers

Accept: application/json
Referer: https://www.walla.co.il/
x-request-id: fbd80931-b358-4af4-ae0a-3eeb6f3067d3
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
x-vad-version: 0.7.29
Content-Type: application/json

Response headers

date: Thu, 21 Jul 2022 15:00:41 GMT
content-encoding: gzip
server: Google Frontend
etag: W/"26-mVNvu0agnvYcPb+7WMdjUD1kmNU"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.walla.co.il
x-cloud-trace-context: 75fa2d78955dec0e45b8b5d98b6f4f65
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64
x-request-id: undefined

GET
H2 200 tag.js Show response
adserve.somplo.com/tag/js/949418949/ Frame B180 38 KB
11 KB 130ms
40ms XHR
text/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://adserve.somplo.com/tag/js/949418949/tag.js?cd=%%CACHEBUSTER%%
Requested by: Host: cdn.somplo.com
URL: https://cdn.somplo.com/prod/test/251119/new-tag.min.js?cb=8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 4d9a00a70e0c56a45278b5e41d86ebc44504ed433f04c83be3affbccf4cab4e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-id: fr5-up-gc33
date: Thu, 21 Jul 2022 15:00:40 GMT
content-encoding: gzip
server: nginx
x-cached-since: 2022-07-21T14:31:03+00:00
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=600
cache: HIT
expires: Thu, 21 Jul 2022 15:10:40 GMT

GET
H2 200 tag.js Show response
adserve.somplo.com/tag/js/949418949/ Frame 4E03 38 KB
11 KB 132ms
42ms XHR
text/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://adserve.somplo.com/tag/js/949418949/tag.js?cd=%%CACHEBUSTER%%
Requested by: Host: cdn.somplo.com
URL: https://cdn.somplo.com/prod/test/251119/new-tag.min.js?cb=8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 4d9a00a70e0c56a45278b5e41d86ebc44504ed433f04c83be3affbccf4cab4e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-id: fr5-up-gc33
date: Thu, 21 Jul 2022 15:00:40 GMT
content-encoding: gzip
server: nginx
x-cached-since: 2022-07-21T14:31:03+00:00
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=600
cache: HIT
expires: Thu, 21 Jul 2022 15:10:40 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 121ms
37ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T728TH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 6883
date: Thu, 21 Jul 2022 13:05:57 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 21 Jul 2022 15:05:57 GMT

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 44 KB
17 KB 140ms
50ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WGMK7ZS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

169654a2040e9f83c46d4cd65600c3dc9db6db042904c22cc97645fb4323c362

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17001
x-xss-protection: 0
server: cafe
etag: 6464440653375776403
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 21 Jul 2022 15:00:40 GMT

GET
H2 200 logo.png
www.walla.co.il/public/assets/pikud/ 21 KB
22 KB 37ms
37ms Image
image/png 52.222.236.78
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/pikud/logo.png
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-78.fra56.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 76d0d144cab37ceb245da2686fc8b5188508a91aee42773c8caba340dd7e4309

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 13:46:17 GMT
via: 1.1 9987fa8ab620895e83d1d8f10c40f6d2.cloudfront.net (CloudFront)
last-modified: Thu, 21 Jul 2022 13:29:46 GMT
server: openresty/1.15.8.1
age: 4463
etag: W/"558e-18220f33510"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
content-length: 21902
x-cached: MISS
x-amz-cf-id: Eh_Z3wFii9871u-qe7RdCDqxhU4M_ap1j6sqtXFVioY4CIwJhLumfw==

POST
H2 200 handshakes Show response
khn.crowdad.io/ 0
105 B 166ms
55ms XHR
text/plain 54.72.76.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://khn.crowdad.io/handshakes
Requested by: Host: d2r08ja41ypc0t.cloudfront.net
URL: https://d2r08ja41ypc0t.cloudfront.net/WALLA/kahoona-idx-live.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.76.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-76-48.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.walla.co.il
date: Thu, 21 Jul 2022 15:00:41 GMT
access-control-allow-credentials: true
content-length: 0

OPTIONS
H2 200 handshakes
khn.crowdad.io/ Frame 0
0 190ms
56ms Preflight 54.72.76.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://khn.crowdad.io/handshakes
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.76.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-76-48.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.walla.co.il
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://www.walla.co.il
content-length: 0
date: Thu, 21 Jul 2022 15:00:41 GMT

GET
H2 200 get Show response
odb.outbrain.com/utils/ 2 KB
1 KB 241ms
151ms Script
text/javascript 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.walla.co.il%2F&idx=0&rand=41593&key=NANOWDGT01&widgetJSId=AR_57&va=true&et=true&format=html&adblck=false&abwl=false&px=0&py=0&vpd=0&cw=1600&activeTab=true&darkMode=false&ab=0&wl=0&settings=true&recs=true&version=2000820&sig=fzcKihyX&apv=false&false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fwww.walla.co.il%2F
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 5489286f713baca8f0c99d5f1836d2f1aab8aff8d146c1e53af4a35977edf775

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:41 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, HHN, Europe1
x-timer: S1658415641.083957,VS0,VE113
accept-ranges: bytes
x-served-by: cache-lga13628-LGA, cache-hhn4050-HHN
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-cache-hits: 0, 0
x-traceid: 965abdfd245ad907f07c66ea0796cfce
content-encoding: gzip
content-length: 1099
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 170717926997655 Show response
connect.facebook.net/signals/config/ 292 KB
84 KB 79ms
38ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/170717926997655?v=2.9.65&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

508001d1ef040aed1fd20712894e6998a004591fcb9d996a37311681a3eb02d2

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 85640
x-xss-protection: 0
pragma: public
x-fb-debug: +wPhdSLr72dSk6IPOBSm23fsBCObPC2Ird2dz01lJ985eZrVRgOcO7eorRPIV9bY0IzsOyoHkh4VA5JMxExE5A==
x-frame-options: DENY
date: Thu, 21 Jul 2022 15:00:41 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 120ms
44ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2039212197&t=pageview&_s=1&dl=https%3A%2F%2Fwww.walla.co.il%2F&ul=en-us&de=UTF-8&dt=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20-%20%D7%94%D7%90%D7%AA%D7%A8%20%D7%94%D7%9E%D7%95%D7%91%D7%99%D7%9C%20%D7%91%D7%99%D7%A9%D7%A8%D7%90%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%9E%D7%A1%D7%91%D7%99%D7%91%20%D7%9C%D7%A9%D7%A2%D7%95%D7%9F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=2135507019&gjid=379399201&cid=210978062.1658415641&tid=UA-4780630-1&_gid=670591526.1658415641&_r=1&gtm=2wg7i0T728TH&cd1=&cd2=173&cd3=&cd4=&cd6=&cd7=&cd8=&cd10=0&cd20=no&cd22=0&cd23=0&cd24=0&cd26=&cd27=&cd28=&cd29=&cd30=&cd31=&cd32=%D7%95%D7%95%D7%90%D7%9C%D7%94&cd33=not&cd34=&cd51=&cd53=&cd54=&cd55=&cd56=&cd59=&cd62=&cd63=&cd65=no&cd69=1&cd76=&cd98=&cd107=&cd108=no&cd109=no&cd110=&cd113=1&cd115=&cd116=0&z=2138339854

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.walla.co.il
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/964224610/ 3 KB
2 KB 136ms
53ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/964224610/?random=1658415640990&cv=9&fst=1658415640990&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.walla.co.il%2F&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20-%20%D7%94%D7%90%D7%AA%D7%A8%20%D7%94%D7%9E%D7%95%D7%91%D7%99%D7%9C%20%D7%91%D7%99%D7%A9%D7%A8%D7%90%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%9E%D7%A1%D7%91%D7%99%D7%91%20%D7%9C%D7%A9%D7%A2%D7%95%D7%9F&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0737f9044484c92586fb5055801cfb759faa786e386d99468d85d1b0327bea5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1063
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
442 B 143ms
47ms XHR
text/plain 2a00:1450:400c:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-4780630-1&cid=210978062.1658415641&jid=2135507019&gjid=379399201&_gid=670591526.1658415641&_u=YEBAAEAAAAAAAC~&z=2079883811

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 21 Jul 2022 15:00:41 GMT
content-type: text/plain
access-control-allow-origin: https://www.walla.co.il
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/964224610/ 42 B
548 B 133ms
48ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/964224610/?random=1658415640990&cv=9&fst=1658415600000&num=1&guid=ON&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.walla.co.il%2F&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20-%20%D7%94%D7%90%D7%AA%D7%A8%20%D7%94%D7%9E%D7%95%D7%91%D7%99%D7%9C%20%D7%91%D7%99%D7%A9%D7%A8%D7%90%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%9E%D7%A1%D7%91%D7%99%D7%91%20%D7%9C%D7%A9%D7%A2%D7%95%D7%9F&fmt=3&is_vtc=1&random=443732081&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/964224610/ 42 B
548 B 136ms
52ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/964224610/?random=1658415640990&cv=9&fst=1658415600000&num=1&guid=ON&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.walla.co.il%2F&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20-%20%D7%94%D7%90%D7%AA%D7%A8%20%D7%94%D7%9E%D7%95%D7%91%D7%99%D7%9C%20%D7%91%D7%99%D7%A9%D7%A8%D7%90%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%9E%D7%A1%D7%91%D7%99%D7%91%20%D7%9C%D7%A9%D7%A2%D7%95%D7%9F&fmt=3&is_vtc=1&random=443732081&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 1616785908557850 Show response
connect.facebook.net/signals/config/ 291 KB
84 KB 38ms
38ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1616785908557850?v=2.9.65&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aae5162adef7d4c56c9200ed73b45eaa0bb52827aa84145518a2a530d77f311a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 85604
x-xss-protection: 0
pragma: public
x-fb-debug: uwajQH4/etOF0mdhzg5ivgVx6ss3Nnocd6Mburwdrr+5IwaqBG0NrjSi9TJGHqOljTa23BAclZi9pnYSDKjkMg==
x-frame-options: DENY
date: Thu, 21 Jul 2022 15:00:41 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 116ms
39ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=170717926997655&ev=PageView&dl=https%3A%2F%2Fwww.walla.co.il%2F&rl=&if=false&ts=1658415641151&sw=1600&sh=1200&v=2.9.65&r=stable&ec=0&o=30&fbp=fb.2.1658415641150.1105444485&it=1658415640978&coo=false&exp=u0&rqm=GET

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:41 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Thu, 21 Jul 2022 15:00:41 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 62ms
39ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1616785908557850&ev=PageView&dl=https%3A%2F%2Fwww.walla.co.il%2F&rl=&if=false&ts=1658415641206&sw=1600&sh=1200&v=2.9.65&r=stable&ec=0&o=30&fbp=fb.2.1658415641150.1105444485&it=1658415640978&coo=false&exp=u0&rqm=GET

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:41 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Thu, 21 Jul 2022 15:00:41 GMT

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 500ms
122ms Fetch
text/plain 70.42.32.63
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=f05da31ff0d4d980bfc0a31cd4d1d7fa_1769_1658415641142&tm=552&eT=6&wRV=2000820&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&cheq=0&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.63 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Thu, 21 Jul 2022 15:00:41 GMT
content-encoding: gzip
X-TraceId: 22683ce4afb860c900f22be8072f4970
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H2 200 get Show response
odb.outbrain.com/utils/ 21 KB
7 KB 307ms
307ms Script
text/javascript 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.walla.co.il%2F&idx=1&rand=53477&key=NANOWDGT01&widgetJSId=HPP&va=true&et=true&format=html&t=ZjA1ZGEzMWZmMGQ0ZDk4MGJmYzBhMzFjZDRkMWQ3ZmE=&adblck=false&abwl=false&px=209&py=1265&vpd=65&cw=282&activeTab=true&darkMode=false&ab=0&wl=0&settings=true&recs=true&version=2000820&sig=fzcKihyX&apv=false&false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fwww.walla.co.il%2F
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 415df2c6aa40a8836c2d0d0e47ec93a9fd53841d268cf9bf3fe97be930586e6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:41 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, HHN, Europe1
x-timer: S1658415641.240704,VS0,VE271
accept-ranges: bytes
x-served-by: cache-lga21933-LGA, cache-hhn4050-HHN
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-cache-hits: 0, 0
x-traceid: 7880c79673aba562a4ed17987c5f75db
content-encoding: gzip
content-length: 6948
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 62ms
62ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-4780630-1&cid=210978062.1658415641&jid=2135507019&_u=YEBAAEAAAAAAAC~&z=161087434

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 61ms
61ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-4780630-1&cid=210978062.1658415641&jid=2135507019&_u=YEBAAEAAAAAAAC~&z=161087434

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ 3 KB
3 KB 38ms
37ms Image
image/svg+xml 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:41 GMT
last-modified: Sun, 03 Jul 2022 06:49:40 GMT
server: AkamaiNetStorage
etag: "9d26fa4e7238ed94f1d0d92afb453b3e:1656855957.074767"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2735
expires: Sat, 20 Aug 2022 15:00:41 GMT

GET
H2 200 ob_logo_16x16.svg
widgets.outbrain.com/images/widgetIcons/ 13 KB
14 KB 40ms
40ms Image
image/svg+xml 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/ob_logo_16x16.svg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: c3c89d5295be3c6415416b83a9e4c0fc67a790e55713ddc3f2d0c07185779acf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:41 GMT
last-modified: Sun, 03 Jul 2022 06:49:40 GMT
server: AkamaiNetStorage
etag: "af7be0711fb1cf2f41bb793256c8f148:1656855972.876614"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 13687
expires: Sat, 20 Aug 2022 15:00:41 GMT

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 306ms
124ms Fetch
text/plain 70.42.32.63
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=74b1f5bedb1247a6efa244d09001db0b_1769_1658415641445&tm=869&eT=0&widgetWidth=282&widgetHeight=263&widgetX=209&widgetY=1274&wRV=2000820&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=312&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.63 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Thu, 21 Jul 2022 15:00:41 GMT
content-encoding: gzip
X-TraceId: 7bac4f9f78842f685d1ba75c9f27d0cc
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H2 200 get Show response
odb.outbrain.com/utils/ 32 KB
12 KB 249ms
249ms Script
text/javascript 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.walla.co.il%2F&idx=2&rand=44401&key=NANOWDGT01&widgetJSId=HPC_2&va=true&et=true&format=html&t=ZjA1ZGEzMWZmMGQ0ZDk4MGJmYzBhMzFjZDRkMWQ3ZmE=&adblck=false&abwl=false&px=535&py=4012&vpd=2812&cw=865&activeTab=true&darkMode=false&ab=0&wl=0&settings=true&recs=true&version=2000820&sig=fzcKihyX&apv=false&false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fwww.walla.co.il%2F
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: fbb6e8750ab278deb47402298f629ef317bd4f4fa79411cf386af3839aabd544

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:41 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, HHN, Europe1
x-timer: S1658415642.557134,VS0,VE212
accept-ranges: bytes
x-served-by: cache-lga13625-LGA, cache-hhn4050-HHN
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-cache-hits: 0, 0
x-traceid: a4446ce83c5b7cd2da4c891192a260f0
content-encoding: gzip
content-length: 11778
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 eyJpdSI6IjM1ODNkNzg3MTMwZThhOGYwMDI3OGU2NmI0NTRiZmNkMTY3NGY3NmIyYjZiNjUzMWJmY2U5MWU3ZDRiZjY2OTEiLCJ3IjoyNDAsImgiOjEzNiwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 18 KB
18 KB 133ms
37ms Image
image/webp 23.35.229.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjM1ODNkNzg3MTMwZThhOGYwMDI3OGU2NmI0NTRiZmNkMTY3NGY3NmIyYjZiNjUzMWJmY2U5MWU3ZDRiZjY2OTEiLCJ3IjoyNDAsImgiOjEzNiwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-181.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 174da9a146704c3a5babacc0df07449c619a8fdc8ca633a81caf214f8d373b55

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:41 GMT
last-modified: Mon, 06 Jun 2022 08:15:34 GMT
access-control-allow-methods: GET,POST
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=1063006
access-control-allow-credentials: false
x-traceid: 5b990939f975c8ba93537fec66f8d37f
timing-allow-origin: *, *
content-length: 18164

POST
H3 200 / Show response
www.facebook.com/tr/ Frame DBDD 0
15 B 80ms
39ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.walla.co.il
Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.walla.co.il
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Thu, 21 Jul 2022 15:00:41 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 282A 0
18 B 43ms
38ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.walla.co.il
Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.walla.co.il
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Thu, 21 Jul 2022 15:00:41 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/160447/3622/ 262 KB
81 KB 129ms
37ms Script
text/javascript 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/160447/3622/pwt.js
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1658361600000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 5112533882ea77891976997afbeaf5416df1ac1a423c8177fdfce6d5e4e3bce9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:41 GMT
content-encoding: gzip
last-modified: Wed, 14 Jul 2021 08:22:46 GMT
server: Apache
etag: "1481c32-41771-5c7110f340cdf"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=100282
accept-ranges: bytes
content-type: text/javascript
content-length: 82748
expires: Fri, 22 Jul 2022 18:52:03 GMT

GET
H2 200 / Show response
csync.smilewanted.com/ 6 KB
2 KB 147ms
61ms Script
application/javascript 104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1658361600000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e000cd23f80b9d053efb8bad2dc4a959b0a54e1cce90211acd5ed3f35e4dda7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:41 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-credentials: true
cf-ray: 72e4cec1aff39290-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
2 KB 136ms
58ms XHR
application/json 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220721

Requested by

Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1658361600000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7fe4c804a20b8c333014cfa14370d529406baa39ce3d80bf03398f63fe29f722

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 21 Jul 2022 15:00:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 43186
x-jsd-version: 1.0.1407
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19150-FRA, cache-iad-kiad7000023-IAD
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"66a-RrIZ3BgdiZbd+gYTQL0yHX71+xo"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tHPKH3NlRbtfz59%2BG4SRZKFe5upGHUeGXxNroFr6JTEE45uKS1QQXVqKMa7ha4oCSL2nedvF%2FkPeL0%2FN%2FiXjjT5vqF0OFbNrFKNUh4w%2FEVprW2PWi7xMCZ4aXOEEi7kVHRDzG96aIn64244TSaU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 72e4cec1b9859b69-FRA
access-control-expose-headers: *

GET
H2 200 localstore.js Show response
script.4dex.io/ 483 B
941 B 132ms
46ms Script
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1658361600000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1130448
x-amz-request-id: txc6abd54ace594ae2a5b2f-00629f4bc7
x-amz-id-2: txc6abd54ace594ae2a5b2f-00629f4bc7
last-modified: Tue, 10 May 2022 09:57:32 GMT
server: cloudflare
etag: W/"922cffdd75f7192f75231d92684885aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6CQn5Hl7M%2FcrHFRzvBaAhM7Jl8y%2FUJDWySQdSLQCTtwYgpTqoRUOqXU%2F4Obmq3p4W09sZvgmCV9hTt7CdoaXC05OqRhnQxUP5cU8NYlrtnCUlL%2FxVOVyIjquywI9nDve8mHVqEzyuP47cXsi"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=1800
x-amz-version-id: 1652176652152482
cf-ray: 72e4cec1cd139ba1-FRA

POST
H2 200 / Show response
prebid.smilewanted.com/ 0
437 B 150ms
61ms XHR
application/json 104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1658361600000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 21 Jul 2022 15:00:41 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.walla.co.il
access-control-allow-credentials: true
cf-ray: 72e4cec1dbfc8fc5-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 200 / Show response
prebid.smilewanted.com/ 0
77 B 155ms
66ms XHR
application/json 104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1658361600000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 21 Jul 2022 15:00:41 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.walla.co.il
access-control-allow-credentials: true
cf-ray: 72e4cec1dbfd8fc5-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 200 / Show response
prebid.smilewanted.com/ 0
77 B 155ms
67ms XHR
application/json 104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1658361600000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 21 Jul 2022 15:00:41 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.walla.co.il
access-control-allow-credentials: true
cf-ray: 72e4cec1dbff8fc5-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 200 / Show response
prebid.smilewanted.com/ 0
75 B 151ms
62ms XHR
application/json 104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1658361600000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 21 Jul 2022 15:00:41 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.walla.co.il
access-control-allow-credentials: true
cf-ray: 72e4cec1dc008fc5-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 36 B
639 B 159ms
72ms XHR
application/json 104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=715831&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%226d6e63fd553edd%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.walla.co.il%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A4%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A4%2C%22ren%22%3Afalse%2C%22version%22%3A%226.14.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2278e3742e52608%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A120%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22715831%22%2C%22sid%22%3A%22120x600%22%7D%7D%2C%7B%22w%22%3A160%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22715831%22%2C%22sid%22%3A%22160x600%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%2243010785%2Fwallanews%2Fmain%2Fskyscraper_desktop%22%2C%22gpid%22%3A%2243010785%2Fwallanews%2Fmain%2Fskyscraper_desktop%22%7D%7D%2C%7B%22id%22%3A%22928fbd0e1dcd64%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22715831%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%2243010785%2Fwallanews%2Fmain%2Fyad2_rectangle_desktop%22%2C%22gpid%22%3A%2243010785%2Fwallanews%2Fmain%2Fyad2_rectangle_desktop%22%7D%7D%2C%7B%22id%22%3A%22104aebc9686567e%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22715831%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%2243010785%2Fwallanews%2Fmain%2Fshopping_rectangle%22%2C%22gpid%22%3A%2243010785%2Fwallanews%2Fmain%2Fshopping_rectangle%22%7D%7D%2C%7B%22id%22%3A%2211b5b66daf4c8a7%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22715831%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%2243010785%2Fwallanews%2Fmain%2Fsport_small_rectangle_desktop%22%2C%22gpid%22%3A%2243010785%2Fwallanews%2Fmain%2Fsport_small_rectangle_desktop%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22valuad.io%22%2C%22sid%22%3A%2215113%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1658361600000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 225ab2182f57f572cb26be0a021ba087e2802954726a95335b7dba003a5d41fd

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 21 Jul 2022 15:00:41 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BDyiHiw%2FWQABksMAgXIr%2BVkUdO8PPhHBAh%2BIzlpiRRXn3m1njYyn4y56Kpkp6uSPoBopTDTd2YKCPa1syCiMvAJlqsYGqcvtkht2nIlLYs5eaFZvIAV5jIGXfak4xOqxBVBzdf%2Bm"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.walla.co.il
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 72e4cec1e9a75bf5-FRA
expires: 0

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
362 B 122ms
38ms XHR
application/json 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1658361600000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://www.walla.co.il
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
337 B 206ms
49ms XHR
application/json 185.86.139.96
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1658361600000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.96 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:41 GMT
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.walla.co.il
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
337 B 206ms
49ms XHR
application/json 185.86.139.96
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1658361600000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.96 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:41 GMT
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.walla.co.il
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
337 B 205ms
49ms XHR
application/json 185.86.139.96
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1658361600000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.96 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:41 GMT
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.walla.co.il
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
277 B 441ms
184ms XHR
text/plain 145.40.89.200
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1658361600000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.walla.co.il
date: Thu, 21 Jul 2022 15:00:41 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 65
vary: origin, Accept-Encoding

GET
H2 200 arj Show response
u.openx.net/w/1.0/ 73 B
380 B 133ms
51ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.walla.co.il%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=f30de9d8-78ca-488c-8bf8-4b5c0ebe6e50%2C507cb5d2-5b30-4e23-8253-cfea294ebec9%2C49d8a1ba-b267-4b16-ac49-ca086ebacd96%2Cc4957d2e-85c7-45d2-9b94-61224936c14e&nocache=1658415641798&ph=699eab9c-3b10-4094-afdb-80584fcca830&schain=1.0%2C1!valuad.io%2C15113%2C1%2C%2C%2C&aus=120x600%2C160x600%7C300x250%7C300x250%7C300x250&divids=adSlot-2%2CadSlot-4%2CadSlot-5%2CadSlot-8&aucs=43010785%252Fwallanews%252Fmain%252Fskyscraper_desktop%2C43010785%252Fwallanews%252Fmain%252Fyad2_rectangle_desktop%2C43010785%252Fwallanews%252Fmain%252Fshopping_rectangle%2C43010785%252Fwallanews%252Fmain%252Fsport_small_rectangle_desktop&auid=544104782%2C544104782%2C544104782%2C544104782
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1658361600000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/485d39a /
Resource Hash: 3cbfed205617b78e439cb98be5603b7198203f711239223016bd26fcac9ea0a1

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:41 GMT
content-encoding: gzip
server: OXGW/485d39a
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.walla.co.il
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 24 B
647 B 148ms
46ms XHR
application/json 72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.14.0
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1658361600000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash: f3bc2914ab680c3e10ed2634239545ee57cfa6b38639cdbc6665ff232a8dce70

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 21 Jul 2022 15:00:41 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://www.walla.co.il
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 24

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
707 B 135ms
44ms XHR
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1658361600000

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 21 Jul 2022 15:00:41 GMT
X-Proxy-Origin: 80.255.7.107; 80.255.7.107; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 4d82b7af-8f9d-41e1-91de-32426a1b6e0e
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.walla.co.il
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
707 B 141ms
48ms XHR
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1658361600000

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

ec2-3-122-79-70.eu-central-1.compute.amazonaws.com

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 21 Jul 2022 15:00:41 GMT
X-Proxy-Origin: 80.255.7.107; 80.255.7.107; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 9dc2da7b-04d7-4739-8521-b4678bcaa2ff
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.walla.co.il
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 prebid Show response
mp.4dex.io/ 114 B
597 B 155ms
67ms XHR
application/json 2606:4700::6812:272
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1658361600000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a26adedcfdaacf49a102cd7fdb1459e095a56373632d4c2e66cabda5f86d798

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

cf-ray: 72e4cec1fd87bbc5-FRA
pragma: no-cache
date: Thu, 21 Jul 2022 15:00:41 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
x-warn: Preparing candidates. No matching rules and/or Bids disallowed and/or Invalid predictions
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.walla.co.il
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
server: cloudflare
expires: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
116 B 163ms
57ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1658361600000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.walla.co.il
date: Thu, 21 Jul 2022 15:00:41 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 320 B
1 KB 246ms
78ms XHR
application/json 2602:803:c003:200::31
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=9&alt_size_ids=8&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.pbadslot=43010785%2Fwallanews%2Fmain%2Fskyscraper_desktop&tk_flint=pbjs_lite_v6.14.0&x_source.tid=f30de9d8-78ca-488c-8bf8-4b5c0ebe6e50&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Fmain%2Fskyscraper_desktop&slots=1&rand=0.4587374779528106
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1658361600000
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 7facaf3f6ec9e4753ee309af562e6b5d6b2a43bf1dbb7b0ef1dfe7026387cc2d

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 21 Jul 2022 15:00:42 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.walla.co.il
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 320
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 306 B
1 KB 229ms
61ms XHR
application/json 2602:803:c003:200::31
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=15&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.pbadslot=43010785%2Fwallanews%2Fmain%2Fyad2_rectangle_desktop&tk_flint=pbjs_lite_v6.14.0&x_source.tid=507cb5d2-5b30-4e23-8253-cfea294ebec9&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Fmain%2Fyad2_rectangle_desktop&slots=1&rand=0.7598458358039364
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1658361600000
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 6ebca8cee823e3b7d10ef0e59f4590c5b0496481be84a78eb38ea45175dc3e3b

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 21 Jul 2022 15:00:42 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.walla.co.il
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 306
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 302 B
1 KB 306ms
76ms XHR
application/json 2602:803:c003:200::31
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=15&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.pbadslot=43010785%2Fwallanews%2Fmain%2Fshopping_rectangle&tk_flint=pbjs_lite_v6.14.0&x_source.tid=49d8a1ba-b267-4b16-ac49-ca086ebacd96&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Fmain%2Fshopping_rectangle&slots=1&rand=0.3660299677265497
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1658361600000
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 6df029c61a17044a08a7d12e4405f718ed56bfaec35cf01aecc368746f1bd695

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 21 Jul 2022 15:00:42 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.walla.co.il
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 302
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 313 B
1 KB 315ms
69ms XHR
application/json 2602:803:c003:200::31
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=15&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.pbadslot=43010785%2Fwallanews%2Fmain%2Fsport_small_rectangle_desktop&tk_flint=pbjs_lite_v6.14.0&x_source.tid=c4957d2e-85c7-45d2-9b94-61224936c14e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Fmain%2Fsport_small_rectangle_desktop&slots=1&rand=0.6687273029249035
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1658361600000
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: f2d103d16428257bb83403b172e218015f693aa1539f22cc3c3324a7efec3b95

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 21 Jul 2022 15:00:42 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.walla.co.il
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 313
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ 714 B
1 KB 255ms
154ms XHR
application/json 185.255.84.150
IGUANE-

General

Check archive.org

Show headers Download Go to

Full URL

https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.walla.co.il%2F&CanonicalUrl=https%3A%2F%2Fwww.walla.co.il%2F&PublisherDomain=walla.co.il

Requested by

Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1658361600000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.150 Ivry-sur-Seine, France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

1ccec51aceeea80659ea7be8236a7d938a235e6439f60f0bd15d7b4531c8e584

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:41 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.walla.co.il
access-control-max-age: 3600
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 107
access-control-allow-headers: Accept-Encoding, Content-Type
content-length: 714
expires: 0

POST
H/1.1 204
No Content / Show response
b1h-euc1.zemanta.com/api/bidder/prebid/bid/ 0
145 B 146ms
42ms XHR
text/plain 213.227.153.220
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://b1h-euc1.zemanta.com/api/bidder/prebid/bid/
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1658361600000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.227.153.220 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: v182.ce13.ams-01.nl.leaseweb.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

Connection: keep-alive
Access-Control-Allow-Origin: https://www.walla.co.il
Access-Control-Allow-Credentials: true

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
587 B 127ms
42ms XHR
application/json 3.122.79.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=6.14.0&referrer=https%3A%2F%2Fwww.walla.co.il%2F&tmax=3000

Requested by

Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1658361600000

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.122.79.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:41 GMT
accept-ch: sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua
x-auction-status: 12, 12, 12, 12, 12
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.walla.co.il
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ 18 B
313 B 161ms
65ms XHR
application/json 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.14.0&cb=60555832716

Requested by

Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1658361600000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 21 Jul 2022 15:00:40 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.walla.co.il
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 44

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
557 B 204ms
72ms XHR
application/json 185.86.139.96
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1658361600000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.96 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:41 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.walla.co.il
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
337 B 181ms
49ms XHR
application/json 185.86.139.96
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1658361600000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.96 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:41 GMT
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.walla.co.il
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
337 B 181ms
50ms XHR
application/json 185.86.139.96
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1658361600000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.96 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:41 GMT
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.walla.co.il
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
337 B 229ms
48ms XHR
application/json 185.86.139.96
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1658361600000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.96 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:41 GMT
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.walla.co.il
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 136ms
53ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.walla.co.il

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071801.js?cb=31068544

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 21 Jul 2022 15:00:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 133ms
50ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.walla.co.il

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071801.js?cb=31068544

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 21 Jul 2022 15:00:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 57 KB
14 KB 507ms
506ms XHR
text/plain 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=177848091060524&correlator=2822928224251509&eid=31068544%2C31068502%2C44752585%2C42531608%2C31064018%2C31062931&output=ldjh&gdfp_req=1&vrg=2022071801&ptt=17&impl=fifs&iu_parts=43010785%2Cwallanews%2Cmain%2Cnickbar_desktop%2Ctop_desktop%2Cpremium_rectangle1_desktop%2Cdontmiss_strip_desktop%2Cnew_strip_adx_desktop%2Crm1_desktop%2Crm2_desktop%2Crm3_desktop%2Crm4_desktop%2Crm5_desktop%2Crm6_desktop%2Crm7_desktop%2Crm8_desktop%2Crm9_desktop%2Crm10_desktop%2Crm11_desktop%2Crm12_desktop&enc_prev_ius=0%2F1%2F2%2F3%2C0%2F1%2F2%2F4%2C0%2F1%2F2%2F5%2C0%2F1%2F2%2F6%2C0%2F1%2F2%2F7%2C0%2F1%2F2%2F8%2C0%2F1%2F2%2F9%2C0%2F1%2F2%2F10%2C0%2F1%2F2%2F11%2C0%2F1%2F2%2F12%2C0%2F1%2F2%2F13%2C0%2F1%2F2%2F14%2C0%2F1%2F2%2F15%2C0%2F1%2F2%2F16%2C0%2F1%2F2%2F17%2C0%2F1%2F2%2F18%2C0%2F1%2F2%2F19&prev_iu_szs=1200x40%2C1x1%7C480x1%7C480x270%7C640x753%7C640x1%7C770x430%7C728x90%7C720x300%7C970x2%7C970x1%7C970x90%7C970x130%7C970x180%7C970x250%7C970x330%7C970x350%7C970x550%7C990x160%7C1200x1%7C1200x90%7C1200x250%7C1200x330%7C1200x350%7C1200x550%2C300x200%2C320x50%7C865x190%2C320x50%7C865x190%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1&fluid=0%2C0%2C0%2Cheight%2Cheight%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ifi=1&adks=1750305995%2C885339185%2C2822717126%2C3185403617%2C2716742207%2C581680296%2C789944261%2C627877343%2C4035892787%2C2413266992%2C3423946288%2C941261708%2C3384287595%2C2655517679%2C199863041%2C41169728%2C2603141511&sfv=1-0-38&ecs=20220721&ists=4095&fsapi=false&prev_scp=slot_name%3Dnickbar_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Dtop_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Dpremium_rectangle1_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Ddontmiss_strip_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Dnew_strip_adx_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm1_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm2_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm3_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm4_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm5_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm6_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm7_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm8_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm9_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm10_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm11_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm12_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1&eri=1&cust_params=permutive%3D&sc=1&cookie_enabled=1&abxe=1&dt=1658415641842&lmt=1658415641&dlt=1658415639404&idt=412&adxs=200%2C920%2C200%2C535%2C535%2C800%2C800%2C800%2C800%2C800%2C800%2C800%2C800%2C800%2C800%2C800%2C800&adys=1200%2C20%2C1250%2C2847%2C3574%2C10528%2C10528%2C10528%2C10528%2C10528%2C10528%2C10528%2C10528%2C10528%2C10528%2C10528%2C10528&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1%7C0%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7C10%7C11%7C12%7C13%7C14%7C15%7C16&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf%7Cg%7Ch&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.walla.co.il%2F&frm=20&vis=1&psz=0x-1%7C1200x0%7C300x0%7C865x0%7C865x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0&msz=1200x-1%7C480x0%7C300x0%7C865x0%7C865x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0&fws=644%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132&ohw=0%2C1200%2C300%2C865%2C865%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600&ga_vid=210978062.1658415641&ga_sid=1658415642&ga_hid=2039212197&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071801.js?cb=31068544

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dbda5c56443119b0df5e72955b6fd3555a16e01f711e3d71ed9c072ab146fd2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:42 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14233
x-xss-protection: 0
google-lineitem-id: -2,-1,-1,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-1,-1,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.walla.co.il
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8A32 6 KB
4 KB 163ms
46ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071801.js?cb=31068544

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Jul 2022 15:00:42 GMT
expires: Fri, 21 Jul 2023 15:00:42 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ob_logo_67x12.png
widgets.outbrain.com/images/widgetIcons/ 2 KB
3 KB 56ms
55ms Image
image/png 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/ob_logo_67x12.png
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:41 GMT
last-modified: Sun, 03 Jul 2022 06:49:40 GMT
server: AkamaiNetStorage
etag: "c52b07e749f7a09fa7b97b7e195e06ce:1656855974.293667"
access-control-allow-methods: GET,POST
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2326
expires: Sat, 20 Aug 2022 15:00:41 GMT

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 123ms
122ms Fetch
text/plain 70.42.32.63
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=62a5ab7ef6364fe4fc78bef8f586a198_1769_1658415641715&tm=1273&eT=0&widgetWidth=865&widgetHeight=259&widgetX=535&widgetY=4032&wRV=2000820&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=398&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.63 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Thu, 21 Jul 2022 15:00:42 GMT
content-encoding: gzip
X-TraceId: a28ea9c5537a29888a6b1a813bcbdce9
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H2 200 clip.js Show response
widgets.outbrain.com/nanoWidget/2000820/module/ 1 KB
1 KB 71ms
70ms Script
application/x-javascript 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/2000820/module/clip.js?e=1
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 338bfe765eab2725734f528a1480bdbabeb9843a9623e1e4dd941fe750afdf86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:41 GMT
content-encoding: gzip
last-modified: Tue, 19 Jul 2022 13:43:54 GMT
server: AkamaiNetStorage
etag: "4be898198806ca834bc06253defbdf92:1658240087.16586"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 700
expires: Thu, 21 Jul 2022 19:00:41 GMT

GET
H2 200 get Show response
odb.outbrain.com/utils/ 37 KB
12 KB 260ms
258ms Script
text/javascript 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.walla.co.il%2F&idx=3&rand=48671&key=NANOWDGT01&widgetJSId=HPC&va=true&et=true&format=html&t=ZjA1ZGEzMWZmMGQ0ZDk4MGJmYzBhMzFjZDRkMWQ3ZmE=&adblck=false&abwl=false&px=535&py=10726&vpd=9526&cw=865&activeTab=true&darkMode=false&ab=0&wl=0&settings=true&recs=true&version=2000820&sig=fzcKihyX&apv=false&false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fwww.walla.co.il%2F
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b98a4af07bc1bb65f7eaa5582b24db6c9eef01ee69e9169816585034329d57b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:42 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, HHN, Europe1
x-timer: S1658415642.964700,VS0,VE222
accept-ranges: bytes
x-served-by: cache-lga21922-LGA, cache-hhn4050-HHN
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-cache-hits: 0, 0
x-traceid: 769d56925605b0ab91eef10911c3e73a
content-encoding: gzip
content-length: 12206
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 eyJpdSI6ImY4YjBhM2VhYjY2YTJkN2JkZTYyY2E4MGI4ZTJiOTM4ZDA1NjdiNGZhZGU5NjE1ZTdlYWViZGZjYzc0NGM2MDkiLCJ3Ijo1MDAsImgiOjMyMCwiZCI6MS41LCJjcyI6MiwiZiI6NX0.mp4
images.outbrainimg.com/transform/v3/ 10 KB
10 KB 43ms
41ms Image
video/mp4 23.35.229.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImY4YjBhM2VhYjY2YTJkN2JkZTYyY2E4MGI4ZTJiOTM4ZDA1NjdiNGZhZGU5NjE1ZTdlYWViZGZjYzc0NGM2MDkiLCJ3Ijo1MDAsImgiOjMyMCwiZCI6MS41LCJjcyI6MiwiZiI6NX0.mp4
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-181.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:41 GMT
last-modified: Wed, 27 Oct 2021 20:09:39 GMT
access-control-allow-methods: GET,POST
content-type: video/mp4
access-control-allow-origin: *
cache-control: max-age=1673025
access-control-allow-credentials: false
x-traceid: 077d24b86ade944761285ac2283096e5
timing-allow-origin: *, *
content-length: 150909

GET
H2 200 eyJpdSI6IjBkYTNhMGYxYjVkMGVlMTlhNjJkZWY1OGEwYmNkZjA0OWY1ZDMxZmY1NDVhY2Y4ZDlmMmJjZGY2MTgxYTI3MDgiLCJ3Ijo1MDAsImgiOjMyMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 125 KB
125 KB 83ms
81ms Image
image/webp 23.35.229.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjBkYTNhMGYxYjVkMGVlMTlhNjJkZWY1OGEwYmNkZjA0OWY1ZDMxZmY1NDVhY2Y4ZDlmMmJjZGY2MTgxYTI3MDgiLCJ3Ijo1MDAsImgiOjMyMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-181.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c8d5377e22383dffcd5449bf7b27551d77b8c46f10b4f01a1c8a5f08d15c6724

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:41 GMT
last-modified: Wed, 30 Mar 2022 17:20:41 GMT
access-control-allow-methods: GET,POST
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=1591488
access-control-allow-credentials: false
x-traceid: e683d094b5bf716c18ccda34fcdcc5ac
timing-allow-origin: *, *
content-length: 127834

GET
H2 200 eyJpdSI6IjQ4MTJiNjRkZDAwMzlkNjE3ODYwNmJkNzNkMDI1NjI0N2MzYTc1OGVkNDliNmU5NDljMTY3NjU3OWRiZTAyMTMiLCJ3Ijo1MDAsImgiOjMyMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 20 KB
20 KB 93ms
91ms Image
image/webp 23.35.229.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjQ4MTJiNjRkZDAwMzlkNjE3ODYwNmJkNzNkMDI1NjI0N2MzYTc1OGVkNDliNmU5NDljMTY3NjU3OWRiZTAyMTMiLCJ3Ijo1MDAsImgiOjMyMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-181.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1f91de92477e1bde088a285203f194a5fb47b8eb38438a699babc56e2215c6a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:42 GMT
last-modified: Fri, 01 Jul 2022 04:27:25 GMT
access-control-allow-methods: GET,POST
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=697317
access-control-allow-credentials: false
x-traceid: 1d079ce9b3f53e6b4b000d55fef3e8a9
timing-allow-origin: *, *
content-length: 20002

GET
H2 200 eyJpdSI6IjZkNWJkYTMwNDI4Zjk5MmYyMzExNjM4ZDU5ZGRlMzJmNDk0ZGYwNmNmNTZmZjdjNDM5NWM3ZDZkMTJmZDI3YjkiLCJ3Ijo1MDAsImgiOjMyMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 63 KB
64 KB 108ms
106ms Image
image/webp 23.35.229.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjZkNWJkYTMwNDI4Zjk5MmYyMzExNjM4ZDU5ZGRlMzJmNDk0ZGYwNmNmNTZmZjdjNDM5NWM3ZDZkMTJmZDI3YjkiLCJ3Ijo1MDAsImgiOjMyMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-181.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8159081febb0d5072716cdcd1e714a22aae8a13b4b07270a3f7a8c216fa286d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:42 GMT
last-modified: Sat, 09 Jul 2022 18:05:50 GMT
access-control-allow-methods: GET,POST
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=1436647
access-control-allow-credentials: false
x-traceid: fe5e48bc92484dc007e281465f0e411e
timing-allow-origin: *, *
content-length: 64944

GET
H2 206 eyJpdSI6ImY4YjBhM2VhYjY2YTJkN2JkZTYyY2E4MGI4ZTJiOTM4ZDA1NjdiNGZhZGU5NjE1ZTdlYWViZGZjYzc0NGM2MDkiLCJ3Ijo1MDAsImgiOjMyMCwiZCI6MS41LCJjcyI6MiwiZiI6NX0.mp4
images.outbrainimg.com/transform/v3/ 147 KB
148 KB 107ms
106ms Media
video/mp4 23.35.229.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImY4YjBhM2VhYjY2YTJkN2JkZTYyY2E4MGI4ZTJiOTM4ZDA1NjdiNGZhZGU5NjE1ZTdlYWViZGZjYzc0NGM2MDkiLCJ3Ijo1MDAsImgiOjMyMCwiZCI6MS41LCJjcyI6MiwiZiI6NX0.mp4
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-181.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4d298d78ca508cdf5b8083146dd9d57b4b2ab208aec5d88d72af0204918b8b88

Request headers

Referer: https://www.walla.co.il/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Range: bytes=0-

Response headers

date: Thu, 21 Jul 2022 15:00:42 GMT
last-modified: Wed, 27 Oct 2021 20:09:39 GMT
access-control-allow-origin: *
access-control-allow-methods: GET,POST
content-type: video/mp4
Content-Range: bytes 0-150908/150909
cache-control: max-age=1673024
access-control-allow-credentials: false
x-traceid: 077d24b86ade944761285ac2283096e5
timing-allow-origin: *, *
Content-Length: 150909

GET
H2 200 decode_consent.js Show response
static.smilewanted.com/js/decode_consent/ 48 KB
12 KB 78ms
47ms Script
application/javascript 104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.smilewanted.com/js/decode_consent/decode_consent.js

Requested by

Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2363
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Thu, 15 Apr 2021 17:11:55 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"607873db-c1ce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 72e4cec2992b9290-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 adagio.js Show response
script.4dex.io/ 72 KB
23 KB 130ms
50ms Fetch
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1130443
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-request-id: tx2784d4621ca340258eec8-00629f4bcb
x-amz-id-2: tx2784d4621ca340258eec8-00629f4bcb
last-modified: Tue, 10 May 2022 09:57:31 GMT
server: cloudflare
etag: W/"2430496689c00115831347992a974246"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nMoLG%2B0Fo372Wt1B%2Bhqu6ksRbt15KoDJ1IBL%2Bg9GqCYLqn%2BPJI9SPPCgYbhvRRwCY%2BjbBdA2GGyM%2BRQkAz%2FD%2F0PPmaLAxgRuawoFomqSQJJ0yC%2F2oOxvOZnQRLQOtd5CzjZ0%2BSHcM9EeDjfB"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
access-control-allow-credentials: true
x-amz-version-id: 1652176651393042
cf-ray: 72e4cec2e993994a-FRA
access-control-allow-headers: Authorization

GET
H2 200 drop_cookie_sw.php Show response
csync.smilewanted.com/ Frame C5C6 0
339 B 56ms
55ms Document
text/html 104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/drop_cookie_sw.php
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 72e4cec2f98c9290-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 21 Jul 2022 15:00:42 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
vary: Accept-Encoding

GET
H2

200

729a63af81b54747169872ac77c5a7e Show response
csync.smilewanted.com/set_partner_userid_get/freewheel/ Frame 09CC
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
https://csync.smilewanted.com/set_partner_userid_get/freewheel/729a63af81b54747169872ac77c5a7e

0
443 B

60ms
60ms

Document
text/html

104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/freewheel/729a63af81b54747169872ac77c5a7e
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 72e4cec50c389290-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 21 Jul 2022 15:00:42 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
vary: Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
Date: Thu, 21 Jul 2022 15:00:42 GMT
Expires: Thu, 21 Jul 2022 15:00:42 GMT
Location: https://csync.smilewanted.com/set_partner_userid_get/freewheel/729a63af81b54747169872ac77c5a7e
Pragma: no-cache
Server: nginx
x-sticky-vk: 1658415642277058-588

GET
H2

200

DmBriWGbjyLQzZ93XN3U Show response
csync.smilewanted.com/set_partner_userid_get/rtbhouse/ Frame E451
Redirect Chain

https://creativecdn.com/cm-notify?pi=smilewanted
https://creativecdn.com/cm-notify?pi=smilewanted&tc=1
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/DmBriWGbjyLQzZ93XN3U?pi=smilewanted&tc=1

0
375 B

58ms
58ms

Document
text/html

104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/DmBriWGbjyLQzZ93XN3U?pi=smilewanted&tc=1
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 72e4cec45b3e9290-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 21 Jul 2022 15:00:42 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
vary: Accept-Encoding

Redirect headers

cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
date: Thu, 21 Jul 2022 15:00:42 GMT Thu, 21 Jul 2022 15:00:42 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/DmBriWGbjyLQzZ93XN3U?pi=smilewanted&tc=1
pragma: no-cache

GET
H/1.1

200
OK

setuid Show response
ib.adnxs.com/prebid/ Frame DB8F
Redirect Chain

https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%...
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=09b6e8fe602f87860209682331428310

43 B
1 KB

55ms
55ms

Document
image/gif

185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=09b6e8fe602f87860209682331428310

Requested by

Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

AN-X-Request-Uuid: 7ec1ae39-adb8-403e-bcc2-303da826b35c
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Thu, 21 Jul 2022 15:00:42 GMT
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma: no-cache
Server: nginx/1.21.3
X-Proxy-Origin: 80.255.7.107; 80.255.7.107; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 72e4cec3aa5e9290-FRA
content-type: text/html; charset=UTF-8
date: Thu, 21 Jul 2022 15:00:42 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=09b6e8fe602f87860209682331428310
server: cloudflare

GET
H2 200 connectmyusers.php Show response
cdn.connectad.io/ Frame 19F9 1 KB
910 B 156ms
67ms Document
text/html 2606:4700:10::ac43:8ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 72e4cec47ca59b52-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 21 Jul 2022 15:00:42 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 127ms
127ms Fetch
text/plain 70.42.32.63
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=6003239832a81988ef80c067a57b7f85_1769_1658415642133&tm=1551&eT=0&widgetWidth=865&widgetHeight=375&widgetX=535&widgetY=10786&wRV=2000820&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=270&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.63 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Thu, 21 Jul 2022 15:00:42 GMT
content-encoding: gzip
X-TraceId: 78203a3106b9a12f18e307de3a5d0f0f
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H2 200 streamFeed.js Show response
widgets.outbrain.com/nanoWidget/2000820/module/ 38 KB
14 KB 41ms
41ms Script
application/x-javascript 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/2000820/module/streamFeed.js?e=1
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: afd66c8058019e8a416ff8d6bd4ab022407925aef7a7ad7e18be02dc781b1bd0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:42 GMT
content-encoding: gzip
last-modified: Tue, 19 Jul 2022 13:43:54 GMT
server: AkamaiNetStorage
etag: "c63e27226ea3e887ed1fdd55872ecca0:1658240115.733429"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 14047
expires: Thu, 21 Jul 2022 19:00:42 GMT

GET
H2 200 ob_logo.svg
widgets.outbrain.com/images/widgetIcons/ 12 KB
12 KB 44ms
44ms Image
image/svg+xml 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/ob_logo.svg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 02b5318a75e50e48ccddd6eac9eef067a275adc244f3c3f6186ed6b382d3f971

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:42 GMT
last-modified: Sun, 03 Jul 2022 06:49:40 GMT
server: AkamaiNetStorage
etag: "65df986ae65cffdf92a926e7c42a25a8:1656855971.383201"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 12268
expires: Sat, 20 Aug 2022 15:00:42 GMT

OPTIONS
H3 200 analytics
hb-dot-valuad.appspot.com/ Frame 0
0 208ms
131ms Preflight
text/html 2a00:1450:4001:827::2014
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://hb-dot-valuad.appspot.com/analytics?d=pubsub
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-request-id,x-vad-version
Access-Control-Request-Method: POST
Origin: https://www.walla.co.il
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-request-id,x-vad-version
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin: https://www.walla.co.il
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Thu, 21 Jul 2022 15:00:42 GMT
server: Google Frontend
x-cloud-trace-context: 7240c1224ecacaab640b7ba4d2d9b9e3
x-request-id: undefined

POST
H3 200 analytics Show response
hb-dot-valuad.appspot.com/ 16 B
35 B 165ms
165ms Fetch
application/json 2a00:1450:4001:827::2014
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://hb-dot-valuad.appspot.com/analytics?d=pubsub
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1658361600000
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Accept: application/json
Referer: https://www.walla.co.il/
x-request-id: b5b24404-9b8f-4e4c-9ec5-27c9a1354ea9
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
x-vad-version: 0.7.29
Content-Type: application/json

Response headers

date: Thu, 21 Jul 2022 15:00:42 GMT
server: Google Frontend
etag: W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.walla.co.il
x-cloud-trace-context: a580318608d6d94e2f092d31b17c742a
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16
x-request-id: undefined

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 125ms
47ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.walla.co.il

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071801.js?cb=31068544

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 21 Jul 2022 15:00:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 123ms
46ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.walla.co.il

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071801.js?cb=31068544

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 21 Jul 2022 15:00:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 76 KB
26 KB 497ms
497ms XHR
text/plain 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=177848091060524&correlator=1060936011254017&eid=31068544%2C31068502%2C44752585%2C42531608%2C31064018%2C31062931&output=ldjh&gdfp_req=1&vrg=2022071801&ptt=17&impl=fifs&iu_parts=43010785%2Cwallanews%2Cmain%2Cskyscraper_desktop%2Cyad2_rectangle_desktop%2Cshopping_rectangle%2Csport_small_rectangle_desktop&enc_prev_ius=0%2F1%2F2%2F3%2C0%2F1%2F2%2F4%2C0%2F1%2F2%2F5%2C0%2F1%2F2%2F6&prev_iu_szs=120x600%7C160x600%2C320x50%7C300x400%2C320x50%7C300x250%7C300x260%2C320x50%7C300x250&fluid=0%2Cheight%2Cheight%2Cheight&ifi=18&adks=2273020712%2C1194681899%2C1073900268%2C2033830822&sfv=1-0-38&ecs=20220721&fsapi=false&prev_scp=slot_name%3Dskyscraper_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Dyad2_rectangle_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Dshopping_rectangle%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Dsport_small_rectangle_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1&eri=1&cust_params=permutive%3D&sc=1&cookie_enabled=1&abxe=1&dt=1658415642257&lmt=1658415642&dlt=1658415639404&idt=412&adxs=1480%2C200%2C200%2C200&adys=290%2C1561%2C1576%2C3403&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C17%7C18%7C19&ucis=i%7Cj%7Ck%7Cl&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.walla.co.il%2F&frm=20&vis=1&psz=0x0%7C300x0%7C300x0%7C300x0&msz=120x0%7C300x0%7C300x0%7C300x0&fws=132%2C132%2C132%2C132&ohw=0%2C300%2C300%2C300&ga_vid=210978062.1658415641&ga_sid=1658415642&ga_hid=2039212197&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071801.js?cb=31068544

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cddcdf50f74c4f7fe5606c14b181f43994de9600a75d856d7f762209b1a22862

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27091
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.walla.co.il
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

getuid Show response
sync.smartadserver.com/ Frame 7F79
Redirect Chain

https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]
https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1

0
75 B

48ms
48ms

Document
text/plain

185.86.137.110
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.110 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
date: Thu, 21 Jul 2022 15:00:42 GMT

Redirect headers

cache-control: no-cache,no-store
content-length: 0
date: Thu, 21 Jul 2022 15:00:42 GMT
location: https://sync.smartadserver.com:443/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
pragma: no-cache

GET
H2 200 get Show response
mv.outbrain.com/Multivac/api/ 114 KB
29 KB 766ms
759ms Script
text/javascript 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fwww.walla.co.il%2F&settings=true&recs=true&widgetJSId=HPC&key=NANOWDGT01&version=2000820&apv=true&sig=fzcKihyX&format=html&rand=18270&osLang=en-US&va=true&et=true&cmpStat=0&ccpaStat=0&scrW=1600&scrH=1200&t=ZjA1ZGEzMWZmMGQ0ZDk4MGJmYzBhMzFjZDRkMWQ3ZmE=&winW=1600&winH=1200&adblck=false&abwl=false&secured=true&feedIdx=3&lastIdx=3&lastCardIdx=0&fAB=no_abtest&dpr=1&cw=865&darkMode=false&activeTab=true&ogn=https%3A%2F%2Fwww.walla.co.il%2F
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/2000820/module/streamFeed.js?e=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d9f58982c8ca4c9f4f20067ea2b82cd13bab094b075c492bda86eef395e0e3d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:43 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, HHN, Europe1
x-timer: S1658415642.324024,VS0,VE722
accept-ranges: bytes
x-served-by: cache-lga21961-LGA, cache-hhn4050-HHN
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-cache-hits: 0, 0
x-traceid: 165cb0129e5d5668a1f63547edc32c8e
content-encoding: gzip
content-length: 29249
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

60d68201-f647-48b2-98f0-5128f1476049&partner_id=1010 Show response
csync.smilewanted.com/set_partner_userid_get/improve/ Frame 721E
Redirect Chain

https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010
https://ice.360yield.com/ul_cb/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/%7BPUB_USER_ID%7D&partner_id=1010
https://csync.smilewanted.com/set_partner_userid_get/improve/60d68201-f647-48b2-98f0-5128f1476049&partner_id=1010

0
493 B

60ms
60ms

Document
text/html

104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/improve/60d68201-f647-48b2-98f0-5128f1476049&partner_id=1010
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 72e4cec60d519290-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 21 Jul 2022 15:00:42 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
vary: Accept-Encoding

Redirect headers

access-control-allow-origin: *
content-length: 0
content-type: text/plain
date: Thu, 21 Jul 2022 15:00:42 GMT
location: https://csync.smilewanted.com/set_partner_userid_get/improve/60d68201-f647-48b2-98f0-5128f1476049&partner_id=1010
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame CD8D 0
0 166ms
40ms Document
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache,no-store,must-revalidate
Content-Type: image/gif
Expires: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
X-RPHost: 3bafef7aa4e37890defcd73f0a080481

GET
H2 204 1
sync-eu.connectad.io/syncer/ Frame 0341 0
0 61ms
51ms Document
text/plain 2606:4700:10::ac43:8ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by: Host: cdn.connectad.io
URL: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://cdn.connectad.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 72e4cec50d8c9b52-FRA
date: Thu, 21 Jul 2022 15:00:42 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
via: 1.1 google

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 99BF 15 KB
6 KB 51ms
50ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=29770
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Thu, 21 Jul 2022 15:00:42 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Thu, 21 Jul 2022 23:16:52 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H3 200 container.html Show response
3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1B62 6 KB
3 KB 117ms
41ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071801.js?cb=31068544

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Jul 2022 15:00:42 GMT
expires: Fri, 21 Jul 2023 15:00:42 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3807 6 KB
3 KB 90ms
38ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071801.js?cb=31068544

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Jul 2022 15:00:42 GMT
expires: Fri, 21 Jul 2023 15:00:42 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

YtlqGmNDH3nKuhWYH7btgAAA%261145 Show response
csync.smilewanted.com/set_partner_userid_get/indexexchange/ Frame 8015
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=193216&cb=https://csync.smilewanted.com/set_partner_userid_get/indexexchange/
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Findexexchange%2F&s=193216&C=1
https://csync.smilewanted.com/set_partner_userid_get/indexexchange/YtlqGmNDH3nKuhWYH7btgAAA%261145

0
832 B

62ms
57ms

Document
text/html

104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/indexexchange/YtlqGmNDH3nKuhWYH7btgAAA%261145
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 72e4cec77efa9290-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 21 Jul 2022 15:00:42 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 72e4cec70a276928-FRA
content-length: 0
date: Thu, 21 Jul 2022 15:00:42 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
location: https://csync.smilewanted.com/set_partner_userid_get/indexexchange/YtlqGmNDH3nKuhWYH7btgAAA%261145
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j1KIs28tAJ6E5WuDT5EPTk0Z3Lbq0d0GgPsluu8zilOdWoi6Z7VLeNhZhCYflsGMTnfE%2Bc99SIPGZO8CurWTU3Gfe3pXZIvLRIS2UMvdYvlSvlKDa6ICAMicz2J7bnOxrv%2BbfPLeMqRJLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2

200

e4428496-0905-11ed-b2a5-1348667f0506 Show response
csync.smilewanted.com/set_partner_userid_get/spotx/ Frame 42AD
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID&__user_check__=1&sync_id=e44284e0-0905-11ed-b2a5-1348667f0506
https://csync.smilewanted.com/set_partner_userid_get/spotx/e4428496-0905-11ed-b2a5-1348667f0506

0
561 B

60ms
59ms

Document
text/html

104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/spotx/e4428496-0905-11ed-b2a5-1348667f0506
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 72e4cec7bf4f9290-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 21 Jul 2022 15:00:42 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
vary: Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection: keep-alive
Content-Length: 0
Content-Type: text/plain
Date: Thu, 21 Jul 2022 15:00:42 GMT
Location: https://csync.smilewanted.com/set_partner_userid_get/spotx/e4428496-0905-11ed-b2a5-1348667f0506
Server: nginx
X-fe: 7

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 99BF 0
42 B 145ms
41ms Script
text/plain 198.47.127.19
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=89958226&p=158810&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:42 GMT
content-length: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 3807 0
0 80ms
79ms Fetch
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CaT_lGmrZYummApep3wO5mbyQCsme0rFcxbKY93DAjbcBEAEgAGCVkqCCsAeCARdjYS1wdWItNDQ5MTY1OTQ5NjM3MjE3MqAB1bbS6gPIAQmpAkFOc2cJGbE-4AIAqAMBqgSCAk_Qui5_C3ScZpm1VESXlAG9Ocqh-2H9GLJAddI3-tFFiM5Bbp0Gq3VXBU2BD6RL-xaZoCvrrbTHBesQzqgipHCdmfltk0Gehk5wTJKKND0CyoQSol1k5RugtOcboiw-QBcXqnsRTcHkTtm8RuuAYw6j0sUZCujHxNZ73tXDduzsc0jfWMqW_YUkldzqTpqjOLnNww5LlCYlH2YkZHZA4zs7uWQhmF3SSrUO49I7oX11MCkI0QbrOBSUwiYEorzSuKvwnZ8B7R8290kpnDAr7X4OmjbfdmFLpwpiMXjxmy0LrKW3l_p0qrFDtQN6F2dZF6YjCq569nBc376oomchr7g4i-AEAYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi00NDkxNjU5NDk2MzcyMTcyGPHmEw&sigh=ZTy_d5xv-rU&uach_m=[UACH]&cid=CAQSOwCNIrLMuLvK2TomPEGWf1_7UxJxAN42glR-9WDXhTx8gEuQi95CiBUqvyLpSn69_GBmJCuSKpP_euzMGAE
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s46-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame 3807 0
0 142ms
42ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=k-b8EJPxG6wCyAGdg2ICAgAAAEStKKCg2KXrUwfGnNMBdxYQGWrZYjZThs2GJDUSYzHxABIAAA&wp=YtlqGgAAk2kKd9SXAA8MuWTWUO17U5RsUGeQfQ

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:42 GMT
server: Kestrel
server-processing-duration-in-ticks: 363831
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame B32B 198 KB
57 KB 387ms
280ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YtlqGgAAk2kKd9SXAA8MuWTWUO17U5RsUGeQfQ&u=%7CqsgVBdWIBWJ3AMWu6rnXz3jbWBFJv0o2nWVMPbdzidQ%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANTdjJFUnbHmDAM6gz4XCNH0cuv8kna0byp5hiyOEXCr1oqghP7ak_uWlS66l-xnnsvSniLF6mL5VHfGFKWQvVS_G4Xxb8CcZEKqTCOZ_J3oPQuYmciJP3WZmQQbJ86UvSGZqEMLGacg8a-n9t7BqSiGAMH5-LW3PofGJ0HG7LVukUjNE8qLQs4no1baXhhmNnzwqdI_A3lI97GyoeQk5f56MB9JVluwABM-0pn2Y5B4FJogJvJ1CqJkxCkusal4s9XQYkwAbn2-5agZZidwTct7UT-gfE2vC_WveBPgEReCuqubsfEhHCPnIZkIfmKCzPI5ViMMi4zApmnA0IwlSNOzVRjWG51vsCotzFcd_YNqxbo22mRmDRMN4qEtIwqSkMOt1B4wQEcu-SOkramZ9L54&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCR8AFGmrZYummApep3wO5mbyQCsme0rFcxbKY93DAjbcBEAEgAGCVkqCCsAeCARdjYS1wdWItNDQ5MTY1OTQ5NjM3MjE3MqAB1bbS6gPIAQmpAkFOc2cJGbE-4AIAqAMBqgSFAk_Qui5_C3ScZpm1VESXlAG9Ocqh-2H9GLJAddI3-tFFiM5Bbp0Gq3VXBU2BD6RL-xaZoCvrrbTHBesQzqgipHCdmfltk0Gehk5wTJKKND0CyoQSol1k5RugtOcboiw-QBcXqnsRTcHkTtm8RuuAYw6j0sUZCujHxNZ73tXDduzsc0jfWMqW_YUkldzqTpqjOLnNww5LlCYlH2YkZHZA4zs7uWQhmF3SSrUO49I7oX11MCkI0QbrOBSUwiYEorzSuKvwnZ8B7R8290kpnDAr7X4OmjbfdmFLpwpiMXizmQyZKyorhEXovhKTiKWCHnNToawNEizOPk36LQG2jn-kBTwrNA7iuOAEAYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0AZ_L3cZ82Jorgy_Mm72p0LMKXvw%26client%3Dca-pub-4491659496372172%26adurl%3D

Requested by

Host: 3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
URL: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

a37f168754f5ea3aee1f72e02949b1bb6342ea055b2347394a0d513989eddd7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Thu, 21 Jul 2022 15:00:42 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=5VsKagBNK8yXqon1-BQUTLb5KHwnvrPqUCWrsNeGasv_tn247z36D3xWBpbQ-bZUXADe62k9XZYTGQW460wOGALFVQMbHNCCekQS1eODpJ9CIriq4-kpTl27WSF5A0MbP9fm_rh-iyGhkZqU1ozhERqEXLL0f_bxqo0VSRSzUCUR92ASUwnHyKnIRyOmMyJW0Y-Q5e3ELIZ5VKT7Xc3XOmFH3tzeMLap6C48XnjTYfJWNCahcWV68TB0HVcJWla78rnKYQ"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 151288411
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220719/r20110914/client/ Frame 3807 3 KB
1 KB 181ms
76ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220719/r20110914/client/window_focus_fy2021.js

Requested by

Host: 3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
URL: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 14:13:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2848
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Aug 2022 14:13:14 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame CE07 1 KB
1 KB 127ms
40ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
URL: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 5171
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Jul 2022 13:34:31 GMT
etag: 48472445140208031
expires: Fri, 22 Jul 2022 13:34:31 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3807 137 KB
42 KB 157ms
79ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
URL: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0de50a799ee39bde80bfb0943ba85616975f5c71e0e746b49c27c5b0d1731ef6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43203
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1658144321100200"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 21 Jul 2022 15:00:42 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220719/r20110914/client/ Frame 3807 17 KB
8 KB 137ms
37ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220719/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
URL: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a163b80061e9d2d04c92e16d194fcb8d79fd0f175738736b0aebcd98600d0175

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 14:45:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 938
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7334
x-xss-protection: 0
server: cafe
etag: 1169380200214664902
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Aug 2022 14:45:04 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 3807 0
0 127ms
47ms Image
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR3v6P2BHc3rZsu7JrpHnaNIB6NHB4Xe2ggRaS7XqTd20oy2fIKlBttV6HIwI5Rga8-kHbrwyPeL160d0MdvtjM9-b6qQ
Requested by: Host: 3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
URL: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 3807 22 KB
7 KB 140ms
42ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
URL: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 23:30:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55783
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 20 Jul 2023 23:30:59 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 1B62 0
0 83ms
82ms Fetch
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CizDgGmrZYuimApep3wO5mbyQCsme0rFc1Z2R93DAjbcBEAEgAGCVkqCCsAeCARdjYS1wdWItNDQ5MTY1OTQ5NjM3MjE3MqAB1bbS6gPIAQmpAkFOc2cJGbE-4AIAqAMBqgT1AU_Qui3bkuMF2eaR31Hmm2j8d1nEIVKtFS6y35OaTnQxdH8paOmdYakeWTE7PVlUTlMUBUI5DbTTbVGYH2Mglw6mCNkpSwnSsGoygMrsXnKIpesvm9FrjFnVfufRqqwP1pkmLq4L0fmnjmef6Uyj93PuesxEeOczAi276z9548U7_2TRNAYYgCHSkx_cHcF1joreXWgrRiwm2ws3JtqQYRLUf78Hoh3yo4ZairyPiGBRkp6q0NrJiZ5j41pWrgq9Fge5JTlz_vFSXqqD3M-bCg2jgqLa3Bg3rBHxItmizDHLti8f90m37FXmwlLFX8EGpBxZVVEt4AQBgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTQ0OTE2NTk0OTYzNzIxNzIY8eYT&sigh=mykNFvs4pqE&uach_m=[UACH]&cid=CAQSOwCNIrLMuLvK2TomPEGWf1_7UxJxAN42glR-9WDXhTx8gEuQi95CiBUqvyLpSn69_GBmJCuSKpP_euzMGAE
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s46-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame 1B62 0
0 127ms
41ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=k-b8EOv_CsoH-gGdg2ICAgAAABRz_LMFgqXrUwfGnNMBdxYQGWrZYj5TrbWNqwL_jgnWABIAAA&wp=YtlqGgAAk2gKd9SXAA8MuXs7KBAy7QZ3lO4yAQ

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:42 GMT
server: Kestrel
server-processing-duration-in-ticks: 173866
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 22CC 179 KB
56 KB 273ms
180ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YtlqGgAAk2gKd9SXAA8MuXs7KBAy7QZ3lO4yAQ&u=%7CqsgVBdWIBWL1o3rcbHX0R3H3LckPV9Oa6iqg%2BNzARl4%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtKAVZxRZh89CX9LktfiAGaTuU18vUjwelC_vpe3XMMJnlPj5UqoWp0pJiqGR1wlno1p_tamDQcch_ShWo8ylCNTAfnrR5Z1_qkAKlRps_RB11BsoGc47QVIlVNIGg6ss4KSqtM_EHrxt_jwBpeD9weQJ6ksd3rEp4G89BMgY3Ra5yRCDrgTNM5PM2thmT6CSeYOAuwCjpg1qdKZW-TqbFpv62fyxau5y6I1q1kf4CWnQo8ruuZUUYb7u1LAhpm84pGdwQxYipvtNteazabdb_p6cf4EuMJBToFw5TpyIdG7_uc_c5VrVsB-yXryDn14kOrC4E8riUliKZhbic-CJXphvx21sjPQz8D2tvqpInnmwBcI299gF4J4WF1gu3ihXz-HeUR_x_C2w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1jesGmrZYuimApep3wO5mbyQCsme0rFc1Z2R93DAjbcBEAEgAGCVkqCCsAeCARdjYS1wdWItNDQ5MTY1OTQ5NjM3MjE3MqAB1bbS6gPIAQmpAkFOc2cJGbE-4AIAqAMBqgT4AU_Qui3bkuMF2eaR31Hmm2j8d1nEIVKtFS6y35OaTnQxdH8paOmdYakeWTE7PVlUTlMUBUI5DbTTbVGYH2Mglw6mCNkpSwnSsGoygMrsXnKIpesvm9FrjFnVfufRqqwP1pkmLq4L0fmnjmef6Uyj93PuesxEeOczAi276z9548U7_2TRNAYYgCHSkx_cHcF1joreXWgrRiwm2ws3JtqQYRLUf78Hoh3yo4ZairyPiGBRkp6q0NrJiZ5j41pWrgq9Fge5JTlz_vFSXqqD3M-bCk-hozBdU4QkE43lgQmfasnCoiWp_WevbuEu__Q34N8qvJnz0UKSDqvz4AQBgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_24iAeGjMRed0m3IC_OapbDVruk1g%26client%3Dca-pub-4491659496372172%26adurl%3D

Requested by

Host: 3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
URL: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

fb75ed9241a0815512eadd4d71fa41a27b84050dc2cd590ec658dcaa5338eaca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Thu, 21 Jul 2022 15:00:42 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=vjNfXwBNK8yXqon1s1fMenL9V1BFKLgz4I1BXVjl7F8vBxGH2kp28F7vlYvF1Om3evivhH_G8scf88esuGpTKQLlaay31trSBTGYzPPTAwPIlmiVyxd7rWGk1iLx-dJ6IUxlcdVUAUfzJd4jfWrvkPsnbLpMnXXt0-uDa0yZP1tPaRceCSyjK4DhCCyTpZpIVIRLJ-K7L_eA6RdZEnieBsRo_1HKIGXVJ460zGrbXMAcTy5MXp9qWORmfuLl3YFhAs-JSvYAvXARTyzu"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 136152620
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220719/r20110914/client/ Frame 1B62 3 KB
1 KB 173ms
83ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220719/r20110914/client/window_focus_fy2021.js

Requested by

Host: 3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
URL: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 14:13:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2848
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Aug 2022 14:13:14 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame E334 1 KB
783 B 116ms
41ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
URL: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 5171
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Jul 2022 13:34:31 GMT
etag: 48472445140208031
expires: Fri, 22 Jul 2022 13:34:31 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1B62 137 KB
42 KB 122ms
55ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
URL: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0de50a799ee39bde80bfb0943ba85616975f5c71e0e746b49c27c5b0d1731ef6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43203
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1658144321100200"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 21 Jul 2022 15:00:42 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220719/r20110914/client/ Frame 1B62 17 KB
7 KB 137ms
48ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220719/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
URL: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a163b80061e9d2d04c92e16d194fcb8d79fd0f175738736b0aebcd98600d0175

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 14:45:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 938
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7334
x-xss-protection: 0
server: cafe
etag: 1169380200214664902
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Aug 2022 14:45:04 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 1B62 0
0 114ms
45ms Image
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT5wWpr9trHFhfS9eeWl6w7HBehkPHVfE96k39LVoudiuLDmWChg-5B5lnnQT6VhTbv_fMiY9vzUcizkdYoiABG3CECjQ
Requested by: Host: 3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
URL: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 1B62 22 KB
7 KB 160ms
72ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
URL: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 23:30:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55783
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 20 Jul 2023 23:30:59 GMT

GET /
google2waycm.netmng.com/cm/ Frame CE07 0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CE07
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOlsx63kSr83xl3GrZikmIE&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOlsx63kSr83xl3GrZikmIE&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=YnNDclhwbVMxT2V4Rm81&google_gid=CAESEOlsx63kSr83xl3GrZikmIE&google_cver=1&google_push=AehlK4B9UQXdUB-_2s1hIZ79TLxcMkUULUkXU6OVaUAM9eP...

170 B
188 B

46ms
46ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=YnNDclhwbVMxT2V4Rm81&google_gid=CAESEOlsx63kSr83xl3GrZikmIE&google_cver=1&google_push=AehlK4B9UQXdUB-_2s1hIZ79TLxcMkUULUkXU6OVaUAM9ePxDT46suN4DaE7KjpGKQNt-uhWWW_YgvhX-JI2yvrreZnaZLW6pKJI

Requested by

Host: 3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
URL: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 21 Jul 2022 15:00:42 GMT
Server: PingMatch/658332f#658332fc5aaa95d8a9be88d89d84d3c319923363 i-0e0b7d4089fc3e73e@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=YnNDclhwbVMxT2V4Rm81&google_gid=CAESEOlsx63kSr83xl3GrZikmIE&google_cver=1&google_push=AehlK4B9UQXdUB-_2s1hIZ79TLxcMkUULUkXU6OVaUAM9ePxDT46suN4DaE7KjpGKQNt-uhWWW_YgvhX-JI2yvrreZnaZLW6pKJI
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CE07
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEDGctGv6talpqIHP5f_WVJ0&google_cver=1&google_push=AehlK4AFuGD1QtRnxaJQcMLz6yf_SbmzulDjz8r8p37HnoVAFdTdrBEo9EM3Zlt9GCdBSbu7TfYqtKeTCkCnX-JP...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=pjSfaPErRLKbrH47ZF4idg2&google_push=AehlK4AFuGD1QtRnxaJQcMLz6yf_SbmzulDjz8r8p37HnoVAFdTdrBEo9EM3Zlt9GCdBSbu7TfYqtKeTCkCnX-JPoAOP5m7G4uok

170 B
188 B

125ms
47ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=pjSfaPErRLKbrH47ZF4idg2&google_push=AehlK4AFuGD1QtRnxaJQcMLz6yf_SbmzulDjz8r8p37HnoVAFdTdrBEo9EM3Zlt9GCdBSbu7TfYqtKeTCkCnX-JPoAOP5m7G4uok

Requested by

Host: 3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
URL: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 21 Jul 2022 15:00:42 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=pjSfaPErRLKbrH47ZF4idg2&google_push=AehlK4AFuGD1QtRnxaJQcMLz6yf_SbmzulDjz8r8p37HnoVAFdTdrBEo9EM3Zlt9GCdBSbu7TfYqtKeTCkCnX-JPoAOP5m7G4uok
x-host: tde-deliveryengine-production-78dd496b74-mx84r
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CE07
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEMjHlK834u-6d-u6hX3Q3_0&google_cver=1&google_push=AehlK4Cf5iYnhqA7mSO62hDPKmKdXQ5IwD9OI98-6kG7HllAMhBbbtBW_uWByrlch6Inorm6GpMJWXx-WiNfkT322_LL...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEMjHlK834u-6d-u6hX3Q3_0&google_cver=1&google_push=AehlK4Cf5iYnhqA7mSO62hDPKmKdXQ5IwD9OI98-6kG7HllAMhBbbtBW_uWByrlch6Inorm6GpMJWXx-WiNfkT...
https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=google
https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google
https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=d642bae2-72d8-4c75-a4c2-afef32f738b7&ssp=google
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4CZSdkdSIrG-0S0a2Xc7EMqdkcvq_HH7KFHm5NnMELrgEZV6bzQ9tA6pWIg_j1dBd-YI1wy4P9lPjjtym9OL36X4QfmbA&google_hm=DbSRmG_0TIKLYv_5GjWaQQ==

170 B
188 B

48ms
47ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4CZSdkdSIrG-0S0a2Xc7EMqdkcvq_HH7KFHm5NnMELrgEZV6bzQ9tA6pWIg_j1dBd-YI1wy4P9lPjjtym9OL36X4QfmbA&google_hm=DbSRmG_0TIKLYv_5GjWaQQ==

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4CZSdkdSIrG-0S0a2Xc7EMqdkcvq_HH7KFHm5NnMELrgEZV6bzQ9tA6pWIg_j1dBd-YI1wy4P9lPjjtym9OL36X4QfmbA&google_hm=DbSRmG_0TIKLYv_5GjWaQQ==
Date: Thu, 21 Jul 2022 15:00:43 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2 200 dot.gif
s0.2mdn.net/ Frame CE07 43 B
577 B 168ms
46ms Image
image/gif 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESEBT-cfPFMwFy8iv4klIp_Pg&google_cver=1&google_push=AehlK4ByKQG0cBda92aWW1ttt9XFKRbH5nYkv_PM6RL34bqo7ks4fEgtgOr7Ys2ObTs5Gwsl00lCJyJKPp4BJO3cTRG4UIpupQ1c

Requested by

Host: 3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
URL: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 22 Jul 2022 15:00:42 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CE07
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEJ...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AehlK4AQIb_ZOZqof5wf8vFRUBNJePD0lDksPjLqUgtTIabAEq5DDnQ1FMxxvjLcp3rq0DG_qXEsT6k0-dSXcPy0BvqVPCg0o8JI&redir=https%3A%2F%2Fcm.g.doubl...
https://sync.targeting.unrulymedia.com/csync/RX-65f7c529-b0a3-4999-91ac-5781c301a959-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAehlK4AQIb_ZOZqof5wf8vFRU...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4AQIb_ZOZqof5wf8vFRUBNJePD0lDksPjLqUgtTIabAEq5DDnQ1FMxxvjLcp3rq0DG_qXEsT6k0-dSXcPy0BvqVPCg0o8JI&google_hm=A2X3xSmwo0mZkaxXgcMBqVk

170 B
188 B

47ms
47ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4AQIb_ZOZqof5wf8vFRUBNJePD0lDksPjLqUgtTIabAEq5DDnQ1FMxxvjLcp3rq0DG_qXEsT6k0-dSXcPy0BvqVPCg0o8JI&google_hm=A2X3xSmwo0mZkaxXgcMBqVk

Requested by

Host: 3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
URL: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4AQIb_ZOZqof5wf8vFRUBNJePD0lDksPjLqUgtTIabAEq5DDnQ1FMxxvjLcp3rq0DG_qXEsT6k0-dSXcPy0BvqVPCg0o8JI&google_hm=A2X3xSmwo0mZkaxXgcMBqVk
date: Thu, 21 Jul 2022 15:00:43 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX65f7c529b0a3499991ac5781c301a959003
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CE07
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEJUsIJV1CfuwfmJDDRar3jA&google_cver=1&google_push=AehlK4AoRrGDiPrxVPFyu6bojShNP_CR_XigyK0hAtvR5eqVUDZGCw-wFeZqhnPafuobG6kAxTgpGn9wSUDttlVb0FYHZ1ct9SEI
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AehlK4AoRrGDiPrxVPFyu6bojShNP_CR_XigyK0hAtvR5eqVUDZGCw-wFeZqhnPafuobG6kAxTgpGn9wSUDttlVb0FYHZ1ct9SE...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDIxMjk1NjYzNTExNjI1NDIwNzgzOQ%3D%3D&google_push=AehlK4AoRrGDiPrxVPFyu6bojShNP_CR_XigyK0hAtvR5eqVUDZGCw-w...

170 B
188 B

50ms
49ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDIxMjk1NjYzNTExNjI1NDIwNzgzOQ%3D%3D&google_push=AehlK4AoRrGDiPrxVPFyu6bojShNP_CR_XigyK0hAtvR5eqVUDZGCw-wFeZqhnPafuobG6kAxTgpGn9wSUDttlVb0FYHZ1ct9SEI

Requested by

Host: 3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
URL: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDIxMjk1NjYzNTExNjI1NDIwNzgzOQ%3D%3D&google_push=AehlK4AoRrGDiPrxVPFyu6bojShNP_CR_XigyK0hAtvR5eqVUDZGCw-wFeZqhnPafuobG6kAxTgpGn9wSUDttlVb0FYHZ1ct9SEI
date: Thu, 21 Jul 2022 15:00:42 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame CE07 0
232 B 139ms
44ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L52yJ1q4p48IwO0ahnHzBGZbSM_JMWiWRjuEsNVwiuJiH38VvONFbEKoKF4-Xh0QtYywaH

Requested by

Host: 3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
URL: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:42 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 container.html Show response
3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D961 6 KB
3 KB 37ms
37ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071801.js?cb=31068544

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Jul 2022 15:00:42 GMT
expires: Fri, 21 Jul 2023 15:00:42 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 091A 6 KB
3 KB 37ms
37ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071801.js?cb=31068544

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Jul 2022 15:00:42 GMT
expires: Fri, 21 Jul 2023 15:00:42 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1F9F 6 KB
3 KB 39ms
38ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071801.js?cb=31068544

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Jul 2022 15:00:42 GMT
expires: Fri, 21 Jul 2023 15:00:42 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3D3F 6 KB
3 KB 37ms
37ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071801.js?cb=31068544

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Jul 2022 15:00:42 GMT
expires: Fri, 21 Jul 2023 15:00:42 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame E334 0
104 B 235ms
80ms Image
text/plain 2a02:fa8:8806:12::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEELm8rR1Dx_OhFU11s9YBak&google_cver=1&google_push=AehlK4DXEwhKtkmtv1Vgp8tl1-18ET7eOo43ytFfDgcTraA1HsB_bby7Z7fyHA9cwd4YB5uqYrf12qKgb3LkfHuFizu8x3owht1T
Requested by: Host: 3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
URL: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:43 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame E334 70 B
265 B 191ms
56ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEFoe5VJ5wTI_B5KfTI9DXcQ&google_cver=1&google_push=AehlK4DT5OOKVchnkxIeuBA35Al9dt7RFylBmwT3pzLBAo2jcpBZn761u11a4527vzsRFWwFwD4Ucm9ibAH8pci2Ggv_euoXkNWu
Requested by: Host: 3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
URL: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:43 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame E334 0
173 B 141ms
46ms Image
text/plain 34.96.105.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESENTElyyo_SaBHDc4oySnBrc&google_cver=1&google_push=AehlK4AKJRu4YUHScW_iSCtRfH0fcaj2NaB4Bqf7mQvLgMBpsfcNsAyRNVdeZscKaNAFk_ed9ZWv3y4cA0HQXYUcCgLThpt7UKGy
Requested by: Host: 3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
URL: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:43 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E334
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEIKcqwe4AHZ7R_B5uusZsX0&google_cver=1&google_push=AehlK4C2nKsTsZulGz49TDQmU7EgS31FE4HUz91q4-w3WP5bAcTNhLoaWjTWX0tnTqgGFZPO_SvPRgGG9_XRR7...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzEyMjg0MDk0OTg2MDI2ODE3Mw%3D%3D&google_push=AehlK4C2nKsTsZulGz49TDQmU7EgS31FE4HUz91q4-w3WP5bAcTNhLoaWjTWX0tnTqgGFZPO_SvPRgGG9_XRR7pEsD...

170 B
188 B

48ms
48ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzEyMjg0MDk0OTg2MDI2ODE3Mw%3D%3D&google_push=AehlK4C2nKsTsZulGz49TDQmU7EgS31FE4HUz91q4-w3WP5bAcTNhLoaWjTWX0tnTqgGFZPO_SvPRgGG9_XRR7pEsDVVAKh2E6xH

Requested by

Host: 3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
URL: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzEyMjg0MDk0OTg2MDI2ODE3Mw%3D%3D&google_push=AehlK4C2nKsTsZulGz49TDQmU7EgS31FE4HUz91q4-w3WP5bAcTNhLoaWjTWX0tnTqgGFZPO_SvPRgGG9_XRR7pEsDVVAKh2E6xH
Date: Thu, 21 Jul 2022 15:00:43 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E334
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEDGctGv6talpqIHP5f_WVJ0&google_cver=1&google_push=AehlK4D7PHtjlhEcu9PbvFQDsdj7pmHZk9RcXGA-3Lg9J-0ELf_vjJIMO5QssVKs62mjq4ZbHb7ORklp34BpQZTB...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=KifziuM1QGqJZ_utFN7h2w2&google_push=AehlK4D7PHtjlhEcu9PbvFQDsdj7pmHZk9RcXGA-3Lg9J-0ELf_vjJIMO5QssVKs62mjq4ZbHb7ORklp34BpQZTBpzUmiFFX3S8n

170 B
188 B

119ms
47ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=KifziuM1QGqJZ_utFN7h2w2&google_push=AehlK4D7PHtjlhEcu9PbvFQDsdj7pmHZk9RcXGA-3Lg9J-0ELf_vjJIMO5QssVKs62mjq4ZbHb7ORklp34BpQZTBpzUmiFFX3S8n

Requested by

Host: 3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
URL: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 21 Jul 2022 15:00:42 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=KifziuM1QGqJZ_utFN7h2w2&google_push=AehlK4D7PHtjlhEcu9PbvFQDsdj7pmHZk9RcXGA-3Lg9J-0ELf_vjJIMO5QssVKs62mjq4ZbHb7ORklp34BpQZTBpzUmiFFX3S8n
x-host: tde-deliveryengine-production-78dd496b74-95qvz
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E334
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESEO8-OOZKoN7UAIlUoqRJPO8&google_cver=1&google_push=AehlK4DKNRnVPa7KAI-SFqd6cnHnuZgMXf-LF8JR3pD35sVpnfYf9pGTpS7YTGAYeFFA7agqnpjdu_urFocbzo02DRp9Qb...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=YNaCAfZHSLKY8FEo8UdgSQ&google_push=AehlK4DKNRnVPa7KAI-SFqd6cnHnuZgMXf-LF8JR3pD35sVpnfYf9pGTpS7YTGAYeFFA7agqnpjdu_urFocbzo0...

170 B
188 B

104ms
50ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=YNaCAfZHSLKY8FEo8UdgSQ&google_push=AehlK4DKNRnVPa7KAI-SFqd6cnHnuZgMXf-LF8JR3pD35sVpnfYf9pGTpS7YTGAYeFFA7agqnpjdu_urFocbzo02DRp9QbrBRdB_

Requested by

Host: 3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
URL: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=YNaCAfZHSLKY8FEo8UdgSQ&google_push=AehlK4DKNRnVPa7KAI-SFqd6cnHnuZgMXf-LF8JR3pD35sVpnfYf9pGTpS7YTGAYeFFA7agqnpjdu_urFocbzo02DRp9QbrBRdB_
date: Thu, 21 Jul 2022 15:00:42 GMT
access-control-allow-origin: *
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E334
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEJ3nEhyKLLbOkZ6EkqrKCw0&google_cver=1&google_push=AehlK4Cq7G_4z0gDsY2iVT6y2d1OEI_hVfXGEg_4JaeWRCfiKqVFXzZhnYsA-5T_pnQlIYJUD_...
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEJ3nEhyKLLbOkZ6EkqrKCw0&google_cver=1&google_push=AehlK4Cq7G_4z0gDsY2iVT6y2d1OEI_hVfXGEg_4JaeWRCfiKqVFXzZhnYsA-5T_pnQlIYJUD_...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1fWjNpQzB0RTJ1SEJLVkl3NFFfX1VrSGtMY2pjcUd1b35B&google_push=AehlK4Cq7G_4z0gDsY2iVT6y2d1OEI_hVfXGEg_4JaeWRCfiKqVFXzZhn...

170 B
188 B

51ms
50ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1fWjNpQzB0RTJ1SEJLVkl3NFFfX1VrSGtMY2pjcUd1b35B&google_push=AehlK4Cq7G_4z0gDsY2iVT6y2d1OEI_hVfXGEg_4JaeWRCfiKqVFXzZhnYsA-5T_pnQlIYJUD_0c_8NJqgNi3qRpNfUrtLf6jRORhg

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1fWjNpQzB0RTJ1SEJLVkl3NFFfX1VrSGtMY2pjcUd1b35B&google_push=AehlK4Cq7G_4z0gDsY2iVT6y2d1OEI_hVfXGEg_4JaeWRCfiKqVFXzZhnYsA-5T_pnQlIYJUD_0c_8NJqgNi3qRpNfUrtLf6jRORhg
date: Thu, 21 Jul 2022 15:00:43 GMT
server: ATS/9.1.0.46
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame E334 0
49 B 46ms
45ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IQK0bSWqE2dmp9KwZ-Hqfy7db8LJzB84rSKr8avvTKxhsJTAnfUZtGNyg_J54m8_EK3ulLBg

Requested by

Host: 3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
URL: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:42 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 206 3412355-46.mp4
images.wcdn.co.il/q_auto,w_700,t_54/3/4/1/2/ 223 KB
224 KB 43ms
42ms Media
video/mp4 18.66.122.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.wcdn.co.il/q_auto,w_700,t_54/3/4/1/2/3412355-46.mp4
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-88.fra60.r.cloudfront.net
Software: cloudinary /
Resource Hash: 0df705a535236d14d3e2e6a2d1df27af102c1774e1ecd17dde458ce09bbfae84

Request headers

Referer: https://www.walla.co.il/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Range: bytes=1507328-

Response headers

date: Thu, 21 Jul 2022 13:22:13 GMT
via: 1.1 varnish, 1.1 1b3f5dc0b3c577dc5e7394bf12aed238.cloudfront.net (CloudFront)
age: 5909
edge-cache-tag: 275312491208917376529330783362073292827,292835170494430563060850067344775541485,d2bce9e04f88d43dd8350e859c701704
cache-tag: 275312491208917376529330783362073292827,292835170494430563060850067344775541485,d2bce9e04f88d43dd8350e859c701704
status: 206 Partial Content
x-cache: Hit from cloudfront
Content-Length: 228091
x-request-id: 3a03dee5477e3fe35e97c631c4a141a4
x-ua-compatible: IE=Edge,chrome=1
Content-Range: bytes 1507328-1735418/1735419
last-modified: Thu, 21 Jul 2022 13:22:01 GMT
server: cloudinary
x-timer: S1658409734.858112,VS0,VE1
etag: "735e8080920fd6049a234d4361392047"
x-served-by: cache-lga21949-LGA
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: JNX-YTXX9yrxdgKoJPUj-EDPfWsgfCn1_Efkg66Q6C_9U6oWafwkSA==
x-cache-hits: 1

POST
H2 200 events Show response
khn.crowdad.io/ 0
104 B 56ms
56ms XHR
text/plain 54.72.76.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://khn.crowdad.io/events
Requested by: Host: d2r08ja41ypc0t.cloudfront.net
URL: https://d2r08ja41ypc0t.cloudfront.net/WALLA/kahoona-idx-live.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.76.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-76-48.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.walla.co.il
date: Thu, 21 Jul 2022 15:00:43 GMT
access-control-allow-credentials: true
content-length: 0

OPTIONS
H2 200 events
khn.crowdad.io/ Frame 0
0 56ms
56ms Preflight 54.72.76.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://khn.crowdad.io/events
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.76.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-76-48.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.walla.co.il
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://www.walla.co.il
content-length: 0
date: Thu, 21 Jul 2022 15:00:42 GMT

GET
DATA 200
OK truncated
/ Frame 1B62 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 21832390a7d7bf114e4a5511ea110856f39194e28060ba45ddedb9d0bde17690

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 22CC 2 KB
1 KB 139ms
41ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YtlqGgAAk2gKd9SXAA8MuXs7KBAy7QZ3lO4yAQ&u=%7CqsgVBdWIBWL1o3rcbHX0R3H3LckPV9Oa6iqg%2BNzARl4%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtKAVZxRZh89CX9LktfiAGaTuU18vUjwelC_vpe3XMMJnlPj5UqoWp0pJiqGR1wlno1p_tamDQcch_ShWo8ylCNTAfnrR5Z1_qkAKlRps_RB11BsoGc47QVIlVNIGg6ss4KSqtM_EHrxt_jwBpeD9weQJ6ksd3rEp4G89BMgY3Ra5yRCDrgTNM5PM2thmT6CSeYOAuwCjpg1qdKZW-TqbFpv62fyxau5y6I1q1kf4CWnQo8ruuZUUYb7u1LAhpm84pGdwQxYipvtNteazabdb_p6cf4EuMJBToFw5TpyIdG7_uc_c5VrVsB-yXryDn14kOrC4E8riUliKZhbic-CJXphvx21sjPQz8D2tvqpInnmwBcI299gF4J4WF1gu3ihXz-HeUR_x_C2w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1jesGmrZYuimApep3wO5mbyQCsme0rFc1Z2R93DAjbcBEAEgAGCVkqCCsAeCARdjYS1wdWItNDQ5MTY1OTQ5NjM3MjE3MqAB1bbS6gPIAQmpAkFOc2cJGbE-4AIAqAMBqgT4AU_Qui3bkuMF2eaR31Hmm2j8d1nEIVKtFS6y35OaTnQxdH8paOmdYakeWTE7PVlUTlMUBUI5DbTTbVGYH2Mglw6mCNkpSwnSsGoygMrsXnKIpesvm9FrjFnVfufRqqwP1pkmLq4L0fmnjmef6Uyj93PuesxEeOczAi276z9548U7_2TRNAYYgCHSkx_cHcF1joreXWgrRiwm2ws3JtqQYRLUf78Hoh3yo4ZairyPiGBRkp6q0NrJiZ5j41pWrgq9Fge5JTlz_vFSXqqD3M-bCk-hozBdU4QkE43lgQmfasnCoiWp_WevbuEu__Q34N8qvJnz0UKSDqvz4AQBgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_24iAeGjMRed0m3IC_OapbDVruk1g%26client%3Dca-pub-4491659496372172%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:43 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 16 Jul 2023 15:00:43 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 22CC 2 KB
1 KB 141ms
43ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:43 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 16 Jul 2023 15:00:43 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 22CC 308 B
636 B 116ms
42ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:43 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sun, 16 Jul 2023 15:00:43 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 22CC 293 B
621 B 117ms
43ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:43 GMT
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sun, 16 Jul 2023 15:00:43 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame 22CC 43 B
347 B 156ms
46ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=dgh6_cwYC35NjfxFeg-Ooa0mTdq05nnh508VA8Jc7nze3F3qy76Kf4FFGFZyx4xj6l2jTxZ1LwDFmaKLS-KKNRY7moB2_oGflVUaiI-z7lOxNAEDTk5rWWd-0jOyle26qVq-7bbkbaai2URtzZO0DtuXkWoTDp4WJr9UsS2HMe7PrrELa_7kpIdpDNk90XKEV_9_2qjobe4Hv9BKvoS56nGVLSWFrB5ig-AcEjEuHlRkITzOoESRVNe7uiZpWJc_uOBEvYMAobFvp0VKUlKV_PdQ5btlq0ILhhGYsmSJm-x8cqZZh4vOfMlZ9tpjttNKDYjFD03HyrIueS2ihQXcv26C9JLavDPoXcw27z7Aqr35Us9i54UV0ObE2ACzC1_zwOLyMR0mLXH1oc8jHjGg49AB8VU6ybZ7uSQRitOBAQj-lLwG

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:43 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3208797
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 m
secure-gl.imrworldwide.com/cgi-bin/ Frame 22CC 0
688 B 304ms
180ms Image
text/plain 2600:9000:223c:c000:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1658415642
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YtlqGgAAk2gKd9SXAA8MuXs7KBAy7QZ3lO4yAQ&u=%7CqsgVBdWIBWL1o3rcbHX0R3H3LckPV9Oa6iqg%2BNzARl4%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeqPULGzE4HXtKAVZxRZh89CX9LktfiAGaTuU18vUjwelC_vpe3XMMJnlPj5UqoWp0pJiqGR1wlno1p_tamDQcch_ShWo8ylCNTAfnrR5Z1_qkAKlRps_RB11BsoGc47QVIlVNIGg6ss4KSqtM_EHrxt_jwBpeD9weQJ6ksd3rEp4G89BMgY3Ra5yRCDrgTNM5PM2thmT6CSeYOAuwCjpg1qdKZW-TqbFpv62fyxau5y6I1q1kf4CWnQo8ruuZUUYb7u1LAhpm84pGdwQxYipvtNteazabdb_p6cf4EuMJBToFw5TpyIdG7_uc_c5VrVsB-yXryDn14kOrC4E8riUliKZhbic-CJXphvx21sjPQz8D2tvqpInnmwBcI299gF4J4WF1gu3ihXz-HeUR_x_C2w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1jesGmrZYuimApep3wO5mbyQCsme0rFc1Z2R93DAjbcBEAEgAGCVkqCCsAeCARdjYS1wdWItNDQ5MTY1OTQ5NjM3MjE3MqAB1bbS6gPIAQmpAkFOc2cJGbE-4AIAqAMBqgT4AU_Qui3bkuMF2eaR31Hmm2j8d1nEIVKtFS6y35OaTnQxdH8paOmdYakeWTE7PVlUTlMUBUI5DbTTbVGYH2Mglw6mCNkpSwnSsGoygMrsXnKIpesvm9FrjFnVfufRqqwP1pkmLq4L0fmnjmef6Uyj93PuesxEeOczAi276z9548U7_2TRNAYYgCHSkx_cHcF1joreXWgrRiwm2ws3JtqQYRLUf78Hoh3yo4ZairyPiGBRkp6q0NrJiZ5j41pWrgq9Fge5JTlz_vFSXqqD3M-bCk-hozBdU4QkE43lgQmfasnCoiWp_WevbuEu__Q34N8qvJnz0UKSDqvz4AQBgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_24iAeGjMRed0m3IC_OapbDVruk1g%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:c000:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:43 GMT
via: 1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P2
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
x-cache: Miss from cloudfront
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-length: 0
x-amz-cf-id: jiiCyeEa6xU8lBdHy6jpvOenJYYspDXN-nsnTv0arS78NR02sdw5lA==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 3807 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 11ba9a1b465ae76696634b8267b47665c9b29f483c2e72f2af1f7201a68e78f8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 35BF 624 B
297 B 130ms
51ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNXBERCuvK_DAhiOj-7LATAB&v=APEucNXj0VqyjJ9whQRaXgY4J9xYANAo0HMam81GsdVezNlsYyDZmMXgE7_46UAYuXyT5lQ3PIj2WvmrrZS7fHt1rVsElJHxh1yhacetrrq19A6_5aFfXKccA-_2bjCUv4VRmmViGMvVLuC1Drb-CeF4r7fa7SLtVl1Lz7dGqnarvv65qdrq-yg

Requested by

Host: 3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
URL: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Jul 2022 15:00:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame D961 82 KB
34 KB 199ms
122ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DukT-7y8uNpKX-hzzdfRT7ri7a7a_5BCgnEk_rpDphcGvGR6SlaewNDCQ1NntAN503zzD1hcaBGO1f_vx4XDeX63BgS0fkJT59nHNsajJhrkkYlLOhLcEPVgZlV6bsi6oncMt0307W61dAlxAKu6uCyY9XEQ&dbm_d=AKAmf-DYpvBg3CLD6JbVyzxgiWOh8wMsbbmJKlMUJw26lDk5uiGoTfHzUYfrBWXdG-t2AboMuNXeJHeC4e2WmLGGUsPgGLSFzDrrcocLyjoUMtakuqxGNwSp5L3haNZeaR-nU80IWEjFxxbIF7C0TUT0UPnDyRrk_1lM-OgJzU3YHMgosC45rYx44jPjVfDgqfakutIAokE1pnf3VsZYUHBDiebH1K4S0xMX-6vsQ0D5g2ZIi-7vy4a5JR29klfBQL02K9NtZextJGLswUfqFUPxkUIvWfwXR75RuPzwD-LMisw7tHr3IV6u8VKzBs5NIxiHWkEyRZFTmZUq3ofEzqxSlBvHpRUc6Vi1LAFdOVGfp8Wm5RrsZxHHbovZlRvrwNpct9MccEzcfz59yR4U2H-x1-NGxw_Ubi_Lv-I63W9xZOwWR70gyXTyUpa74Us8v9oXQmn_HeQepZLk28v9EwoNRDfNlmYMF4BG4o1e15f5MNwBioeoCoIPi5cxO9if8KbIuCEiYV5ILe5Ogs78tRrfq1kCMO42bYBgF1twlQYOd1P0Ixesx3cCADXqe7qyQVLMPUH8rzwO7cfi0pA1QyiKCxpgOHVYyhX-l1JtS2UYrlXO3TqfEJaMfV5Yl08ynNYl2RTISkuGzAamYG8HddCiRGeLJYmebPPYk9gH6GOIFG7MLOHu_y9XOPhZOBBKHy47qU2D-1KcO25raE0klnrli_tqzv41EByea0C162jYhyDif13nm6nGF6vxm5pLIwtZCaRyEF8lBSHYsOPRKUUhaM8uFbXIcQxtDv-RLExt6krP0hanDnuxhYY-IsUoWU6wq0QEO3kSSvLFU8gCl6Qnnj3VVF_skbxF7PJGT9DEEwgdX00FcKv7HuWZx82Z_6U8N93O8jeyq1CQivgP4E1BOWCPSrRqFphGYQzSn-KjQY7pzi-e2h_FE3TYLLCGbDtDUeBPebd40QTztMDgyoLx96Mnb6CvyMLMa0u6bvOR-vD1OQG0pfcZXqei9DOe2lw3YtYBxEINvGvcEFjrEzQXALIRQV3dzkYsmFHyU4AdzrllranDpfz06xNUBBmwZFXrMTtUD6TWfgia8FXwkHW0o1j0fuUc5t5_JNUMSax_PAYfPJ8aIlWswKgOGXM5puc0WAb62e9MR0Ji5mcx6TD7X0qy5f8ea4G-y8G9mjqU5BmSyMlq79XL_S8JD4QY-6K726VoJGUroDlakYA1l5awVLEys5jI3NsqXJId11HKDJ0AsIE5pEYDW-uqRSMAip8SzFUuszeVxcSEAkbvME2R2OZt9rHtL9i0utPPf7TjGAe6tavYxrM1B1X4XvJwnsXHRarJkw07__25ek8OkO-Cj_IjwmrBeC18TZSeZGoHARz6YQMTgY98d1AenoPMfdx2_YAuJC6disUXo4DbDfgDtZcTVujGQzZL5NrvDqH5kjvMM-70YraG-CWwk9Ex02LfwTp-Pc3B17qIa1uOiKzqNMQKXU_jhRyzoRx87SR61CTHk-E071BNtOX74NciEV3OKvxEI7aUZmoMaodU-jQ6m_lhOlt9D6L1MSUjt_VnXACoTJQYN9vXdB1kozt3d0IO5K6tSJ3ll03Egkto46P4-yjGsrEuw__Es0ler3G2wy5YyCr5O7rnyLxpTjetKIChVavn_5QYTES5D3Z9ORgzVbIyXRBdPo54clmTCK40nTXLMZlh8MBIIRX3VJGh4d3VB7fFdHZk59q6cYZv0kwqy3i7HB790t9pj_AJqLDMUYbelh7aYqZ72agNmwSprpf6ICkb8c_jR-PEpLVyAi38vjTdeNDnQsM__x1r8x7xziIPOgImXoqhh8JqiToiVZjtGI3HYr_FxhD0BgO8HjDojxBFbsDJXx_VrtGfUXZGK8DcUSJqU6oOMvk8Rt5jT278lhw4gCQBj-iBGAZb1O5l4MRYBD5r0NaZkT_UKCfGcXwkz5f-9mscdjI9bIshXkekRK2iGRPbiKCZ0l7hMooNR6Qm1bRy6Vu51WnqdkwxSLaoUl2w0Y9UzC1a4_XTCHmQcBQ9Cm4lMwvDxlQxbmEERsFuIUdMUp1fAXZv4tcmhMwoAsX-cR-kTyDkG4agM36L-siG3B8cnB7VNJ5MhtVGh9tAcsK0ecE66gn6wwR923Yx2lLfypXPAgX1QiylJv_BNiOtfhc2PQZVciA8AfYMgdRgsSJa5dEZlbL2eZrZ83qeuGXHLgfZIBQVd82rmi8Je4FNnz-1LLQSu5e9QQu09OdmWXxp2XSKoDR9bxRBw7B51stCN4b1PPkHyNM0SwR1HIqFwqUJ8_IrBJsTOsPlAxZahj3T25XjyyZuEkU2Q85kvuSztPOmL0BU7BYohrJQAZxaZrhgii0LsndmDzf9F-OI6ZgpkD2n0S7OZp31DGOQDedpdAxA_OLgjD9gvpqMDL181m2yJRX20tfem_cLf9Vc9tlBkPUOgavcguNjjRfPD3Oz4lGBPDI80RJvcREZc6JSAwwkDaHyB7FzIcm4OXIuMaL0Jo_bPJi9uySDCV3zvUlmEHozgv9TNE48Bw7_gAZ9AGbvDiOqi1QBL3f-N7VTxN7RCwVIajVbUPLXvAWqX14MV9Fs0tQ4mxScY0g-5yAcCu0euT7MPQGseCkEFDFn2nXaUmuSnxRG_GpvWdobmp74v9Xke1lNHQqb8GuARhkFMc0XOlzmHm5MaofaVnV7nS6XTezqRc8O7dYKEQyE7N-9rt7SW6A1YIWhQ5q0cQyUKB2S0yV8xz8eQhHemipj6b8OKtQY9KUL_AU6DwQfeyWRnjO9Z1tnPvj1lRwvE0d2YajbtXIj9CuOzxKofrLLS5m8ZIqzmd2U3muIUAG3lsaUwhmm6S00uLAtBbzXteneH1liNkQmQN9p5CC6KJyvQSjOYGPxgUaXQWl2Rhz3trbzhROftbEtAM8G-kEdum6p_D60vrGgFRR4GZl5e6_INOEd-QjJjzJ8gPpHqopIR5uXo9U0NLMRRgLaGrEMqpF9Tshtcou7DU2_BE6Af2k0825VOYwrIBO5iDYKKuYCGfbSRhnYQIdsDLL_JD-X76GNvJ-yMxEqza5rPHB5b_h3hYgtF8m9zS5VoTF7GUQ6UvPAkr1uup4hNubSgUey2X3v8A3bLdesZA1xS0iHQe8Ud1NqOg&cid=CAASJORoUs3tl79BzfNHQ7SFMtiZXYHOwyZAUNSmyjaAXJWsB13alQ&rfl=1%2Chttps%253A%252F%252Fwww.walla.co.il%252F%240

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4ecff9297201f22f93d67df21fbe0159c8703a0f295839cfb5e185911d5627ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34710
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame D961 42 B
63 B 155ms
76ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AkjMwEfEaxhHkvnq-NXTD1tzHlbfdNtoRsX0gcWLw1QkpbHmECRoyo3byVS98dBxAtfQwbFR5gADAhhEo289-DpNabS0Ysefz5kcK4gtOu0JWhHak

Requested by

Host: 3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
URL: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220719/r20110914/client/ Frame D961 3 KB
1 KB 164ms
78ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220719/r20110914/client/window_focus_fy2021.js

Requested by

Host: 3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
URL: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 14:46:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 840
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Aug 2022 14:46:43 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D961 137 KB
42 KB 54ms
50ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
URL: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0de50a799ee39bde80bfb0943ba85616975f5c71e0e746b49c27c5b0d1731ef6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43203
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1658144321100200"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 21 Jul 2022 15:00:43 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220719/r20110914/client/ Frame D961 17 KB
7 KB 141ms
56ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220719/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
URL: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a163b80061e9d2d04c92e16d194fcb8d79fd0f175738736b0aebcd98600d0175

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 14:34:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1569
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7334
x-xss-protection: 0
server: cafe
etag: 1169380200214664902
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Aug 2022 14:34:34 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame D961 0
0 49ms
46ms Image
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSDAaLnjDJTZ8R21jj6gbbEvG89PpjcHWBlMqqU3rjMctzlkU_h0DAjGl1Z18IYfNGQOtdR4slvRR3HN4hU-gWiAO5ZwA
Requested by: Host: 3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
URL: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame B32B 2 KB
1 KB 91ms
44ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YtlqGgAAk2kKd9SXAA8MuWTWUO17U5RsUGeQfQ&u=%7CqsgVBdWIBWJ3AMWu6rnXz3jbWBFJv0o2nWVMPbdzidQ%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANTdjJFUnbHmDAM6gz4XCNH0cuv8kna0byp5hiyOEXCr1oqghP7ak_uWlS66l-xnnsvSniLF6mL5VHfGFKWQvVS_G4Xxb8CcZEKqTCOZ_J3oPQuYmciJP3WZmQQbJ86UvSGZqEMLGacg8a-n9t7BqSiGAMH5-LW3PofGJ0HG7LVukUjNE8qLQs4no1baXhhmNnzwqdI_A3lI97GyoeQk5f56MB9JVluwABM-0pn2Y5B4FJogJvJ1CqJkxCkusal4s9XQYkwAbn2-5agZZidwTct7UT-gfE2vC_WveBPgEReCuqubsfEhHCPnIZkIfmKCzPI5ViMMi4zApmnA0IwlSNOzVRjWG51vsCotzFcd_YNqxbo22mRmDRMN4qEtIwqSkMOt1B4wQEcu-SOkramZ9L54&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCR8AFGmrZYummApep3wO5mbyQCsme0rFcxbKY93DAjbcBEAEgAGCVkqCCsAeCARdjYS1wdWItNDQ5MTY1OTQ5NjM3MjE3MqAB1bbS6gPIAQmpAkFOc2cJGbE-4AIAqAMBqgSFAk_Qui5_C3ScZpm1VESXlAG9Ocqh-2H9GLJAddI3-tFFiM5Bbp0Gq3VXBU2BD6RL-xaZoCvrrbTHBesQzqgipHCdmfltk0Gehk5wTJKKND0CyoQSol1k5RugtOcboiw-QBcXqnsRTcHkTtm8RuuAYw6j0sUZCujHxNZ73tXDduzsc0jfWMqW_YUkldzqTpqjOLnNww5LlCYlH2YkZHZA4zs7uWQhmF3SSrUO49I7oX11MCkI0QbrOBSUwiYEorzSuKvwnZ8B7R8290kpnDAr7X4OmjbfdmFLpwpiMXizmQyZKyorhEXovhKTiKWCHnNToawNEizOPk36LQG2jn-kBTwrNA7iuOAEAYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0AZ_L3cZ82Jorgy_Mm72p0LMKXvw%26client%3Dca-pub-4491659496372172%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:43 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 16 Jul 2023 15:00:43 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame B32B 2 KB
1 KB 90ms
44ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:43 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 16 Jul 2023 15:00:43 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame B32B 308 B
636 B 53ms
42ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:43 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sun, 16 Jul 2023 15:00:43 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame B32B 293 B
621 B 55ms
45ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:43 GMT
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sun, 16 Jul 2023 15:00:43 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame B32B 43 B
348 B 91ms
46ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=efOAqqEvuYWap29nLoUmlgqJPzKz_3pYhKc6l52uHXe47XbnNRYREqBfcHCx5KfoVUIz57Q4uPbP0v_aZqbvRrdqdqeJ9alOjwfSQM03znWJ0u4zZKPIay3vsDeFSEnQ-9fU82f_30vJXvF0siIAL7uOWRj-3-Mkezc8OzhxvRdmxDMfyMpDAdQa_1nsjxYFIs0CmYpqapCDN4Dyr2C7iizh3Z6p3SlqZTObJ2lj_iMyxxI-T0iavJnj7esBaONcllTa19u-HkkWqKyP2luNJn0aVSOg4CwPAIfoqZQ_hCyBPNopF5kU5qDBl7bVvKAkcTiLoRUNfFiSYqU_obfHzHJOS-LLQzkYig02jhL4CUW3kesQ6XJs0bxDIUmENhxpjL51_VQzAEBamzB9lEeKPpTiU8_8N0vBczTIR-qeE7hybUfZ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:43 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3095656
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 m
secure-gl.imrworldwide.com/cgi-bin/ Frame B32B 0
688 B 241ms
181ms Image
text/plain 2600:9000:223c:c000:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1658415642
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YtlqGgAAk2kKd9SXAA8MuWTWUO17U5RsUGeQfQ&u=%7CqsgVBdWIBWJ3AMWu6rnXz3jbWBFJv0o2nWVMPbdzidQ%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANTdjJFUnbHmDAM6gz4XCNH0cuv8kna0byp5hiyOEXCr1oqghP7ak_uWlS66l-xnnsvSniLF6mL5VHfGFKWQvVS_G4Xxb8CcZEKqTCOZ_J3oPQuYmciJP3WZmQQbJ86UvSGZqEMLGacg8a-n9t7BqSiGAMH5-LW3PofGJ0HG7LVukUjNE8qLQs4no1baXhhmNnzwqdI_A3lI97GyoeQk5f56MB9JVluwABM-0pn2Y5B4FJogJvJ1CqJkxCkusal4s9XQYkwAbn2-5agZZidwTct7UT-gfE2vC_WveBPgEReCuqubsfEhHCPnIZkIfmKCzPI5ViMMi4zApmnA0IwlSNOzVRjWG51vsCotzFcd_YNqxbo22mRmDRMN4qEtIwqSkMOt1B4wQEcu-SOkramZ9L54&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCR8AFGmrZYummApep3wO5mbyQCsme0rFcxbKY93DAjbcBEAEgAGCVkqCCsAeCARdjYS1wdWItNDQ5MTY1OTQ5NjM3MjE3MqAB1bbS6gPIAQmpAkFOc2cJGbE-4AIAqAMBqgSFAk_Qui5_C3ScZpm1VESXlAG9Ocqh-2H9GLJAddI3-tFFiM5Bbp0Gq3VXBU2BD6RL-xaZoCvrrbTHBesQzqgipHCdmfltk0Gehk5wTJKKND0CyoQSol1k5RugtOcboiw-QBcXqnsRTcHkTtm8RuuAYw6j0sUZCujHxNZ73tXDduzsc0jfWMqW_YUkldzqTpqjOLnNww5LlCYlH2YkZHZA4zs7uWQhmF3SSrUO49I7oX11MCkI0QbrOBSUwiYEorzSuKvwnZ8B7R8290kpnDAr7X4OmjbfdmFLpwpiMXizmQyZKyorhEXovhKTiKWCHnNToawNEizOPk36LQG2jn-kBTwrNA7iuOAEAYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0AZ_L3cZ82Jorgy_Mm72p0LMKXvw%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:c000:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:43 GMT
via: 1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P2
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
x-cache: Miss from cloudfront
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-length: 0
x-amz-cf-id: 59fR2jgvnemaS3x_97gVPlAKyIFlPz8Zcf-zs5cixQgHTtMxP2Vmfw==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 091A 0
0 88ms
87ms Fetch
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CBJ_rGmrZYqXoFMSHrASTkIuID8me0rFc9dqW93DAjbcBEAEgAGCVkqCCsAeCARdjYS1wdWItNDQ5MTY1OTQ5NjM3MjE3MqAB1bbS6gPIAQmpAkFOc2cJGbE-4AIAqAMBqgT9AU_QDMekR7MhxV9SWxYJZ97H-oxN6zY4Xv3AmhTk9DXA4WLFQQkm7v93BMRdOarztGlk1IlSWWNlmdw_rpl2BlFZ53nuLhcZSqceqPy2XEO7dCAZ7oygL2ojFc9vUftpgMcmHF1VV6f8uDIhWQqF8LEd0CWyjqWeSbby1GPW0rfvOpkGHG7OLP3f1uw_4YCghG0jGcIFaAx-q1aWTMIRYrB2VmO3GeEz2ymainGAUQLkjXF7BqJ5hfILUA2ygpfdKLyEALlt7cgYFbHXHe44LXqF_CjzS0AA-nP454eyTvHSrEbww6TFu9Z-c31sp4F60zw337VIh9Es6SeNCAngBAGABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNDQ5MTY1OTQ5NjM3MjE3Mhjx5hM&sigh=_5XkRAyW414&uach_m=[UACH]&cid=CAQSOwCNIrLMsK4gMFSHnL_gJ-BfHNgy1aSRJ8dH7wPtOYuIIi4M-yuSAqg8FTZy9s5wvUiR3URHM4lhMVHzGAE
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s46-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame 091A 0
0 156ms
47ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=k-b8ELr5RKwCkAOdg2ICAgAAAEStKKCg2KXrUwfGnNMBdxYQGWrZYj4nMET_LsG46rEeABIAAA&wp=YtlqGgAFNCUKiwPEAALIE9aJRzSyiqBzWw2c6w

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:42 GMT
server: Kestrel
server-processing-duration-in-ticks: 303441
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame E31E 183 KB
56 KB 165ms
162ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YtlqGgAFNCUKiwPEAALIE9aJRzSyiqBzWw2c6w&u=%7CqsgVBdWIBWKi3O1T0X3TVeUUA0JKz5vD%2BoyGGIFoFs0%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T_7v7MIbxeCIouYeYmYe5nfpkdENW9zw8__u0H06LL-V3FBZJXfVtEuA5V_UJFWBfkVJviLRjf0LUYDUeBpT2bGc6htSbZT1DbxUsaxnVaf9U0IdwcBJgMihiotlAdIZ9ngN63HIQFFCNKX97iFhRFJXj5-jAo3vfBaOxYfv5FWVeGOw6uiYCKHzNXqaDZ68I1Yk_QJ88wESyUX6P5FD88jGcBMONR8-zcBugrKhsCfEgJa7gXefbLLMAiDv-_5i0E3-f8xOqqm6ATomjGRjdkef2NXBdQZzAEQPQDOWv6XD2t7TUHAyoi7sPAGgSlwnLUD26J744XLRuoCpNczhOUVtc6td2Yuae7cfAtVH1BDjFSJPCji6ayqYa4hIpTQea255ggakl6yVM93DOGQs2yI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOowhGmrZYqXoFMSHrASTkIuID8me0rFc9dqW93DAjbcBEAEgAGCVkqCCsAeCARdjYS1wdWItNDQ5MTY1OTQ5NjM3MjE3MqAB1bbS6gPIAQmpAkFOc2cJGbE-4AIAqAMBqgSAAk_QDMekR7MhxV9SWxYJZ97H-oxN6zY4Xv3AmhTk9DXA4WLFQQkm7v93BMRdOarztGlk1IlSWWNlmdw_rpl2BlFZ53nuLhcZSqceqPy2XEO7dCAZ7oygL2ojFc9vUftpgMcmHF1VV6f8uDIhWQqF8LEd0CWyjqWeSbby1GPW0rfvOpkGHG7OLP3f1uw_4YCghG0jGcIFaAx-q1aWTMIRYrB2VmO3GeEz2ymainGAUQLkjXF7BqJ5hfILUA2ygpfdKLyEALlt7cgYFbHXHe44LXqF_CjzS0AAuHHZdQA90uJtMFJTE5ljQ99qectmiZn4Z_QKeUf3mf00bI0JG7YYX3jgBAGABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0hkbs5D1zACmoIy7Od4rsiJ5JncA%26client%3Dca-pub-4491659496372172%26adurl%3D

Requested by

Host: 3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
URL: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

211a69d4b3e0c255077a0ed99d257e19148a48c60236c5f7aa291b830575e838

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Thu, 21 Jul 2022 15:00:42 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=xAPcOwBNK8yXqon1vI75YClEpUoHuBfDOiK78fDG6f1LQ0tPEu6qbBySUcAaCfnqy6FgSp0A8S50HmCCNdO5Mn5CPS0zq6YO-ROz6sunENIMNbwcHS1KXK0kQMsilb6uNfpDz_xl5SiitNUAIuKMXAXs2_EPq5LSMFHa7t-BktYhRlwb67LOpdzXgNJAybifkBMoAsB5o92r-asUi_rT-Z1Qjwo8fS06xlBeJ7bN-bvqr7kaKt-x97zZ4yLwJX5q32BoLg"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 110377196
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220719/r20110914/client/ Frame 091A 3 KB
1 KB 134ms
78ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220719/r20110914/client/window_focus_fy2021.js

Requested by

Host: 3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
URL: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 14:46:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 840
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Aug 2022 14:46:43 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame B3A9 1 KB
749 B 86ms
38ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
URL: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 5172
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Jul 2022 13:34:31 GMT
etag: 48472445140208031
expires: Fri, 22 Jul 2022 13:34:31 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 091A 137 KB
42 KB 50ms
48ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
URL: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0de50a799ee39bde80bfb0943ba85616975f5c71e0e746b49c27c5b0d1731ef6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43203
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1658144321100200"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 21 Jul 2022 15:00:43 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220719/r20110914/client/ Frame 091A 17 KB
7 KB 98ms
44ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220719/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
URL: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a163b80061e9d2d04c92e16d194fcb8d79fd0f175738736b0aebcd98600d0175

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 14:34:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1569
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7334
x-xss-protection: 0
server: cafe
etag: 1169380200214664902
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Aug 2022 14:34:34 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 091A 0
0 46ms
45ms Image
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSp4Lk788ZUsJtOGF6GnHn1Njd_hkpzRuP5flomOQxavlvkO-k_KLu-hH_wmso2J0fCQUiVG79DhU1Ab4hs3eghNwAxRg
Requested by: Host: 3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
URL: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 091A 22 KB
7 KB 107ms
53ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
URL: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 23:30:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55784
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 20 Jul 2023 23:30:59 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 79F2 624 B
297 B 91ms
50ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYjYjFwwEwAQ&v=APEucNUkdFZwuprX3p0Zr_DortzsoV_xzLIWTEA8Y6NyqdP1iyJsm4vQ8wuvVymXDaVP4McffunqzWI1YP-JeiQi0ut6mEiiT_b2EPvXlHyEP5pQQdvPC4nTaiK228laPgs6pgjq5us1xCTWT3ree7Hef4TUU1f2QxxMQjOEsAqc5tOcv7lOVLk

Requested by

Host: 3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
URL: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Jul 2022 15:00:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 1F9F 79 KB
33 KB 129ms
89ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BNb-CUofhP6yqVYu5pu4vjR42lf8CEaTDhvWgipmJEIz2lvYxOdCHSft226NTlUGi5SQr-X4MFOfW4mhMb25KMr3CgRa3kK4rqwbaidkcn6L-yzYgIXbB7K-ZfTT6jccKTyVcDrJfQupEsDHKlUsHRLs18kg&dbm_d=AKAmf-AgswO1kOHbT0asOibUkEdJf0TLnJqx9Ha9-ukoQagW30FU_Cy95oBPmKppblZ9AVdhuM85GyqHS-0-QL6b6LgN9zWh5H4mb4E6s8R3A2s9HjO7fcB_1X47JQ95zS0TW4yZ1-Pipy-QDpLqv0TqRUQ2xiG10t9A9DAc4bRx66pHdadAVevZ1s8GXjWKJQMmwVGRqG_GbpOikNsG2O76Br6UNMwPkhpgu8FjbEs8oUAv-qbTXO6ubCtS8NuXinhcFgHM3-PmZfCkQ17v2RO8GEAec-k4TK7xjnVXUwzIb_0DPz3vVWECISWAaYTUtSIItb_vFtrWSxaVLEZYS0eSV2_hGMLbEfvq8uHRLAZcJR4D66B3l9RNI2bxcu7jvR7QlwmYS1dTeNqRSPvXOJgapa_3hmSebozhyH02WF0Rdy4mMXYG6wWfWVAvTYJNXc3t0JKW4uY5o7eNhU4qCae2CBB8aRXDNK4C2jkFEFEu6JIIXWvmdbl3J6xXVa_eGLF_4aNRbrtyIDZwUQMBQIRKnEKzQk8khsNAH8g_efnJjmXYmiZOMH1xztBauOlc_zqsfbgoVB9OWlRGZxGeDEixEyigSEgLFvldAAQ8XxMjHebiV3vkQrOehcuWFiV7a5XMWzQV6doWP6FQ7xuC3lYcSExEVAVgwQ2L3biJYNlfyVotelU1iDeiPEBgjSSbEWAy2-mMNZ5-QFDXfFLSnoFglOOnCXSqaG0Ar7-wjuOelSltgmP5wNQSeJb-bipTmzubHxC6Du8ONk4t_g68mDV-JwNfuiqCOY6PNyL5pWxdxMlWj1JHJ3xz7ADV0Hi5Cp2eCRP6Roxj-pbc6Mhhy_TXMmz3MwV1za_RzOXcalv0IzbbRJZLQF4XIvTF8PhLmYw1YCQcxUzR9J928AeCXMGV6_lV5OFlZ6YOUXIzwgJrxx01PQ_KpAF-tW40nzlJ18StS7NmkCacw501gfEEXnEQbJEswK9EAeVyKCmA72gz7eNsqu7U2W4GgtRypcv0fNFgivjUuHOUG_-NdiGn4Us5-nGl9yv8ytFbiTlTaZxE67qN34cdFGBDZrvU50__bJj2e1EHz1716GjleEG4FOB3dPqkmlnatMlb3cKkDUquF7H4C1-wpmX41dM2DrDXyubpTl9Y_hsSTBvqiHYLtTT3vwYpE1SyQBgKhX6msdzI-a3zZIfDBErGG7CKrRmAlrEsOZoOXChx2hRcft2HmjOrmpHlZNBi59NHpSRRio-SE-422Lg-sXnJiaXlva7q63k9DcnkdHlq4bkyP7HKD7JzHy0L-r-gqToep0U71O2D7gXI7uKtPGxwWtoR7nyKXhMfYR3bn-2cM7rat8wRnb16FY9unzcCAmYsKzOE5kHzJk2NTPr93wTKYUQuKcvOBDnzi0pRpCUC-8ION6PaR2IWs5Z4Jpm1n6CUuFIyZBnelyL1guBrmFEWg4CHf3v8exuXzN03LxWoH94r-8pRV5dZP90gN6O7csbtetlXkyyPo133dPCS7VHFtt-SZ7s2QznKqEVv4V4-muCJRs7cBVJJGz0NNXBHokN5RHuVTxZumY7gd-JyiaJB_LEV8-o0Y5DemNr59Rb0QaLHNoMVjsN7ILRZgPsDIIbk_dcprnoE0lMoGcov_1ULNCXIivQoeBRYTsMpm9LqjVKXKHaOpqp143WNL-6jmZFevY2jESY4pVHG5_FzZYa9l4n5VpHzw-POspXNax9Q2H0hKTm0UawTG7OFXNPf32wxXVhkVzkbO8qiTnhCU-VrQ6DStUxU3sWG3vvDJFAIgwYKZfawAL1Er_gyOfmUGcAFdRFKidvX8wVR2KEF6OIPj3Fhc2jptogKPTwVMG3nB-oFUjlXivu8toEkIwTnCF7L0mXijky2wsIR6Om2tfsBaTSkDCRpP2MxxdLprwBJBYJowrIuewVlKLlvXI88QDBSHe5igidllO9DzoGLQUm-o3z9qvNBrWYogEFCnx2yWADv57ot6FoI-AKbAVge7tehv1Mzb_I9bS1ENKwmvneE6dh0j3VyB0XFdMWDMdfPttCU93g3wUHh4NiN8wk2DrorS80Yspbir__pMeD2n277WgEfIgq5DlNPROHEnWKRtnmq-Rr4ELj1ITT5vrtWWE0b7RAFsKnT1iHolAkk3OjKzyxiXQ0TCNLQeQOaIzLXj5LkQUonstgJqx7CpUTgj-jhj3MC7A4I9iwGkz6wzXhgnkhP2zySn8ZRBQ6Xs6vQO1KpiI8r9jQpS4Aa0Mh8o4svnLaMNsuQGvdRMJvSy3N6T9OoaajE9F6il_ugilo1yTmuVhzYYO4pure2Hq327M4siViaywDI7EnP3fLCQ88FusKvGx7OsGw4r_zGkyfJ7UZT3tDlSpVVqJ44iXh0RkKdLqYVYkFRjtewAq5vdNtdgQeJrO83BWfVJEoM7L4j3akG6CUVwEhbp4dLzwF-nXsBEYb7BybUC4n9e4xyIE1PjIW6t0amNNbz76u5_trJIP3Ysxaa6cPtLLwFKLhO65R2YngB31S60Rq-hvRfl2JzVO6RftGKNTkBgmrmE4EhbLEgokF56B6_DAErC8iSyA8oVDyh6XGxOtP19nKOrE9Z7KgAEtrL_0fcxhem11kpcWNpJ4PPHpGPjPiMdOK8kf_OcBLmDpaigJaUlyVjCiWUhF56GfiULqiOor40Cm6pAF1yIqev_MDMhFNiHKRKz3tzBvti_Jigc3wIgCRAnKS8bO5yv5oZWi2sSI_ODI4u_hpH6ml8Q-yFQEJpu8grGZZc0Hb0j8IruR80fc2TJLnyxGPB2MUTR17XNu-JMjn1Zu7UB8N6QJLY4eKuyaGvgv1b1p1IWGCIvivNCkfBMAIRE8mscE3jQzsHOLbtfniRoFYS_fX5rPPx4Fwx9UfEoeNocGZbyVSg8qM3UZ8EFckFJoGIhF86T4lA6UGjbV50562p6jdCidt0k7EdiB8hXhWqz72PsBb1xIXEXdWGieNLtFUN2BOrNo8y6h3C2KBBMLon2MG0fN0xIZx07XSIea3vcaJ5hQkdONyPe-zfbrYDAr2mz5u7DtuxX4trlDe42RHnDsf2oTWtRUKQpSlbH8CWFA-mWPrAQSPzwLFPiqY&cid=CAASJORogU8WW7v4uQOhX4dOLIA2fly3CoTJtb0GM2CEkVkVjFH4zA&rfl=1%2Chttps%253A%252F%252Fwww.walla.co.il%252F%240

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2334db28fab545e0fbc9057d50fa49433e02457fea4aafd1db2dc3a9b98e70e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33609
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1F9F 42 B
63 B 114ms
72ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AxQp1ZdAZUNVhFmzVDaM-oPtTANkZ9ZDxS9sxbkdrpJ1xnJNZazG-iCXplBIpluTsxiUyqv8IajT-HSDnP3mzSqy8HCRbaBNLmtQqY726e_sm1Rak

Requested by

Host: 3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
URL: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220719/r20110914/client/ Frame 1F9F 3 KB
1 KB 119ms
71ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220719/r20110914/client/window_focus_fy2021.js

Requested by

Host: 3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
URL: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 14:46:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 840
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Aug 2022 14:46:43 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1F9F 137 KB
42 KB 65ms
64ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
URL: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0de50a799ee39bde80bfb0943ba85616975f5c71e0e746b49c27c5b0d1731ef6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43203
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1658144321100200"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 21 Jul 2022 15:00:43 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220719/r20110914/client/ Frame 1F9F 17 KB
7 KB 84ms
37ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220719/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
URL: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a163b80061e9d2d04c92e16d194fcb8d79fd0f175738736b0aebcd98600d0175

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 14:34:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1569
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7334
x-xss-protection: 0
server: cafe
etag: 1169380200214664902
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Aug 2022 14:34:34 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 1F9F 0
0 48ms
48ms Image
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR5ReDrW3w_7x3B-IT_Ob8RFVM91bYFpKTVkVZ2WF21u1LA-9jbXpAgi3pFMkm768NUfX7tNz-NepiARLO_XmdwZOMfxA
Requested by: Host: 3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
URL: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 4B58 624 B
297 B 89ms
54ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYjYjFwwEwAQ&v=APEucNUkYr9NDTfErrgRmR0ljYRJXzhmmO97HUPjy2ocZFP3Ga1lDzAu7Oo5oxoz0G-zmFCoBAsOs8Ih_T2LK640LwPA9WWlrpPuxlFSG0YpTelCaYwB0IiY9btBtVQxY8nRifcyF-PxMhPootOmHAliRzo_lyhuUtThfNAB75lKkkxf2HDZ4HY

Requested by

Host: 3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
URL: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Jul 2022 15:00:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 3D3F 79 KB
33 KB 142ms
107ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AzVpCA_CpyuBlQZfLIenbAndMhhRMP750v9UTJPkqBQLlYxawzF_uRkrYHMCBtlFUEoCo5wEgKCn0c6jwFwttUKHABi_OPSV3muGPiHWMtyLC3PP8nmM-XfHwyTcp9Ki0zh0ComM02xWhpSIg7DHjtrutrYw&dbm_d=AKAmf-AN4oNAwr41q_lTP66UdOnEuKpf87Z4nL3saSE0UezjJ4GgkNBtum8ie39j-d3Y8hAVFiuLoC_Z-pfEoD0b7Q7kXIiGc1rkTIH9ZruxUytJo_2vwgqGxyB3XdN7zPXJHp6NJ5NrfigosCaxzHk6dgyd8j-JmS7T1fGKcU0ar0L2vcHRZEeedmQKC-Y_HbXhOb_SyhY3QwMBLX15yMi4pszimBy7t2S28MISPM6dIOwgjVEYlbG9fJZDkqQ4Ix-pqV9iJokV3IlFb0KbwyUAdi5ha9aSfPt9j5IqDW6DKWfPzGDvxmLGVVSfqGijrqbMHNn8ItIj_-HGpEVK1WiNbbLYpBYi2d5o839Ga3kwxmoeJ1RJB_leDdQqaCuD38XQMoXjAK6IJAc5_gffM9RmYmak95JpVY9N3DaVVQtKClZyDJkh3Ea6ce-H_xkuRvzrbr15rDEWwWIQIP9ATnJ8jHFshZ5F3kpWZ1DANRkcSUPM1hBy8ngBAJ3YON995MRlbEXdgILqJJSD2hrZzWQLUtKoMQRtSexIP8mV0cm6xqi2q_PDNrtjBtB9sWjoSTyWkI_i1RBM7mT3NNQQQZefESIseaw7xyATjSVEpyZpR_76NDV_wPaKeCgeJSuETaLREGvd_FwROCvOwJFL-Mg6-Lpjb3px4It8PcYtcrBGDLgbAuIGL7facT-TQO7uIcqr0XbRs8oUOgyN0hFv7iKbbjf4QgLbNX7R-BNdzclx7RekS6564ExdfTdzEAQ4puFV0gvpKNt__qUhibNO81a4BxQYbyt2Ya3CK6GzV81ek6sWNRRkaumW-NMbQrbp3XY-afD4G1FU372WKTboIIFVCCg_vgFBQWi26qA7aYdbe4peh0EnKV6BFLa6wNHy3q7WyggLNv6pZ8Zgq0L83O2adw1F3PJrgTNdz9ghelgCVcjFL6VRlXqaTKPcgemqxnNoraay-HJ6PA9ciYLWtgQMeEl1uXNfBCXTS7N4bV1MYeCWSPHEo3fkyqRX9z0M4hA0htO3QYpxrxEvXs-5yaRk5HpZ1ft9rnlhM0HGqdzGRs9yueLNqpPQILLEw9JJKhuX6Smm_D9_yYfO_qiBf-CwZMl-BmNna3jAkT3yWIajEYjZzTfcKOE7ArPfeWxVTph1HcIy6vAtXuAK8rhd3FOlvnzJjCtVFuXYNrOS2Gm661S9w8wswbb2aLAGehpEee1vRjW5qPhj7DFUpSe8lpYZXoJ6xedWfnPf0CJtMd2zqghviHuATDAYG0Q2uNvU0_NwS3qp5cib-R1lCvuZOBnrpDk_HMAivGS18kGXQH1hp1YZ9PuMmCAw94KDsFnqV-wNvV5wv7x-zC3k4QE-gf-y2H_r8V_QFkFZ3pvzbCSHjn9u-7VrxEQyPFZdrTZTZEG9DBVEHEQck_iwvayCTj-HIk1mQ0Aiwgdffzp7kFjP06emFJ2A9bZku3DUum9qCguiEkfy0RX0FPSKD8BG3ajWSD9JvEHvrl09j_RDJTvqfggSetb_xX9kdtH5nARiDFwST-sCtDw58idbraBq5E5d2Na0mS0JHSfa7cG7CUCQZ8192W-2g2lVcvJ4Tp3u_2JpQBmBiTYq8uyJWHGYWUHGKhMqYuI-AbPooKBwv2JczyGc01KX4rx19d88krC_xjVh_1fsY4KgyBemoVbSArjvTeIrAZ_jxpA0P_pSjLMyLlZTlJEp0JwonDwwYjenPb-UM6zYaHzZdzK6tWJoT-cNSSTil80aXyfskmal08iods6UVzJa0m2___GnkT-8AMwS3n0XM0Iv2oX5PlzLuS5nQ5W5mtDAPKGZa5WIEv5VOuN3dsHOE1bx4p5FANDXKzEsh3wOGHd2IYwuwDr2vES_iVsmsXDTu6rgfbaLXgVxxRvAQB8vXOWerH8oXdPqpgwvNOUF7IGBcuNN8I1kJlIAWxF1Y3W0R_H60Ql8qS6i7D7rTlgc5jcvan7WTEa5zCRZIzrDep0c2xcMiaQasOYHxfobSo8F-ueMD0YZTRs1-hwMWS4TZ5jafHGnVAXDlrG89dwee-ce1tP9ICiU12bsxLTqFxLZ7zBBv0ujPdAYozbif24E1byDKElIjKomk2ESQsiXT0U63x423-WrSjab8rfulyRvcz8rL52HEyDWP2_83dMTk57Kn0ec0RRmIAG0qcn-QR_btmfsm7xJNKtP1nalkd6nQpY6Dk-QSecOqW_lQViSuoUATwMKXJUVRQK3BDEb1ofGKZnbpLXJYhDxPyiprO0uc2e4kegeRqoU9hRWb8QRsNZ9gIiJEA-0JG9VOdpAPV27xRMLFzJApP_T9vXu4zrgjiLIsM41oEzKUA815oIOeeY2sgsB6i7jyLsIGGWZ3i5TFIbYrmoZmIpH1hgbZvzcGi-tc0vwMlp2gm0T8QAjBUvXqc4QftEORUBHHFySbruMbi_V8hGppnbJxAX9jwRBaoaK5qgMWkd8Dcqb-rmtj7x92GmnGFsYmzM-TDcfjvJrTYJ6LHwNyfHxCZjwO1PeOu0tdh5nGCL5Re7RTYyGt3UUcJFVOX_ad9xo-7JXfWpsDTl6t2_WzOpZSg9pEpWHir58PnJ4H2j2n3cGgKyPOyICvRkyptDHM-oZWYmGAcElkfjKXAtWc8enVyYVenYA5hJLlBQcP-rPFOi-4o3c0yVa_z1dbeXL5YHBmc6_TTPUVHn0DZYbNDXxm8BKp-kXy0XYP31W2aubp3-B-g-fPi7UCKyRJvpqWNiZ2QnBor-aFna22aTyM_zjapju5dmSdgNoB1DPbycH_dux3j29ui95nz7kNjgmhbjc5YowMeninyY4gjvtDrCRlta4MrvpEfnYY-7wHqqPyZQh9IcGR0MheYaFZK6Ykb_9RE6laFGI3enfOkuIEfjBea3I6qyVuqGbclQLl7hm3j3845zBdZqk6ZcFac-fIFoY28tf5rqA2LeeCJG1e3H9tRVqxmUbX5irYxJBhsT6rqqJr9faREjD_lSRvFYse-76UHlGMij6teNllQ6Guh_chtRUiztChCvz67sAIb05gkNq_idvblph3NbKRF-yMTxZoCzp3S5AhZGUlVw8zlqBgGkZ0Khqz9ywjZZPA8U7xtfk4Nd5sBuIQa7Vi-LixXB7kCGk434p&cid=CAASJORo-UmabLG5cOX9z_bI7H_vrDreCLOI4PUHDcskyNVySL28jg&rfl=1%2Chttps%253A%252F%252Fwww.walla.co.il%252F%240

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ac77e730898f6394c8b4cde5a39ffa67090a9f6d833c34f6c7b1d939474c45d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33755
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3D3F 42 B
63 B 111ms
74ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BSS4JK1d6Yr07r6q00aceQdM9ssBoE6zO2Z60LlhQd8Prjp7IbIwKb_mwxGqM5jIaGtGJ1Ke4jxF-nfNytBQo6ANkKXLrGfcouxczyuNRT97X-n6c

Requested by

Host: 3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
URL: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220719/r20110914/client/ Frame 3D3F 3 KB
1 KB 114ms
71ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220719/r20110914/client/window_focus_fy2021.js

Requested by

Host: 3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
URL: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 14:46:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 840
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Aug 2022 14:46:43 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3D3F 137 KB
42 KB 67ms
64ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
URL: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0de50a799ee39bde80bfb0943ba85616975f5c71e0e746b49c27c5b0d1731ef6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43203
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1658144321100200"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 21 Jul 2022 15:00:43 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220719/r20110914/client/ Frame 3D3F 17 KB
7 KB 104ms
61ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220719/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
URL: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a163b80061e9d2d04c92e16d194fcb8d79fd0f175738736b0aebcd98600d0175

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 14:34:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1569
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7334
x-xss-protection: 0
server: cafe
etag: 1169380200214664902
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Aug 2022 14:34:34 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 3D3F 0
0 47ms
45ms Image
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTH4KC1Oaz3OZf69bNhbQbYuhUVG5x5s83I9vbgP_54ony08nilXhbuQ3lfLKQxZyNI9x-qeJqHtW9apK6UfKVT_F1ySA
Requested by: Host: 3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
URL: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 22CC 12 KB
6 KB 56ms
54ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:43 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 16 Jul 2023 15:00:43 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 22CC 11 KB
11 KB 144ms
41ms Image
image/png 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=496&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F8d6bc06124f044d4973e0db21c495799_logo.png&v=3&w=356&s=RvgLKdjxsCa071ptabsHOAat

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

cdeac9e009d394737c133d4f4692a8fe3ee3c88df825af37b647e2610b9082e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:42 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=28822635
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 11301
expires: Tue, 20 Jun 2023 05:17:58 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 22CC 1 KB
1 KB 142ms
39ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FB%2FlogoBKA_Bundeskriminalamt_4558DE.gif%3Feb%3D1&v=3&w=400&s=GVnKI3ywx2pDN-sz0JRgKSSP&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e4b58a351151e4da3ebfac8c923fc7c19c7bbbd6696d716a2f3465bf869f1138

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:42 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1259568
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1266
expires: Fri, 05 Aug 2022 04:53:31 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 22CC 2 KB
2 KB 177ms
74ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FB%2FlogoFormel-D-Group-3583DE-2008190935.gif%3Feb%3D1&v=3&w=400&s=DrzYj4BBZ_BeucmSC-VkbH0_&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

386531a08f54c0c8d3ba891ec58687e227a48302afa25312dd0cddeb858fe61a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:42 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1884243
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1672
expires: Fri, 12 Aug 2022 10:24:47 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 22CC 2 KB
2 KB 177ms
75ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FC%2FlogoFraGround-Fraport-Ground-Services-GmbH-222375DE.gif%3Feb%3D1&v=3&w=400&s=u8QjTuzx4yQwWOjyD8TMxXfP&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

5aeca3b44d1a071a3a4271a080470f383d077f1c0d1298845266e690449e6607

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:42 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1961673
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1960
expires: Sat, 13 Aug 2022 07:55:17 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 22CC 2 KB
2 KB 178ms
76ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FA%2FlogoAlfred-Ritter-GmbH-Co-KG-DE.gif%3Feb%3D1&v=3&w=400&s=HXFhq4KEcY8kt-Wdf6xUD0Ka&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

3bac61fc760ac2498af0e78daee95f9034520e6f307a8c083003463882ce0c8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:43 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1828
expires: Sun, 16 Jul 2023 15:00:43 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 22CC 2 KB
2 KB 179ms
77ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FD%2FlogoDr-Meindl-u-Partner-Verrechnungsstelle-GmbH-139545DE.gif%3Feb%3D1&v=3&w=400&s=OEC11Z9rjyZetjUjA1x1yYe1&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

cd5c0df13009943b3fdf4190f148764693d7a0d820d6c76430a5382d154a979e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:42 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=168
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1732
expires: Thu, 21 Jul 2022 15:03:31 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 22CC 1 KB
1 KB 48ms
47ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FZ%2FlogoZEISS-3427DE.gif%3Feb%3D1&v=3&w=400&s=57jpJpXqQqO6aPmte_wy5ihf&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

a6c11502463f3445d37d3184cef1016bb3c77dbc12b88636788632bfe5e87b98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:43 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=2062720
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1244
expires: Sun, 14 Aug 2022 11:59:23 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 22CC 2 KB
2 KB 40ms
39ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F6%2FlogoBosch-Gruppe-2804DE-1909091413.gif%3Feb%3D1&v=3&w=400&s=mpSaavc37cTAcDERDSmhZdBJ&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

490319aff00a55cfc00d9e24f71f39fc0801858055c62c07bec8fabf2f6e24ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:43 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=32371
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1584
expires: Fri, 22 Jul 2022 00:00:15 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 22CC 3 KB
4 KB 47ms
46ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F4%2FlogoKNAISCH-CONSULTING-GMBH-170529DE.gif%3Feb%3D1&v=3&w=400&s=NYdBLoBXrshh5KMkQyuPjfqJ&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

55beea0538c519117fdc2a1dfd8c03f10b55c85acd1122b39ba0dacb724e9e6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:42 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 3508
expires: Sun, 16 Jul 2023 15:00:43 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 22CC 898 B
1 KB 46ms
46ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FG%2FlogoGKS-Gesellschaft-fur-Kommunikationsservice-mbH-148116DE.gif%3Feb%3D1&v=3&w=400&s=-mxUMyceAgOLfeiqGMGVBA-h&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

46b12afb08dc52a9f50161094e95fc99f08cbb726b869573c640365e1e6b6fd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:42 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=258711
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 898
expires: Sun, 24 Jul 2022 14:52:35 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 22CC 0
128 B 143ms
41ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=vjNfXwBNK8yXqon1s1fMenL9V1BFKLgz4I1BXVjl7F8vBxGH2kp28F7vlYvF1Om3evivhH_G8scf88esuGpTKQLlaay31trSBTGYzPPTAwPIlmiVyxd7rWGk1iLx-dJ6IUxlcdVUAUfzJd4jfWrvkPsnbLpMnXXt0-uDa0yZP1tPaRceCSyjK4DhCCyTpZpIVIRLJ-K7L_eA6RdZEnieBsRo_1HKIGXVJ460zGrbXMAcTy5MXp9qWORmfuLl3YFhAs-JSvYAvXARTyzu&sds=2&rev=82182&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 21 Jul 2022 15:00:42 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 22CC 2 KB
1 KB 47ms
46ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:43 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 16 Jul 2023 15:00:43 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 22CC 2 KB
1 KB 42ms
42ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:43 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 16 Jul 2023 15:00:43 GMT

GET
H2 200 singleAnimationOnFeed.js Show response
widgets.outbrain.com/nanoWidget/2000820/module/ 503 B
812 B 65ms
65ms Script
application/x-javascript 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/2000820/module/singleAnimationOnFeed.js?e=1
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 243bf15c781d6d686555babb3219261199332fd0dfb02bf22bc807d364402d14

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:43 GMT
last-modified: Tue, 19 Jul 2022 13:43:54 GMT
server: AkamaiNetStorage
etag: "fcce53bd5995330f97c868d071c9c985:1658240110.470463"
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 503
expires: Thu, 21 Jul 2022 19:00:43 GMT

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 124ms
124ms Fetch
text/plain 70.42.32.63
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=b8e65f4a7853b8946b89b4637a0f1e93_1769_1658415642519&tm=2580&eT=0&widgetWidth=865&widgetHeight=328&widgetX=535&widgetY=11298&wRV=2000820&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=941&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.63 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Thu, 21 Jul 2022 15:00:43 GMT
content-encoding: gzip
X-TraceId: a72c0436708a8eb7ba109dcfe814f3d1
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 115ms
115ms Fetch
text/plain 70.42.32.63
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=d3d2fc94d825b79a8540def3fb7eb15f_1769_1658415642599&tm=2588&eT=0&widgetWidth=865&widgetHeight=649&widgetX=535&widgetY=11646&wRV=2000820&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&rtt=941&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.63 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Thu, 21 Jul 2022 15:00:43 GMT
content-encoding: gzip
X-TraceId: dfc42dbbb59e43d382cd65b2d33d99d0
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 231ms
115ms Fetch
text/plain 70.42.32.63
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=37b0c2ef573ebdfd450cc5d67d5cb228_1769_1658415642729&tm=2589&eT=0&widgetWidth=865&widgetHeight=311&widgetX=535&widgetY=12315&wRV=2000820&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=941&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.63 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Thu, 21 Jul 2022 15:00:43 GMT
content-encoding: gzip
X-TraceId: b7762dd400106bb1538df17ebb4f05c3
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 245ms
122ms Fetch
text/plain 70.42.32.63
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=7df857e747fc5f0ef7536ea135830f29_1769_1658415642970&tm=2589&eT=0&widgetWidth=865&widgetHeight=328&widgetX=535&widgetY=12646&wRV=2000820&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=941&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.63 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Thu, 21 Jul 2022 15:00:43 GMT
content-encoding: gzip
X-TraceId: 44ff15a597b009a9d0556b93fb97addb
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame B32B 12 KB
6 KB 43ms
43ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:43 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 16 Jul 2023 15:00:43 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame B32B 1 KB
1 KB 43ms
41ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e4b58a351151e4da3ebfac8c923fc7c19c7bbbd6696d716a2f3465bf869f1138

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:43 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1259568
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1266
expires: Fri, 05 Aug 2022 04:53:31 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame B32B 2 KB
2 KB 45ms
43ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

5aeca3b44d1a071a3a4271a080470f383d077f1c0d1298845266e690449e6607

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:42 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1961673
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1960
expires: Sat, 13 Aug 2022 07:55:17 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame B32B 2 KB
2 KB 42ms
41ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

386531a08f54c0c8d3ba891ec58687e227a48302afa25312dd0cddeb858fe61a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:43 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1884243
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1672
expires: Fri, 12 Aug 2022 10:24:47 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame B32B 2 KB
2 KB 45ms
44ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

490319aff00a55cfc00d9e24f71f39fc0801858055c62c07bec8fabf2f6e24ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:43 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=32371
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1584
expires: Fri, 22 Jul 2022 00:00:15 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame B32B 2 KB
2 KB 46ms
46ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

cd5c0df13009943b3fdf4190f148764693d7a0d820d6c76430a5382d154a979e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:42 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=168
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1732
expires: Thu, 21 Jul 2022 15:03:31 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame B32B 898 B
1 KB 44ms
44ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

46b12afb08dc52a9f50161094e95fc99f08cbb726b869573c640365e1e6b6fd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:43 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=258711
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 898
expires: Sun, 24 Jul 2022 14:52:35 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame B32B 19 KB
20 KB 45ms
45ms Image
image/png 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=96&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F79f2c646e3f74b54931cff1f39d769d0_blue.png&v=3&w=596&s=45clepS8yrkQyPzlt9DilbEt

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

077deca4d6403481d09410f5975dba17e496fc18fb1af7eb875c53c404a757ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:42 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=29439971
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 19853
expires: Tue, 27 Jun 2023 08:46:54 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame B32B 0
127 B 41ms
41ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=5VsKagBNK8yXqon1-BQUTLb5KHwnvrPqUCWrsNeGasv_tn247z36D3xWBpbQ-bZUXADe62k9XZYTGQW460wOGALFVQMbHNCCekQS1eODpJ9CIriq4-kpTl27WSF5A0MbP9fm_rh-iyGhkZqU1ozhERqEXLL0f_bxqo0VSRSzUCUR92ASUwnHyKnIRyOmMyJW0Y-Q5e3ELIZ5VKT7Xc3XOmFH3tzeMLap6C48XnjTYfJWNCahcWV68TB0HVcJWla78rnKYQ&sds=2&rev=82182&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 21 Jul 2022 15:00:43 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame B32B 2 KB
1 KB 41ms
41ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:43 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 16 Jul 2023 15:00:43 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame B32B 2 KB
1 KB 43ms
43ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:43 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 16 Jul 2023 15:00:43 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 79F2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF3Qxt6BKR0n1KoZRP0ufT4&google_cver=1

43 B
428 B

63ms
59ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF3Qxt6BKR0n1KoZRP0ufT4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYjYjFwwEwAQ&v=APEucNUkdFZwuprX3p0Zr_DortzsoV_xzLIWTEA8Y6NyqdP1iyJsm4vQ8wuvVymXDaVP4McffunqzWI1YP-JeiQi0ut6mEiiT_b2EPvXlHyEP5pQQdvPC4nTaiK228laPgs6pgjq5us1xCTWT3ree7Hef4TUU1f2QxxMQjOEsAqc5tOcv7lOVLk
Protocol: H2
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray: 72e4cecbdb7a9171-FRA
pragma: no-cache
date: Thu, 21 Jul 2022 15:00:43 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rDfPT7TvIwogjzEzMijCiyz6UtJkjjXaZDObg1ZpM6t3%2FTEoXLFJRRgpIiwejl7gyKXv4naZTgLBRBl3%2BrljKiSD44SVqANx%2FCeXiFt2tAr6zc7blzBAlhiWSRV2r2xxcthnQn6ilcr08w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:43 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF3Qxt6BKR0n1KoZRP0ufT4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 79F2
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YtlqGmNDH3nKuhWYH7btgAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF3Qxt6BKR0n1KoZRP0ufT4&google_cver=1

43 B
944 B

121ms
77ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF3Qxt6BKR0n1KoZRP0ufT4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYjYjFwwEwAQ&v=APEucNUkdFZwuprX3p0Zr_DortzsoV_xzLIWTEA8Y6NyqdP1iyJsm4vQ8wuvVymXDaVP4McffunqzWI1YP-JeiQi0ut6mEiiT_b2EPvXlHyEP5pQQdvPC4nTaiK228laPgs6pgjq5us1xCTWT3ree7Hef4TUU1f2QxxMQjOEsAqc5tOcv7lOVLk
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray: 72e4cecd7dbf924a-FRA
pragma: no-cache
date: Thu, 21 Jul 2022 15:00:43 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hmfx0vCnjzHCZUinZlW8UJM90UkfqV%2BMDKqB54tD0CbWXmLxkIqng6%2F7aPiCGducGlp17wNfkHKaiRbLqoMXomjO3ghceAGtSJ57fkQUHbq%2BWdQZH0iHgVVuC5fiv25DY4IGeIlHb5IGDw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:43 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF3Qxt6BKR0n1KoZRP0ufT4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 79F2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEG5B75OWZaxQHOGm9nbZkc0&google_cver=1

43 B
1 KB

83ms
46ms

Image
image/gif

185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEG5B75OWZaxQHOGm9nbZkc0&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYjYjFwwEwAQ&v=APEucNUkdFZwuprX3p0Zr_DortzsoV_xzLIWTEA8Y6NyqdP1iyJsm4vQ8wuvVymXDaVP4McffunqzWI1YP-JeiQi0ut6mEiiT_b2EPvXlHyEP5pQQdvPC4nTaiK228laPgs6pgjq5us1xCTWT3ree7Hef4TUU1f2QxxMQjOEsAqc5tOcv7lOVLk

Protocol

HTTP/1.1

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 21 Jul 2022 15:00:43 GMT
X-Proxy-Origin: 80.255.7.107; 80.255.7.107; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 66d9cada-3a0b-415a-9527-f6f803657f68
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:43 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEG5B75OWZaxQHOGm9nbZkc0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 79F2
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDUwMTgyMzU0OTcxMzMxMzYxNA%3D%3D

170 B
188 B

50ms
49ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDUwMTgyMzU0OTcxMzMxMzYxNA%3D%3D

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 21 Jul 2022 15:00:43 GMT
X-Proxy-Origin: 80.255.7.107; 80.255.7.107; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 0ea3ef4f-b8e4-4d05-b578-dc2dbeeb6294
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDUwMTgyMzU0OTcxMzMxMzYxNA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 35BF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF3Qxt6BKR0n1KoZRP0ufT4&google_cver=1

43 B
419 B

64ms
60ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF3Qxt6BKR0n1KoZRP0ufT4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNXBERCuvK_DAhiOj-7LATAB&v=APEucNXj0VqyjJ9whQRaXgY4J9xYANAo0HMam81GsdVezNlsYyDZmMXgE7_46UAYuXyT5lQ3PIj2WvmrrZS7fHt1rVsElJHxh1yhacetrrq19A6_5aFfXKccA-_2bjCUv4VRmmViGMvVLuC1Drb-CeF4r7fa7SLtVl1Lz7dGqnarvv65qdrq-yg
Protocol: H2
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray: 72e4cecbdb7c9171-FRA
pragma: no-cache
date: Thu, 21 Jul 2022 15:00:43 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4pjvLEgsPrM3NiS%2BeX9GsmwyfhY5400fcMUtydBZtnkaTa2yZr%2BtgTG1%2FVahsJa7Ozk3LI9jFKotmRcBYAzYAcxGWDorVJZvWHm5ymTalmJn%2BRUgrm5ah1x0jsX%2BLy5bNk5yf1zqx4iH8w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:43 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF3Qxt6BKR0n1KoZRP0ufT4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 35BF
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YtlqGmNDH3nKuhWYH7btgAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF3Qxt6BKR0n1KoZRP0ufT4&google_cver=1

43 B
906 B

63ms
63ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF3Qxt6BKR0n1KoZRP0ufT4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNXBERCuvK_DAhiOj-7LATAB&v=APEucNXj0VqyjJ9whQRaXgY4J9xYANAo0HMam81GsdVezNlsYyDZmMXgE7_46UAYuXyT5lQ3PIj2WvmrrZS7fHt1rVsElJHxh1yhacetrrq19A6_5aFfXKccA-_2bjCUv4VRmmViGMvVLuC1Drb-CeF4r7fa7SLtVl1Lz7dGqnarvv65qdrq-yg
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray: 72e4cecdde5d924a-FRA
pragma: no-cache
date: Thu, 21 Jul 2022 15:00:43 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lI9LTOz9gIvoqdHYVdfVePc7C7AVFJsjaiIWDoPo689fTFuONed21K%2F2vD%2Fr1KOEXIv7iVPoziraSIj4XQvqlzG46BJE3B8kOykDpRr1C5g9vi7dLHQkvUk3No0sOGNFsrvtyy2vPorJJw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:43 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF3Qxt6BKR0n1KoZRP0ufT4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 35BF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEG5B75OWZaxQHOGm9nbZkc0&google_cver=1

43 B
1 KB

131ms
44ms

Image
image/gif

185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEG5B75OWZaxQHOGm9nbZkc0&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNXBERCuvK_DAhiOj-7LATAB&v=APEucNXj0VqyjJ9whQRaXgY4J9xYANAo0HMam81GsdVezNlsYyDZmMXgE7_46UAYuXyT5lQ3PIj2WvmrrZS7fHt1rVsElJHxh1yhacetrrq19A6_5aFfXKccA-_2bjCUv4VRmmViGMvVLuC1Drb-CeF4r7fa7SLtVl1Lz7dGqnarvv65qdrq-yg

Protocol

HTTP/1.1

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 21 Jul 2022 15:00:43 GMT
X-Proxy-Origin: 80.255.7.107; 80.255.7.107; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 54c78ade-b772-40ba-b334-2d3ad0b7f0b0
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:43 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEG5B75OWZaxQHOGm9nbZkc0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 35BF
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDUwMTgyMzU0OTcxMzMxMzYxNA%3D%3D

170 B
188 B

49ms
49ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDUwMTgyMzU0OTcxMzMxMzYxNA%3D%3D

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 21 Jul 2022 15:00:43 GMT
X-Proxy-Origin: 80.255.7.107; 80.255.7.107; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 5dd453c3-42d8-4f54-b675-dcdd4f4f227a
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDUwMTgyMzU0OTcxMzMxMzYxNA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 4B58
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF3Qxt6BKR0n1KoZRP0ufT4&google_cver=1

43 B
421 B

77ms
74ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF3Qxt6BKR0n1KoZRP0ufT4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYjYjFwwEwAQ&v=APEucNUkYr9NDTfErrgRmR0ljYRJXzhmmO97HUPjy2ocZFP3Ga1lDzAu7Oo5oxoz0G-zmFCoBAsOs8Ih_T2LK640LwPA9WWlrpPuxlFSG0YpTelCaYwB0IiY9btBtVQxY8nRifcyF-PxMhPootOmHAliRzo_lyhuUtThfNAB75lKkkxf2HDZ4HY
Protocol: H2
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray: 72e4cecbebb59171-FRA
pragma: no-cache
date: Thu, 21 Jul 2022 15:00:43 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HfDXiQF0uytw2tPDm4ks8D%2BWRsnuuFeYqTaPohA%2BZGyT3cIvxQH%2F796hQQCfXPwg2uuwn649yL8becOcSb1zuEnmqcD9OtVluPYoGPG686KS64bEi3%2FRrojlaRDORaglJM%2FJwRlv%2BFOtcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:43 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF3Qxt6BKR0n1KoZRP0ufT4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 4B58
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YtlqGmNDH3nKuhWYH7btgAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF3Qxt6BKR0n1KoZRP0ufT4&google_cver=1

43 B
913 B

129ms
84ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF3Qxt6BKR0n1KoZRP0ufT4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYjYjFwwEwAQ&v=APEucNUkYr9NDTfErrgRmR0ljYRJXzhmmO97HUPjy2ocZFP3Ga1lDzAu7Oo5oxoz0G-zmFCoBAsOs8Ih_T2LK640LwPA9WWlrpPuxlFSG0YpTelCaYwB0IiY9btBtVQxY8nRifcyF-PxMhPootOmHAliRzo_lyhuUtThfNAB75lKkkxf2HDZ4HY
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray: 72e4cecd7dc1924a-FRA
pragma: no-cache
date: Thu, 21 Jul 2022 15:00:43 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EydkCKi1c0JRUmYv3uNQ720dLZ5xqNBBXNy5IrsBEw%2Fa9BvgBvXBd9NgFQP%2BXpy7CaBlquYuNKoJ3L148K%2BT8eUZHs9sEdJEKsDeRjCEZQHG9D9mtGJWO8MjP%2F%2B3PqosA%2FvgzhjDgt09gQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:43 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF3Qxt6BKR0n1KoZRP0ufT4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 4B58
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEG5B75OWZaxQHOGm9nbZkc0&google_cver=1

43 B
1 KB

124ms
44ms

Image
image/gif

185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEG5B75OWZaxQHOGm9nbZkc0&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYjYjFwwEwAQ&v=APEucNUkYr9NDTfErrgRmR0ljYRJXzhmmO97HUPjy2ocZFP3Ga1lDzAu7Oo5oxoz0G-zmFCoBAsOs8Ih_T2LK640LwPA9WWlrpPuxlFSG0YpTelCaYwB0IiY9btBtVQxY8nRifcyF-PxMhPootOmHAliRzo_lyhuUtThfNAB75lKkkxf2HDZ4HY

Protocol

HTTP/1.1

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 21 Jul 2022 15:00:43 GMT
X-Proxy-Origin: 80.255.7.107; 80.255.7.107; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: fc8818c7-22a4-4dad-9159-af49a18d1614
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:43 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEG5B75OWZaxQHOGm9nbZkc0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4B58
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDUwMTgyMzU0OTcxMzMxMzYxNA%3D%3D

170 B
188 B

48ms
47ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDUwMTgyMzU0OTcxMzMxMzYxNA%3D%3D

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 21 Jul 2022 15:00:43 GMT
X-Proxy-Origin: 80.255.7.107; 80.255.7.107; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 30c4375d-1682-4d0a-ad9c-efa1357e938b
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDUwMTgyMzU0OTcxMzMxMzYxNA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 1F9F 106 KB
37 KB 160ms
83ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/
Origin: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 08:39:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22865
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 22 Jul 2022 08:39:38 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220719/r20110914/elements/html/ Frame 1F9F 8 KB
3 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220719/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BNb-CUofhP6yqVYu5pu4vjR42lf8CEaTDhvWgipmJEIz2lvYxOdCHSft226NTlUGi5SQr-X4MFOfW4mhMb25KMr3CgRa3kK4rqwbaidkcn6L-yzYgIXbB7K-ZfTT6jccKTyVcDrJfQupEsDHKlUsHRLs18kg&dbm_d=AKAmf-AgswO1kOHbT0asOibUkEdJf0TLnJqx9Ha9-ukoQagW30FU_Cy95oBPmKppblZ9AVdhuM85GyqHS-0-QL6b6LgN9zWh5H4mb4E6s8R3A2s9HjO7fcB_1X47JQ95zS0TW4yZ1-Pipy-QDpLqv0TqRUQ2xiG10t9A9DAc4bRx66pHdadAVevZ1s8GXjWKJQMmwVGRqG_GbpOikNsG2O76Br6UNMwPkhpgu8FjbEs8oUAv-qbTXO6ubCtS8NuXinhcFgHM3-PmZfCkQ17v2RO8GEAec-k4TK7xjnVXUwzIb_0DPz3vVWECISWAaYTUtSIItb_vFtrWSxaVLEZYS0eSV2_hGMLbEfvq8uHRLAZcJR4D66B3l9RNI2bxcu7jvR7QlwmYS1dTeNqRSPvXOJgapa_3hmSebozhyH02WF0Rdy4mMXYG6wWfWVAvTYJNXc3t0JKW4uY5o7eNhU4qCae2CBB8aRXDNK4C2jkFEFEu6JIIXWvmdbl3J6xXVa_eGLF_4aNRbrtyIDZwUQMBQIRKnEKzQk8khsNAH8g_efnJjmXYmiZOMH1xztBauOlc_zqsfbgoVB9OWlRGZxGeDEixEyigSEgLFvldAAQ8XxMjHebiV3vkQrOehcuWFiV7a5XMWzQV6doWP6FQ7xuC3lYcSExEVAVgwQ2L3biJYNlfyVotelU1iDeiPEBgjSSbEWAy2-mMNZ5-QFDXfFLSnoFglOOnCXSqaG0Ar7-wjuOelSltgmP5wNQSeJb-bipTmzubHxC6Du8ONk4t_g68mDV-JwNfuiqCOY6PNyL5pWxdxMlWj1JHJ3xz7ADV0Hi5Cp2eCRP6Roxj-pbc6Mhhy_TXMmz3MwV1za_RzOXcalv0IzbbRJZLQF4XIvTF8PhLmYw1YCQcxUzR9J928AeCXMGV6_lV5OFlZ6YOUXIzwgJrxx01PQ_KpAF-tW40nzlJ18StS7NmkCacw501gfEEXnEQbJEswK9EAeVyKCmA72gz7eNsqu7U2W4GgtRypcv0fNFgivjUuHOUG_-NdiGn4Us5-nGl9yv8ytFbiTlTaZxE67qN34cdFGBDZrvU50__bJj2e1EHz1716GjleEG4FOB3dPqkmlnatMlb3cKkDUquF7H4C1-wpmX41dM2DrDXyubpTl9Y_hsSTBvqiHYLtTT3vwYpE1SyQBgKhX6msdzI-a3zZIfDBErGG7CKrRmAlrEsOZoOXChx2hRcft2HmjOrmpHlZNBi59NHpSRRio-SE-422Lg-sXnJiaXlva7q63k9DcnkdHlq4bkyP7HKD7JzHy0L-r-gqToep0U71O2D7gXI7uKtPGxwWtoR7nyKXhMfYR3bn-2cM7rat8wRnb16FY9unzcCAmYsKzOE5kHzJk2NTPr93wTKYUQuKcvOBDnzi0pRpCUC-8ION6PaR2IWs5Z4Jpm1n6CUuFIyZBnelyL1guBrmFEWg4CHf3v8exuXzN03LxWoH94r-8pRV5dZP90gN6O7csbtetlXkyyPo133dPCS7VHFtt-SZ7s2QznKqEVv4V4-muCJRs7cBVJJGz0NNXBHokN5RHuVTxZumY7gd-JyiaJB_LEV8-o0Y5DemNr59Rb0QaLHNoMVjsN7ILRZgPsDIIbk_dcprnoE0lMoGcov_1ULNCXIivQoeBRYTsMpm9LqjVKXKHaOpqp143WNL-6jmZFevY2jESY4pVHG5_FzZYa9l4n5VpHzw-POspXNax9Q2H0hKTm0UawTG7OFXNPf32wxXVhkVzkbO8qiTnhCU-VrQ6DStUxU3sWG3vvDJFAIgwYKZfawAL1Er_gyOfmUGcAFdRFKidvX8wVR2KEF6OIPj3Fhc2jptogKPTwVMG3nB-oFUjlXivu8toEkIwTnCF7L0mXijky2wsIR6Om2tfsBaTSkDCRpP2MxxdLprwBJBYJowrIuewVlKLlvXI88QDBSHe5igidllO9DzoGLQUm-o3z9qvNBrWYogEFCnx2yWADv57ot6FoI-AKbAVge7tehv1Mzb_I9bS1ENKwmvneE6dh0j3VyB0XFdMWDMdfPttCU93g3wUHh4NiN8wk2DrorS80Yspbir__pMeD2n277WgEfIgq5DlNPROHEnWKRtnmq-Rr4ELj1ITT5vrtWWE0b7RAFsKnT1iHolAkk3OjKzyxiXQ0TCNLQeQOaIzLXj5LkQUonstgJqx7CpUTgj-jhj3MC7A4I9iwGkz6wzXhgnkhP2zySn8ZRBQ6Xs6vQO1KpiI8r9jQpS4Aa0Mh8o4svnLaMNsuQGvdRMJvSy3N6T9OoaajE9F6il_ugilo1yTmuVhzYYO4pure2Hq327M4siViaywDI7EnP3fLCQ88FusKvGx7OsGw4r_zGkyfJ7UZT3tDlSpVVqJ44iXh0RkKdLqYVYkFRjtewAq5vdNtdgQeJrO83BWfVJEoM7L4j3akG6CUVwEhbp4dLzwF-nXsBEYb7BybUC4n9e4xyIE1PjIW6t0amNNbz76u5_trJIP3Ysxaa6cPtLLwFKLhO65R2YngB31S60Rq-hvRfl2JzVO6RftGKNTkBgmrmE4EhbLEgokF56B6_DAErC8iSyA8oVDyh6XGxOtP19nKOrE9Z7KgAEtrL_0fcxhem11kpcWNpJ4PPHpGPjPiMdOK8kf_OcBLmDpaigJaUlyVjCiWUhF56GfiULqiOor40Cm6pAF1yIqev_MDMhFNiHKRKz3tzBvti_Jigc3wIgCRAnKS8bO5yv5oZWi2sSI_ODI4u_hpH6ml8Q-yFQEJpu8grGZZc0Hb0j8IruR80fc2TJLnyxGPB2MUTR17XNu-JMjn1Zu7UB8N6QJLY4eKuyaGvgv1b1p1IWGCIvivNCkfBMAIRE8mscE3jQzsHOLbtfniRoFYS_fX5rPPx4Fwx9UfEoeNocGZbyVSg8qM3UZ8EFckFJoGIhF86T4lA6UGjbV50562p6jdCidt0k7EdiB8hXhWqz72PsBb1xIXEXdWGieNLtFUN2BOrNo8y6h3C2KBBMLon2MG0fN0xIZx07XSIea3vcaJ5hQkdONyPe-zfbrYDAr2mz5u7DtuxX4trlDe42RHnDsf2oTWtRUKQpSlbH8CWFA-mWPrAQSPzwLFPiqY&cid=CAASJORogU8WW7v4uQOhX4dOLIA2fly3CoTJtb0GM2CEkVkVjFH4zA&rfl=1%2Chttps%253A%252F%252Fwww.walla.co.il%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 14:57:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 173
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Aug 2022 14:57:50 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220719/r20110914/ Frame 1F9F 27 KB
10 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220719/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18091a39db3bc6d68a187de5d46d8f28e49beb8d9431e9c8e5e9db7cb071dc65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 14:59:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 90
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10561
x-xss-protection: 0
server: cafe
etag: 14610481443806215460
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Aug 2022 14:59:13 GMT

GET
H3 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 3D3F 106 KB
37 KB 105ms
39ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/
Origin: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 08:39:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22865
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 22 Jul 2022 08:39:38 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220719/r20110914/elements/html/ Frame 3D3F 8 KB
3 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220719/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AzVpCA_CpyuBlQZfLIenbAndMhhRMP750v9UTJPkqBQLlYxawzF_uRkrYHMCBtlFUEoCo5wEgKCn0c6jwFwttUKHABi_OPSV3muGPiHWMtyLC3PP8nmM-XfHwyTcp9Ki0zh0ComM02xWhpSIg7DHjtrutrYw&dbm_d=AKAmf-AN4oNAwr41q_lTP66UdOnEuKpf87Z4nL3saSE0UezjJ4GgkNBtum8ie39j-d3Y8hAVFiuLoC_Z-pfEoD0b7Q7kXIiGc1rkTIH9ZruxUytJo_2vwgqGxyB3XdN7zPXJHp6NJ5NrfigosCaxzHk6dgyd8j-JmS7T1fGKcU0ar0L2vcHRZEeedmQKC-Y_HbXhOb_SyhY3QwMBLX15yMi4pszimBy7t2S28MISPM6dIOwgjVEYlbG9fJZDkqQ4Ix-pqV9iJokV3IlFb0KbwyUAdi5ha9aSfPt9j5IqDW6DKWfPzGDvxmLGVVSfqGijrqbMHNn8ItIj_-HGpEVK1WiNbbLYpBYi2d5o839Ga3kwxmoeJ1RJB_leDdQqaCuD38XQMoXjAK6IJAc5_gffM9RmYmak95JpVY9N3DaVVQtKClZyDJkh3Ea6ce-H_xkuRvzrbr15rDEWwWIQIP9ATnJ8jHFshZ5F3kpWZ1DANRkcSUPM1hBy8ngBAJ3YON995MRlbEXdgILqJJSD2hrZzWQLUtKoMQRtSexIP8mV0cm6xqi2q_PDNrtjBtB9sWjoSTyWkI_i1RBM7mT3NNQQQZefESIseaw7xyATjSVEpyZpR_76NDV_wPaKeCgeJSuETaLREGvd_FwROCvOwJFL-Mg6-Lpjb3px4It8PcYtcrBGDLgbAuIGL7facT-TQO7uIcqr0XbRs8oUOgyN0hFv7iKbbjf4QgLbNX7R-BNdzclx7RekS6564ExdfTdzEAQ4puFV0gvpKNt__qUhibNO81a4BxQYbyt2Ya3CK6GzV81ek6sWNRRkaumW-NMbQrbp3XY-afD4G1FU372WKTboIIFVCCg_vgFBQWi26qA7aYdbe4peh0EnKV6BFLa6wNHy3q7WyggLNv6pZ8Zgq0L83O2adw1F3PJrgTNdz9ghelgCVcjFL6VRlXqaTKPcgemqxnNoraay-HJ6PA9ciYLWtgQMeEl1uXNfBCXTS7N4bV1MYeCWSPHEo3fkyqRX9z0M4hA0htO3QYpxrxEvXs-5yaRk5HpZ1ft9rnlhM0HGqdzGRs9yueLNqpPQILLEw9JJKhuX6Smm_D9_yYfO_qiBf-CwZMl-BmNna3jAkT3yWIajEYjZzTfcKOE7ArPfeWxVTph1HcIy6vAtXuAK8rhd3FOlvnzJjCtVFuXYNrOS2Gm661S9w8wswbb2aLAGehpEee1vRjW5qPhj7DFUpSe8lpYZXoJ6xedWfnPf0CJtMd2zqghviHuATDAYG0Q2uNvU0_NwS3qp5cib-R1lCvuZOBnrpDk_HMAivGS18kGXQH1hp1YZ9PuMmCAw94KDsFnqV-wNvV5wv7x-zC3k4QE-gf-y2H_r8V_QFkFZ3pvzbCSHjn9u-7VrxEQyPFZdrTZTZEG9DBVEHEQck_iwvayCTj-HIk1mQ0Aiwgdffzp7kFjP06emFJ2A9bZku3DUum9qCguiEkfy0RX0FPSKD8BG3ajWSD9JvEHvrl09j_RDJTvqfggSetb_xX9kdtH5nARiDFwST-sCtDw58idbraBq5E5d2Na0mS0JHSfa7cG7CUCQZ8192W-2g2lVcvJ4Tp3u_2JpQBmBiTYq8uyJWHGYWUHGKhMqYuI-AbPooKBwv2JczyGc01KX4rx19d88krC_xjVh_1fsY4KgyBemoVbSArjvTeIrAZ_jxpA0P_pSjLMyLlZTlJEp0JwonDwwYjenPb-UM6zYaHzZdzK6tWJoT-cNSSTil80aXyfskmal08iods6UVzJa0m2___GnkT-8AMwS3n0XM0Iv2oX5PlzLuS5nQ5W5mtDAPKGZa5WIEv5VOuN3dsHOE1bx4p5FANDXKzEsh3wOGHd2IYwuwDr2vES_iVsmsXDTu6rgfbaLXgVxxRvAQB8vXOWerH8oXdPqpgwvNOUF7IGBcuNN8I1kJlIAWxF1Y3W0R_H60Ql8qS6i7D7rTlgc5jcvan7WTEa5zCRZIzrDep0c2xcMiaQasOYHxfobSo8F-ueMD0YZTRs1-hwMWS4TZ5jafHGnVAXDlrG89dwee-ce1tP9ICiU12bsxLTqFxLZ7zBBv0ujPdAYozbif24E1byDKElIjKomk2ESQsiXT0U63x423-WrSjab8rfulyRvcz8rL52HEyDWP2_83dMTk57Kn0ec0RRmIAG0qcn-QR_btmfsm7xJNKtP1nalkd6nQpY6Dk-QSecOqW_lQViSuoUATwMKXJUVRQK3BDEb1ofGKZnbpLXJYhDxPyiprO0uc2e4kegeRqoU9hRWb8QRsNZ9gIiJEA-0JG9VOdpAPV27xRMLFzJApP_T9vXu4zrgjiLIsM41oEzKUA815oIOeeY2sgsB6i7jyLsIGGWZ3i5TFIbYrmoZmIpH1hgbZvzcGi-tc0vwMlp2gm0T8QAjBUvXqc4QftEORUBHHFySbruMbi_V8hGppnbJxAX9jwRBaoaK5qgMWkd8Dcqb-rmtj7x92GmnGFsYmzM-TDcfjvJrTYJ6LHwNyfHxCZjwO1PeOu0tdh5nGCL5Re7RTYyGt3UUcJFVOX_ad9xo-7JXfWpsDTl6t2_WzOpZSg9pEpWHir58PnJ4H2j2n3cGgKyPOyICvRkyptDHM-oZWYmGAcElkfjKXAtWc8enVyYVenYA5hJLlBQcP-rPFOi-4o3c0yVa_z1dbeXL5YHBmc6_TTPUVHn0DZYbNDXxm8BKp-kXy0XYP31W2aubp3-B-g-fPi7UCKyRJvpqWNiZ2QnBor-aFna22aTyM_zjapju5dmSdgNoB1DPbycH_dux3j29ui95nz7kNjgmhbjc5YowMeninyY4gjvtDrCRlta4MrvpEfnYY-7wHqqPyZQh9IcGR0MheYaFZK6Ykb_9RE6laFGI3enfOkuIEfjBea3I6qyVuqGbclQLl7hm3j3845zBdZqk6ZcFac-fIFoY28tf5rqA2LeeCJG1e3H9tRVqxmUbX5irYxJBhsT6rqqJr9faREjD_lSRvFYse-76UHlGMij6teNllQ6Guh_chtRUiztChCvz67sAIb05gkNq_idvblph3NbKRF-yMTxZoCzp3S5AhZGUlVw8zlqBgGkZ0Khqz9ywjZZPA8U7xtfk4Nd5sBuIQa7Vi-LixXB7kCGk434p&cid=CAASJORo-UmabLG5cOX9z_bI7H_vrDreCLOI4PUHDcskyNVySL28jg&rfl=1%2Chttps%253A%252F%252Fwww.walla.co.il%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 14:57:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 173
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Aug 2022 14:57:50 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220719/r20110914/ Frame 3D3F 27 KB
10 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220719/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18091a39db3bc6d68a187de5d46d8f28e49beb8d9431e9c8e5e9db7cb071dc65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 14:59:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 90
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10561
x-xss-protection: 0
server: cafe
etag: 14610481443806215460
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Aug 2022 14:59:13 GMT

GET
DATA 200
OK truncated
/ Frame 091A 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b17c083d86a4756abc397b7b7d90668cf4c472bcef0bd385e892f4e6a31256a1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame E31E 2 KB
1 KB 45ms
44ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YtlqGgAFNCUKiwPEAALIE9aJRzSyiqBzWw2c6w&u=%7CqsgVBdWIBWKi3O1T0X3TVeUUA0JKz5vD%2BoyGGIFoFs0%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T_7v7MIbxeCIouYeYmYe5nfpkdENW9zw8__u0H06LL-V3FBZJXfVtEuA5V_UJFWBfkVJviLRjf0LUYDUeBpT2bGc6htSbZT1DbxUsaxnVaf9U0IdwcBJgMihiotlAdIZ9ngN63HIQFFCNKX97iFhRFJXj5-jAo3vfBaOxYfv5FWVeGOw6uiYCKHzNXqaDZ68I1Yk_QJ88wESyUX6P5FD88jGcBMONR8-zcBugrKhsCfEgJa7gXefbLLMAiDv-_5i0E3-f8xOqqm6ATomjGRjdkef2NXBdQZzAEQPQDOWv6XD2t7TUHAyoi7sPAGgSlwnLUD26J744XLRuoCpNczhOUVtc6td2Yuae7cfAtVH1BDjFSJPCji6ayqYa4hIpTQea255ggakl6yVM93DOGQs2yI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOowhGmrZYqXoFMSHrASTkIuID8me0rFc9dqW93DAjbcBEAEgAGCVkqCCsAeCARdjYS1wdWItNDQ5MTY1OTQ5NjM3MjE3MqAB1bbS6gPIAQmpAkFOc2cJGbE-4AIAqAMBqgSAAk_QDMekR7MhxV9SWxYJZ97H-oxN6zY4Xv3AmhTk9DXA4WLFQQkm7v93BMRdOarztGlk1IlSWWNlmdw_rpl2BlFZ53nuLhcZSqceqPy2XEO7dCAZ7oygL2ojFc9vUftpgMcmHF1VV6f8uDIhWQqF8LEd0CWyjqWeSbby1GPW0rfvOpkGHG7OLP3f1uw_4YCghG0jGcIFaAx-q1aWTMIRYrB2VmO3GeEz2ymainGAUQLkjXF7BqJ5hfILUA2ygpfdKLyEALlt7cgYFbHXHe44LXqF_CjzS0AAuHHZdQA90uJtMFJTE5ljQ99qectmiZn4Z_QKeUf3mf00bI0JG7YYX3jgBAGABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0hkbs5D1zACmoIy7Od4rsiJ5JncA%26client%3Dca-pub-4491659496372172%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:43 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 16 Jul 2023 15:00:43 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame E31E 2 KB
1 KB 41ms
41ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:43 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 16 Jul 2023 15:00:43 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame E31E 308 B
636 B 45ms
41ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:43 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sun, 16 Jul 2023 15:00:43 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame E31E 293 B
621 B 44ms
40ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:43 GMT
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sun, 16 Jul 2023 15:00:43 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame E31E 43 B
347 B 49ms
46ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=sKZ9SblkCGb828bNeiVoBjvt03lcWhm11LfiHQ46URmdQxMJ08-Wf7uIh--Qwv4C6vQttpPZbbV7U87FnU7dhbjWmtZ-X-HT-yYHsakNcOxZ7paZKy7PbNSxmATq-v7OdfiYHFDJEr41z-kTk7Dt2_jpKJHk6lZcrpepMi2zmw6i2i2vldWen90bmc5Rhtwf3NVKZcBldPRxlCSddfUDQHsGnJXwTIgvxS-j22rsk7HQ_6X356Ed4N7VkcWLrA4I9biETZFihSia5pSWcIyX1FCnZD3SQKkVsRv2OvKSnS6X8OifUyaJAnSpo5jZ5FLXG-ez5edU8MX9fVGKwsRP96M3vmG9pT4kQsT2obhiNPS6J8FuSXOwtkL4t8eiKvyxNLxzMddyR1TIAFS3VtU7frbbMaj4c1MVIpkmbrA1OxGC_DiM

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:42 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 4503223
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 m
secure-gl.imrworldwide.com/cgi-bin/ Frame E31E 0
687 B 186ms
183ms Image
text/plain 2600:9000:223c:c000:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1658415642
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YtlqGgAFNCUKiwPEAALIE9aJRzSyiqBzWw2c6w&u=%7CqsgVBdWIBWKi3O1T0X3TVeUUA0JKz5vD%2BoyGGIFoFs0%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T_7v7MIbxeCIouYeYmYe5nfpkdENW9zw8__u0H06LL-V3FBZJXfVtEuA5V_UJFWBfkVJviLRjf0LUYDUeBpT2bGc6htSbZT1DbxUsaxnVaf9U0IdwcBJgMihiotlAdIZ9ngN63HIQFFCNKX97iFhRFJXj5-jAo3vfBaOxYfv5FWVeGOw6uiYCKHzNXqaDZ68I1Yk_QJ88wESyUX6P5FD88jGcBMONR8-zcBugrKhsCfEgJa7gXefbLLMAiDv-_5i0E3-f8xOqqm6ATomjGRjdkef2NXBdQZzAEQPQDOWv6XD2t7TUHAyoi7sPAGgSlwnLUD26J744XLRuoCpNczhOUVtc6td2Yuae7cfAtVH1BDjFSJPCji6ayqYa4hIpTQea255ggakl6yVM93DOGQs2yI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOowhGmrZYqXoFMSHrASTkIuID8me0rFc9dqW93DAjbcBEAEgAGCVkqCCsAeCARdjYS1wdWItNDQ5MTY1OTQ5NjM3MjE3MqAB1bbS6gPIAQmpAkFOc2cJGbE-4AIAqAMBqgSAAk_QDMekR7MhxV9SWxYJZ97H-oxN6zY4Xv3AmhTk9DXA4WLFQQkm7v93BMRdOarztGlk1IlSWWNlmdw_rpl2BlFZ53nuLhcZSqceqPy2XEO7dCAZ7oygL2ojFc9vUftpgMcmHF1VV6f8uDIhWQqF8LEd0CWyjqWeSbby1GPW0rfvOpkGHG7OLP3f1uw_4YCghG0jGcIFaAx-q1aWTMIRYrB2VmO3GeEz2ymainGAUQLkjXF7BqJ5hfILUA2ygpfdKLyEALlt7cgYFbHXHe44LXqF_CjzS0AAuHHZdQA90uJtMFJTE5ljQ99qectmiZn4Z_QKeUf3mf00bI0JG7YYX3jgBAGABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0hkbs5D1zACmoIy7Od4rsiJ5JncA%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:c000:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:43 GMT
via: 1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P2
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
x-cache: Miss from cloudfront
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-length: 0
x-amz-cf-id: oz1o1iBu4W9Elcc7S92Dpmb0GslvCT-0cpeMVTMX1PkA5LW9VzmcUA==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H3 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame D961 170 KB
59 KB 73ms
37ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/
Origin: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 17:51:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76174
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Jul 2022 17:51:09 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220719/r20110914/elements/html/ Frame D961 8 KB
3 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220719/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DukT-7y8uNpKX-hzzdfRT7ri7a7a_5BCgnEk_rpDphcGvGR6SlaewNDCQ1NntAN503zzD1hcaBGO1f_vx4XDeX63BgS0fkJT59nHNsajJhrkkYlLOhLcEPVgZlV6bsi6oncMt0307W61dAlxAKu6uCyY9XEQ&dbm_d=AKAmf-DYpvBg3CLD6JbVyzxgiWOh8wMsbbmJKlMUJw26lDk5uiGoTfHzUYfrBWXdG-t2AboMuNXeJHeC4e2WmLGGUsPgGLSFzDrrcocLyjoUMtakuqxGNwSp5L3haNZeaR-nU80IWEjFxxbIF7C0TUT0UPnDyRrk_1lM-OgJzU3YHMgosC45rYx44jPjVfDgqfakutIAokE1pnf3VsZYUHBDiebH1K4S0xMX-6vsQ0D5g2ZIi-7vy4a5JR29klfBQL02K9NtZextJGLswUfqFUPxkUIvWfwXR75RuPzwD-LMisw7tHr3IV6u8VKzBs5NIxiHWkEyRZFTmZUq3ofEzqxSlBvHpRUc6Vi1LAFdOVGfp8Wm5RrsZxHHbovZlRvrwNpct9MccEzcfz59yR4U2H-x1-NGxw_Ubi_Lv-I63W9xZOwWR70gyXTyUpa74Us8v9oXQmn_HeQepZLk28v9EwoNRDfNlmYMF4BG4o1e15f5MNwBioeoCoIPi5cxO9if8KbIuCEiYV5ILe5Ogs78tRrfq1kCMO42bYBgF1twlQYOd1P0Ixesx3cCADXqe7qyQVLMPUH8rzwO7cfi0pA1QyiKCxpgOHVYyhX-l1JtS2UYrlXO3TqfEJaMfV5Yl08ynNYl2RTISkuGzAamYG8HddCiRGeLJYmebPPYk9gH6GOIFG7MLOHu_y9XOPhZOBBKHy47qU2D-1KcO25raE0klnrli_tqzv41EByea0C162jYhyDif13nm6nGF6vxm5pLIwtZCaRyEF8lBSHYsOPRKUUhaM8uFbXIcQxtDv-RLExt6krP0hanDnuxhYY-IsUoWU6wq0QEO3kSSvLFU8gCl6Qnnj3VVF_skbxF7PJGT9DEEwgdX00FcKv7HuWZx82Z_6U8N93O8jeyq1CQivgP4E1BOWCPSrRqFphGYQzSn-KjQY7pzi-e2h_FE3TYLLCGbDtDUeBPebd40QTztMDgyoLx96Mnb6CvyMLMa0u6bvOR-vD1OQG0pfcZXqei9DOe2lw3YtYBxEINvGvcEFjrEzQXALIRQV3dzkYsmFHyU4AdzrllranDpfz06xNUBBmwZFXrMTtUD6TWfgia8FXwkHW0o1j0fuUc5t5_JNUMSax_PAYfPJ8aIlWswKgOGXM5puc0WAb62e9MR0Ji5mcx6TD7X0qy5f8ea4G-y8G9mjqU5BmSyMlq79XL_S8JD4QY-6K726VoJGUroDlakYA1l5awVLEys5jI3NsqXJId11HKDJ0AsIE5pEYDW-uqRSMAip8SzFUuszeVxcSEAkbvME2R2OZt9rHtL9i0utPPf7TjGAe6tavYxrM1B1X4XvJwnsXHRarJkw07__25ek8OkO-Cj_IjwmrBeC18TZSeZGoHARz6YQMTgY98d1AenoPMfdx2_YAuJC6disUXo4DbDfgDtZcTVujGQzZL5NrvDqH5kjvMM-70YraG-CWwk9Ex02LfwTp-Pc3B17qIa1uOiKzqNMQKXU_jhRyzoRx87SR61CTHk-E071BNtOX74NciEV3OKvxEI7aUZmoMaodU-jQ6m_lhOlt9D6L1MSUjt_VnXACoTJQYN9vXdB1kozt3d0IO5K6tSJ3ll03Egkto46P4-yjGsrEuw__Es0ler3G2wy5YyCr5O7rnyLxpTjetKIChVavn_5QYTES5D3Z9ORgzVbIyXRBdPo54clmTCK40nTXLMZlh8MBIIRX3VJGh4d3VB7fFdHZk59q6cYZv0kwqy3i7HB790t9pj_AJqLDMUYbelh7aYqZ72agNmwSprpf6ICkb8c_jR-PEpLVyAi38vjTdeNDnQsM__x1r8x7xziIPOgImXoqhh8JqiToiVZjtGI3HYr_FxhD0BgO8HjDojxBFbsDJXx_VrtGfUXZGK8DcUSJqU6oOMvk8Rt5jT278lhw4gCQBj-iBGAZb1O5l4MRYBD5r0NaZkT_UKCfGcXwkz5f-9mscdjI9bIshXkekRK2iGRPbiKCZ0l7hMooNR6Qm1bRy6Vu51WnqdkwxSLaoUl2w0Y9UzC1a4_XTCHmQcBQ9Cm4lMwvDxlQxbmEERsFuIUdMUp1fAXZv4tcmhMwoAsX-cR-kTyDkG4agM36L-siG3B8cnB7VNJ5MhtVGh9tAcsK0ecE66gn6wwR923Yx2lLfypXPAgX1QiylJv_BNiOtfhc2PQZVciA8AfYMgdRgsSJa5dEZlbL2eZrZ83qeuGXHLgfZIBQVd82rmi8Je4FNnz-1LLQSu5e9QQu09OdmWXxp2XSKoDR9bxRBw7B51stCN4b1PPkHyNM0SwR1HIqFwqUJ8_IrBJsTOsPlAxZahj3T25XjyyZuEkU2Q85kvuSztPOmL0BU7BYohrJQAZxaZrhgii0LsndmDzf9F-OI6ZgpkD2n0S7OZp31DGOQDedpdAxA_OLgjD9gvpqMDL181m2yJRX20tfem_cLf9Vc9tlBkPUOgavcguNjjRfPD3Oz4lGBPDI80RJvcREZc6JSAwwkDaHyB7FzIcm4OXIuMaL0Jo_bPJi9uySDCV3zvUlmEHozgv9TNE48Bw7_gAZ9AGbvDiOqi1QBL3f-N7VTxN7RCwVIajVbUPLXvAWqX14MV9Fs0tQ4mxScY0g-5yAcCu0euT7MPQGseCkEFDFn2nXaUmuSnxRG_GpvWdobmp74v9Xke1lNHQqb8GuARhkFMc0XOlzmHm5MaofaVnV7nS6XTezqRc8O7dYKEQyE7N-9rt7SW6A1YIWhQ5q0cQyUKB2S0yV8xz8eQhHemipj6b8OKtQY9KUL_AU6DwQfeyWRnjO9Z1tnPvj1lRwvE0d2YajbtXIj9CuOzxKofrLLS5m8ZIqzmd2U3muIUAG3lsaUwhmm6S00uLAtBbzXteneH1liNkQmQN9p5CC6KJyvQSjOYGPxgUaXQWl2Rhz3trbzhROftbEtAM8G-kEdum6p_D60vrGgFRR4GZl5e6_INOEd-QjJjzJ8gPpHqopIR5uXo9U0NLMRRgLaGrEMqpF9Tshtcou7DU2_BE6Af2k0825VOYwrIBO5iDYKKuYCGfbSRhnYQIdsDLL_JD-X76GNvJ-yMxEqza5rPHB5b_h3hYgtF8m9zS5VoTF7GUQ6UvPAkr1uup4hNubSgUey2X3v8A3bLdesZA1xS0iHQe8Ud1NqOg&cid=CAASJORoUs3tl79BzfNHQ7SFMtiZXYHOwyZAUNSmyjaAXJWsB13alQ&rfl=1%2Chttps%253A%252F%252Fwww.walla.co.il%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 14:57:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 173
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Aug 2022 14:57:50 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220719/r20110914/ Frame D961 27 KB
10 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220719/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18091a39db3bc6d68a187de5d46d8f28e49beb8d9431e9c8e5e9db7cb071dc65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 14:59:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 90
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10561
x-xss-protection: 0
server: cafe
etag: 14610481443806215460
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Aug 2022 14:59:13 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame B3A9
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEIndeHAqUB-nq52qF_oWNFM&google_cver=1&google_push=AehlK4BozTjRzsnBSV8a8082ZHh1n9m61bJB_MCj-_JRUezEY1eRxdgxcyBVsMrGA0Gpo-eVLzWvP4BkT9EX0xKx4gqnEsmIORc
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzI3NTUyMzQ5MTE5Njk0MjcwNw==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEIndeHAqUB-nq52qF_oWNFM&google_cver=1

43 B
398 B

91ms
47ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEIndeHAqUB-nq52qF_oWNFM&google_cver=1
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:43 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: image/gif
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:43 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEIndeHAqUB-nq52qF_oWNFM&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B3A9
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEGR2b2onSj-EGUKtmhqY1HE&google_cver=1&google_push=AehlK4DE--1wEYiGMNtNRcwBJFKNQLDmYSlAEVARcf5I5pFNwVCm787xLekam4x7FtkYdac8Z-4HVN30krKHlLsFKOThF1yrt6o
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C75506021E674776875B4E66779F354F&google_push=AehlK4DE--1wEYiGMNtNRcwBJFKNQLDmYSlAEVARcf5I5pFNwVCm787xLekam4x7FtkYdac8Z-4HVN30krKHlLs...

170 B
188 B

48ms
48ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C75506021E674776875B4E66779F354F&google_push=AehlK4DE--1wEYiGMNtNRcwBJFKNQLDmYSlAEVARcf5I5pFNwVCm787xLekam4x7FtkYdac8Z-4HVN30krKHlLsFKOThF1yrt6o

Requested by

Host: 3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
URL: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 21 Jul 2022 15:00:43 GMT
x-content-type-options: nosniff
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C75506021E674776875B4E66779F354F&google_push=AehlK4DE--1wEYiGMNtNRcwBJFKNQLDmYSlAEVARcf5I5pFNwVCm787xLekam4x7FtkYdac8Z-4HVN30krKHlLsFKOThF1yrt6o
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Wed, 20 Jul 2022 15:00:43 GMT

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame B3A9 0
191 B 182ms
52ms Image
text/plain 66.155.71.149
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESECQEBcqMal_CoyDdJ2kRqsI&google_cver=1&google_push=AehlK4ARZsUtOKupjvrI0TL2e_8RwknPvUNJHy3f0bbXIJIBvzJwe-rc4kL6iF-4idevh9vjMdfExX6EhzPTdjlff-qrdKG4DA
Requested by: Host: 3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
URL: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:42 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B3A9
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEBFZ6m4QLVNyrxcW0JTYlp8&google_cver=1&google_push=AehlK4D31WIAtHtLFwATLWr_qvANof7wryVaItisY5NG91MwgSCagtf15H9Sq4lDXa6iE_kTXRA1f7AeSR-P-T...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzEyMjg0MDk0OTg2MDI2ODE3Mw%3D%3D&google_push=AehlK4D31WIAtHtLFwATLWr_qvANof7wryVaItisY5NG91MwgSCagtf15H9Sq4lDXa6iE_kTXRA1f7AeSR-P-TOIo-...

170 B
188 B

48ms
48ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzEyMjg0MDk0OTg2MDI2ODE3Mw%3D%3D&google_push=AehlK4D31WIAtHtLFwATLWr_qvANof7wryVaItisY5NG91MwgSCagtf15H9Sq4lDXa6iE_kTXRA1f7AeSR-P-TOIo-7Eof7Olvk

Requested by

Host: 3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
URL: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzEyMjg0MDk0OTg2MDI2ODE3Mw%3D%3D&google_push=AehlK4D31WIAtHtLFwATLWr_qvANof7wryVaItisY5NG91MwgSCagtf15H9Sq4lDXa6iE_kTXRA1f7AeSR-P-TOIo-7Eof7Olvk
Date: Thu, 21 Jul 2022 15:00:43 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B3A9
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEP1UntdQ1tBLrBfaIfiZvZA&google_cver=1&google_push=AehlK4CZSdkdSIrG-0S0a2Xc7EMqdkcvq_HH7KFHm5NnMELrgEZV6bzQ9tA6pWIg_j1dBd-YI1wy4P9lPjjtym9OL36X...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4CZSdkdSIrG-0S0a2Xc7EMqdkcvq_HH7KFHm5NnMELrgEZV6bzQ9tA6pWIg_j1dBd-YI1wy4P9lPjjtym9OL36X4QfmbA&google_hm=DbSRmG_0TIKLYv_5GjWaQQ==

170 B
188 B

57ms
57ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4CZSdkdSIrG-0S0a2Xc7EMqdkcvq_HH7KFHm5NnMELrgEZV6bzQ9tA6pWIg_j1dBd-YI1wy4P9lPjjtym9OL36X4QfmbA&google_hm=DbSRmG_0TIKLYv_5GjWaQQ==

Requested by

Host: 3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
URL: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4CZSdkdSIrG-0S0a2Xc7EMqdkcvq_HH7KFHm5NnMELrgEZV6bzQ9tA6pWIg_j1dBd-YI1wy4P9lPjjtym9OL36X4QfmbA&google_hm=DbSRmG_0TIKLYv_5GjWaQQ==
Date: Thu, 21 Jul 2022 15:00:43 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B3A9
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEMopz3dhPvtKqu_MNFSWhxk&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEMopz3dhPvtKqu_MNFSWhxk&google_hm=YtlqGmNDH3nKuhWYH7btgAAABHkAAAIB&google_nid=index&google_push=AehlK4DMSXShRmVO-Nswep9qLD9ATRNEn1p6z...

170 B
188 B

49ms
48ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEMopz3dhPvtKqu_MNFSWhxk&google_hm=YtlqGmNDH3nKuhWYH7btgAAABHkAAAIB&google_nid=index&google_push=AehlK4DMSXShRmVO-Nswep9qLD9ATRNEn1p6z7WwnckLWnwFpoXZeurbhi0KCXD0PqTARBHeGLP-WYR_6xSCFH1WrSlxtBkghxA

Requested by

Host: 3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
URL: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:43 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4mwRefeBIRzonoHiSw4CErQU6T5y0g%2FkD%2B8ZGLUf%2F%2FCSNq8CRtNk9Gadcmmw1SrswL%2Fx70h1NNQwqy%2BRPqnlLABGyIKX48A5%2FNpQfoRvoOj3CAl%2Bhow1a1yDuPZYs%2FfLqT9ttQ9z%2BCjzig%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEMopz3dhPvtKqu_MNFSWhxk&google_hm=YtlqGmNDH3nKuhWYH7btgAAABHkAAAIB&google_nid=index&google_push=AehlK4DMSXShRmVO-Nswep9qLD9ATRNEn1p6z7WwnckLWnwFpoXZeurbhi0KCXD0PqTARBHeGLP-WYR_6xSCFH1WrSlxtBkghxA
cache-control: no-cache
cf-ray: 72e4cecbcac26928-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B3A9
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESENZ6jylDytYj2ksboZgqhQo&google_cver=1&google_push=AehlK4ASsMJt5XM-ngkW4z3vSNeOidPcTO0yKg5ovbivXaygPmhHaQrf58OZiHXtlCusvDFQodw6716WvQCFPm9E...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AehlK4ASsMJt5XM-ngkW4z3vSNeOidPcTO0yKg5ovbivXaygPmhHaQrf58OZiHXtlCusvDFQodw6716WvQCFPm9EEZTI-MRjR14

170 B
188 B

49ms
49ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AehlK4ASsMJt5XM-ngkW4z3vSNeOidPcTO0yKg5ovbivXaygPmhHaQrf58OZiHXtlCusvDFQodw6716WvQCFPm9EEZTI-MRjR14

Requested by

Host: 3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
URL: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 21 Jul 2022 15:00:43 GMT
via: 1.1 ffdf2668ac264ec6d8784ccc7453073c.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-P5
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AehlK4ASsMJt5XM-ngkW4z3vSNeOidPcTO0yKg5ovbivXaygPmhHaQrf58OZiHXtlCusvDFQodw6716WvQCFPm9EEZTI-MRjR14
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: VeKH9mE3_hUoJaHlMVuJA1UdaqSpSh9f6G181dnkTCjL-lTKz4e51w==

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame B3A9 0
12 B 52ms
47ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LATqOAHLbZDcZKlzxTYKBfN0BM4hWfCw0igjhZYa_vnEfv7QCwWMOucxSs4nj3C6zRctsD

Requested by

Host: 3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
URL: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:43 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame E31E 12 KB
6 KB 55ms
55ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:43 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 16 Jul 2023 15:00:43 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame E31E 25 KB
25 KB 43ms
43ms Image
image/png 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=116&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F79f2c646e3f74b54931cff1f39d769d0_blue.png&v=3&w=596&s=Y68RrOBJBgfoItKZxNi7YWKx

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

0b13f84a6dde5e31b8a9e05852d609f5aa9d41b1b86c26d2d4f773b7dca0a675

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:43 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=29439971
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 25396
expires: Tue, 27 Jun 2023 08:46:54 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame E31E 0
127 B 42ms
42ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=xAPcOwBNK8yXqon1vI75YClEpUoHuBfDOiK78fDG6f1LQ0tPEu6qbBySUcAaCfnqy6FgSp0A8S50HmCCNdO5Mn5CPS0zq6YO-ROz6sunENIMNbwcHS1KXK0kQMsilb6uNfpDz_xl5SiitNUAIuKMXAXs2_EPq5LSMFHa7t-BktYhRlwb67LOpdzXgNJAybifkBMoAsB5o92r-asUi_rT-Z1Qjwo8fS06xlBeJ7bN-bvqr7kaKt-x97zZ4yLwJX5q32BoLg&sds=2&rev=82182&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 21 Jul 2022 15:00:43 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame E31E 2 KB
1 KB 45ms
44ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:43 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 16 Jul 2023 15:00:43 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame E31E 2 KB
1 KB 42ms
41ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:43 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 16 Jul 2023 15:00:43 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 1F9F 41 KB
15 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
URL: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 09:42:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 278282
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Jul 2023 09:42:41 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 4BAB 1 KB
749 B 38ms
37ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
URL: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 5172
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Jul 2022 13:34:31 GMT
etag: 48472445140208031
expires: Fri, 22 Jul 2022 13:34:31 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 3D3F 41 KB
15 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
URL: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 09:42:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 278282
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Jul 2023 09:42:41 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame F449 1 KB
749 B 38ms
38ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
URL: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 5172
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Jul 2022 13:34:31 GMT
etag: 48472445140208031
expires: Fri, 22 Jul 2022 13:34:31 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 1F9F 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4ae526fb2c135cd94644729ebae38fef6a336a35a42a4ea82ff5a1a02cac44fd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 3D3F 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ee62e9f4355013718fcb58d7178d67eafd0c79022a8b1686cd39b61599f4f5f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame D961 41 KB
15 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
URL: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 09:42:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 278282
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Jul 2023 09:42:41 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 6B48 1 KB
749 B 38ms
37ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
URL: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 5172
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Jul 2022 13:34:31 GMT
etag: 48472445140208031
expires: Fri, 22 Jul 2022 13:34:31 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/ Frame 8983 4 KB
2 KB 117ms
41ms Document
text/html 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7e7c9a58c561d93f29fab3943724cefdd1bb12a6183e2b449a56236f8cc783b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 183344
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1568
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Jul 2022 12:04:59 GMT
expires: Wed, 19 Jul 2023 12:04:59 GMT
last-modified: Fri, 04 Mar 2022 09:44:33 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3D3F 0
64 B 186ms
88ms Ping
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvfLpI5pf8HKAZsgDHylgUF0V6-ez91IRaqZgqefFmWWGbb-ZE30ifwjdtw-Qc8r8GzM6Z_L6OMG2Bw6wE4TWVqiLbBJrTxv2sSJEn35Y9CXbZbKZloznl1AX4PkicRWvRVUhKIa1BhLjnMn4guEZ71NM_28qyxErrwsNCk3u5AJiLBcbzK2kyhGUyky5RpS3XPfqIYr8Z3Y13Mc1BB_jBLyafVBAonasP5DBkRwZLSOloKkDVm9NuXesgxXYjDl9ZXpsEU_Gj251K1_LqZV-KC8P3_LAp-S7GQghP6mY0FUR6IWPxu0dF3sF9KZtncP2ifuKhHEawtW2JiYjzC3pWNRgtdtSJqjdZr3yFlZxf6q6UatVEMAKLKA4AaHCNexKtUoR-k7-mIxTNEPHZufdQjoLmoV5EnyUHIsJgipzT_EiD0KH4dMogKp6OfL52dAZ12o3HGP6sl2XwL9-4THm3lgPLKqDHc-ScpFy96zFZSvBkexKs3Z2BADhgY20ldVNfiTZxfq3u7HsgGTIWwtz9RlI-4DHpC3cbC8ABOr7NMkbT9B9is_oZ6O0mI1fzh3ggNsPbeGGAr1b-EQFAVNxSqC4rbagoF4xjQg4yCRUCWC07w6FF_hZ7aGewpd4SOyiEIDS58Jq25pFS9vxcaxxGtNlfLRSKu0sVxIBpebazrxJ5HxMsvgRKdM5Olev4jwUTzXe9fmRlcvPoA6k8B-m_Mhz3Hj5xtG3bDD26cCuWuMJY7sq_csUvzcG8JtZ7C6m1H018JtJIayuVmCd3G9RTHMhW2Z5wK2S7I5lWPbkfsynvmDXhjbUzC-kY9qEid-gy6mCtT5s4OgtquL2rz9ck4BJJFcJMCnkRqagmLyWnzFgCL2ymIjgbej7P8qhfrotA4X9A2aZLhpQSdwQNqZn280yR3CYt6Ie6gyMqWDKO82AS1bpkzdfIodhFMmUHrERwtv6swHMuq99dXoL6wS0GWCE7CjnDr2VkMk5za0bbuzW5Ir4JF4Rtt1s2O8OHus7Y90gysbNDaxm6braZuKNnP_2XxOuHWUkBobWSD22Q227YCYSlgXR2LP1yjNTkKMWtR0XnYFpldR0ABdwZb1C22TqxASmJ09FvPrTF2TKyc59xJ5iVbxk2HuIgDq4QLKyZ6xZbtmg2PXjOq7eNFQNyE7HZ9sxLFmu_Gfet47D8_ueEkorAh9fTlsz2Cr4XXWDyLiP5lvfj8iIeW5cb7IrmneGGv5DAs6hI-CKKO6umv1StfqjcuLeUX&sai=AMfl-YR5EVfta1ukLtqEPyvBy7HwSgRpyiPLvRAR0qb_i390E59ReenxemJsszS1dTfQp7qPCD-DbplVDKUsnkfuoCH3t2tG2c9q9buM-VQec8NUBfIFMeaVHRQPbybJlYu-2pyLCdjqxLfVRkxQvE3iQtkxkwa91IQr5rFga_smNhcsQimCfWTKlCGvAihOk9Da4oxqseOcu9HASJgFliLCdA&sig=Cg0ArKJSzKCW8yZPKVQqEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=338&cbvp=1&cstd=334&cisv=r20220719.38262&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Thu, 21 Jul 2022 15:00:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1

200
OK

px.gif
d.adtriba.com/ Frame 3D3F
Redirect Chain

https://d.adtriba.com/collect?atb_ptid=f65079e0&atb_dcaid=202202_es_ukraine_dv_pros_330033534&atb_dpuid=di_dv&gdpr=&gdpr_consent=
https://d.adtriba.com/px.gif

42 B
227 B

123ms
123ms

Image
image/gif

54.156.176.154
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adtriba.com/px.gif
Requested by: Host: 3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
URL: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 54.156.176.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-156-176-154.compute-1.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Thu, 21 Jul 2022 15:00:44 GMT
Cache-Control: public, max-age=86400
Server: nginx/1.16.1
Connection: keep-alive
Content-Length: 42
Content-Type: image/gif

Redirect headers

Date: Thu, 21 Jul 2022 15:00:44 GMT
Last-Modified: Thu, 21 Jul 2022 15:00:44 GMT
Server: nginx/1.16.1
P3P: CP="This is not a P3P policy! See https://www.adtriba.com/privacy-policy.html for more info."
Location: /px.gif
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 01:00:00 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/8187117106374901760/160x600-EU%20Brand/ Frame 8406 22 KB
4 KB 108ms
46ms Document
text/html 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8187117106374901760/160x600-EU%20Brand/index.html?e=69&leftOffset=0&topOffset=0&c=CuD0k3Tjzg&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29ef27e6dc6ad2d8c5587234193ac2d472279ac11c26f13faa6e45f1886430e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Jul 2022 15:00:43 GMT
expires: Fri, 21 Jul 2023 15:00:43 GMT
last-modified: Wed, 30 Mar 2022 14:40:07 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame D961 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 009e565894f773e93d9746e353f953bf3b62848a80ab4f91bc19d9f014a5b843

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame D961 0
622 B 166ms
85ms Ping
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvdEtdjzeOriwcDLbEPPPcllpxktWJs1fAJ75ki8hTsLqivBcZBRoY6CJiK1i0pYE78uWd_Sacgd1Uw55WRKMO_ITekXMVd0hmTLD-ZhlRHnBFBdT2lWCenVi22hLuDjKwLSiW9FYGgXUj3IH9xb7V4gDEFHtjzRJsAmoZjG5FohiMcf983oDsRLOI1HK27wgjJ0ngAt4wR7p13uaCMcu0aUsH1cJTw7m4ipvJRy1JEO2VVhNstfRMX6Axxa37GxIuKSCOVDpuzOM6dWSQ2WfF-biX1irgsmkekyOImiBiQ836EKe95jpX6GwiMrN8iplX7ItRjTxGODmjcZhCHNXL24LzNNCaEC9ffgT7TlojE0yj7bjb98YXPUGnzlRvRkJcSXPfyRNvtaDX7CsmQ37lmw12V_Rvh86rTMzbr8DWB8Ap2PaZRF1tc-fm8-X2zGf0BTbkScipKsdaoBLkCIc3-ECR6S3ErRvvfdFdgqzAzfavW8ejGeH6WsvcmMWLmZrly33miK9LtPdAJ_zw1gOZELronZxLWeRjwUxzoDPLl5lIUAYEA2YoyJ1M9Z_RC1RHzOJlrFXjeNMTMjFrc18aIS3z1Z0x_2i2AJBtUEW6D9_h3I89yB-mjVxEXdru3Bw49Zdpt2TD6AP3MfmGuPm9hCoEOWCgFeh7K0szOopQGubH7LBiQZjXrnM3ULOx4I7ThH-wfy2_WWv0L9DI43m6MqfARZvBc-f9du_tVx1z1AnrHyq_kd1KOEKIGj7Q7YioXdr1TqBItXsPRxtZ3_0TmgkU_V4fhlxYZAfT-6WsfLbrPWzwPnAi4v-AgmfUfnK-PllHJhNIuIWz1nO-8SdOUU59I3dKDTtKTeVpFC1gt3mxXy8DPkeLmmNdQf0rEwRJx1fb0WOUg9ry8mm7Xd036fKojnDLg9i-elar4PGxS5X-nwLgYy6EFRJNWXgbLLM8gxbFm6DJwxxJZR9-6G6GdMPtI8vJlD17yL61qH3q1Fgwhy9N__DmdoWnYj9_XVF1-z7GW5kn8co0uwYqGVFUS6_JitJrFl3u-nrSDOfGK6RQfWkBOM7cix7UADqfjtvhbChhSoQV8hOkGtcryE2zDe4lKxYHl0Xa9gvqwW0gzudOAQobpG3SG23rUXSweM0ZtbNWJjfjrjo5cMhKKAB3bSoIIqxDq4OG14w4_fxPBH1B54Uyu4elCYKtbp36_cdH0xrokMdrQgtxfzfd0r1ZjxG6O_Jq3NOFtZNeDukxemBpHSfN0QnsNVA&sai=AMfl-YScpHjFFuzpkKtuW0UeouNjFk8SmhGgG70Y6iEQulFSOFcSDm4TAgFHLdP1q8_CoU0s0fFNCJYvfCt7trYTezxLqAsBIY9sIFwj-X2TyRZIy_D6c_KmPi_cWFxwK3tf-SN0z1dK8zHq5uM3rlqpacUPpisibryUS40klAwdfwf7eYvHz_UwmiyWITGMVpOZLrS_UqPQ_VdFtMr5drcQ518E6JcH_irRqio34J3NfzJuabo&sig=Cg0ArKJSzJrbFCmyRCUPEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=326&cbvp=1&cstd=319&cisv=r20220719.62158&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Thu, 21 Jul 2022 15:00:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/ Frame 39FC 4 KB
2 KB 38ms
37ms Document
text/html 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7e7c9a58c561d93f29fab3943724cefdd1bb12a6183e2b449a56236f8cc783b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 183344
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1568
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Jul 2022 12:04:59 GMT
expires: Wed, 19 Jul 2023 12:04:59 GMT
last-modified: Fri, 04 Mar 2022 09:44:33 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 1F9F 0
64 B 105ms
88ms Ping
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvzWBhRIydcNaxfB1IJ39H7wmpZWR-kl5HeT45XoW3X664YTVw6NwgHNwI18H0VLFiv3bAhbImbzJrfxLeSOi9Rwt5u9NIpQeC3ptWuyvimq3qALOAZN-pPtlAJ2tKXwQLyPlF7CRzc79vxOluW0wpLVc0EnhIVzRP2q7fWdJ0zcrKRKEVM9c00x-rs4HOK4doDSjYvpUgwFO-t1PGdNpvq8IZSn0i_FowWh6jzYdIOeYIDM32bbT4W6EvbdXZF1Bfcmf26q5LPcLKIcdVWsiGZ4qC_r9-TL30nrrBnVnWKcmbbfTQ4DojXBxfM_BcMsb33YbXdL2OQUsuHl-8Sn6V7ux2XirbdO8E5AthZ9oj6sAZj5Cd_Ey_QC3n7k7lgYuzeWm1__xCnbbjMwqOSRe9PGcnoLBG5wZC5dKH0nDIyG-Swp-eRYaDdI3N4aGN6djL4wjNVqxKV7AoAoxeCPmPR1ORy3smZ8e0EBGFzFLyG_U08Siyci_huHb-v91i8z4Uznp0uwpI7kjWOarGCVpj7B9YC8_2qwBlNhlUKBjT9bCr9I2ra6xhE7iow91Yuuc6fJhu2_rZjT1sYDFFuYzEWF-FcpjIaVC7vyQO3nrmlxV5XjS2XDSKa5NjhrKBQZiBK6KeM7toTUHfLxN5aFsIznV1S_y70UC0giAavqDqwRjybvf1K_11cQwRsXfMo07JGBMyTvQ2mMdIaVvIKpdcdeKMVSO7x3kb10_3uytuKggG0qGmLPpuAQfTcTHL-5bOJzRZ93CMw-Wr7yG6fn2aZwY0g8mf62lYct4BJ2pihpAVUai_e747fku4wJ6tc1Ev9YQUfAFZ5_k-21rQ5ciLOmJeZDTH1R-QhgyByDAxvHoSOkE43tlntoG0YjUPFbvRuB3xYsopqaO9RJ2bpiBNq_SBkt045-Bw-TSZrsZmbGO5ecRFgqlCmj0765x9YKrJl2jqzBxA0k1Z-ivMIO5PI0Y9cVSuxmqFKX1vNZd-wN3KisXXJb7w4bFqI6OIHzsOdAHFu8cnI1Z5gLnYyOvFo8Id9qroz-tENU6pckedT6PoRP8Xgc6rB4xAJ82X1nRkX7EmddNo3YcVyQM_fmZYnoRmn_M2e6Eb6ADbDGo0qoIkzA3sadRQXi-wj8jHQa5d1xKIna5bfdm_E6XHKe59yQ8UR7NQj4IXKyJShvE5W61rTT2ZhDCDfswnZ8OckD2fXhejEX20FUzJMRXWwY0v2X8z7I1KCPvEWv5fNnbwDZffWBp0&sai=AMfl-YRIwJSfybku1anUjeBKiRZno_rt4FN0ISWBpnjtG70EIhwG4R9J1-rX8NItOnCC7rD2QMZiUqN59cTR2t4EjZHjbrrFn28zlKhkLaz2Gws1pnqlEV4IqNalDB-DSZ9DYUauoUB93n0IFuPyxBtMyYWLM4JJjWeK9CrhlPnHcbir8A0OZouq_tiIranTWG_PcO7tF1_FtGs6NwLjVQQxMA&sig=Cg0ArKJSzF2piGEBihxrEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=430&cbvp=1&cstd=429&cisv=r20220719.15304&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Thu, 21 Jul 2022 15:00:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1

200
OK

px.gif
d.adtriba.com/ Frame 1F9F
Redirect Chain

https://d.adtriba.com/collect?atb_ptid=f65079e0&atb_dcaid=202202_es_ukraine_dv_pros_330033534&atb_dpuid=di_dv&gdpr=&gdpr_consent=
https://d.adtriba.com/px.gif

42 B
227 B

125ms
124ms

Image
image/gif

54.156.176.154
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adtriba.com/px.gif
Requested by: Host: 3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
URL: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 54.156.176.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-156-176-154.compute-1.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Thu, 21 Jul 2022 15:00:44 GMT
Cache-Control: public, max-age=86400
Server: nginx/1.16.1
Connection: keep-alive
Content-Length: 42
Content-Type: image/gif

Redirect headers

Date: Thu, 21 Jul 2022 15:00:44 GMT
Last-Modified: Thu, 21 Jul 2022 15:00:44 GMT
Server: nginx/1.16.1
P3P: CP="This is not a P3P policy! See https://www.adtriba.com/privacy-policy.html for more info."
Location: /px.gif
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 01:00:00 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 0C92 22 KB
8 KB 40ms
40ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 38960
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Jul 2022 04:11:23 GMT
expires: Fri, 21 Jul 2023 04:11:23 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame F30A 22 KB
8 KB 39ms
39ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 38960
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Jul 2022 04:11:23 GMT
expires: Fri, 21 Jul 2023 04:11:23 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET /
google2waycm.netmng.com/cm/ Frame 4BAB 0
0

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 4BAB
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEIndeHAqUB-nq52qF_oWNFM&google_cver=1&google_push=AehlK4Be9f6lRkDeVaPMGzJbgh4aK2LQfd12fZS1N_fJ-KnCnl28VQUDc0qhLsniijK3r8PONRZrO0DuhNFZ1hvz8Vm3VlZC_gU
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzI3NTUyMzQ5MTE5Njk0MjcwNw==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEIndeHAqUB-nq52qF_oWNFM&google_cver=1

43 B
398 B

45ms
45ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEIndeHAqUB-nq52qF_oWNFM&google_cver=1
Requested by: Host: 3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
URL: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:43 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: image/gif
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:43 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEIndeHAqUB-nq52qF_oWNFM&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4BAB
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEFDXdNfwgssCJzHYnVcpl0k&google_push=AehlK4ARkZ6g1_SxVsVXZWbrzEvUBowgqXRzDvsy9gndO6cYV2IQpQST11...

170 B
188 B

48ms
48ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEFDXdNfwgssCJzHYnVcpl0k&google_push=AehlK4ARkZ6g1_SxVsVXZWbrzEvUBowgqXRzDvsy9gndO6cYV2IQpQST11noH_8947Ugdu5cJgICzxHVRZgOUXKAw0c0GKjooQ

Requested by

Host: 3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
URL: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:44 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1658415644.983988,VS0,VE92
x-served-by: cache-hhn4077-HHN
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEFDXdNfwgssCJzHYnVcpl0k&google_push=AehlK4ARkZ6g1_SxVsVXZWbrzEvUBowgqXRzDvsy9gndO6cYV2IQpQST11noH_8947Ugdu5cJgICzxHVRZgOUXKAw0c0GKjooQ
cache-control: no-cache
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
x-cache-hits: 0

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 4BAB 0
191 B 59ms
56ms Image
text/plain 66.155.71.149
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESECQEBcqMal_CoyDdJ2kRqsI&google_cver=1&google_push=AehlK4AS2rsYfcwI9YXav5dFBA_m68UUqbC0qkbalWZwi9T4YD8Gby118iw-a6d0hOPa2ry4gvnxkUyj4Q1JGmaAdx89Zi2bvmw
Requested by: Host: 3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
URL: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:43 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3 200 dot.gif
s0.2mdn.net/ Frame 4BAB 43 B
65 B 47ms
45ms Image
image/gif 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESEMQyDtfaOBxqHqw_qED8ADo&google_cver=1&google_push=AehlK4AONS7tiAFxllKG__QktUFHKSAfnrbYNon0s99oPg95w_HXABoRWSQEE2BtafllWTahYOQduhQ1La_Dl9AuoZqYIABwMF0

Requested by

Host: 3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
URL: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 22 Jul 2022 15:00:43 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4BAB
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEMxdfogvoxY0dRyjfrxRscc&google_cver=1&google_push=AehlK4CuaaL3IuUyIt72pu5_73H2ZI_zltOlf69HO-QvR2k_-mZjSSPxmoxzdgKLP_LQg1qCAQ...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1fWjNpQzB0RTJ1SEJLVkl3NFFfX1VrSGtMY2pjcUd1b35B&google_push=AehlK4CuaaL3IuUyIt72pu5_73H2ZI_zltOlf69HO-QvR2k_-mZjSSPxm...

170 B
188 B

48ms
47ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1fWjNpQzB0RTJ1SEJLVkl3NFFfX1VrSGtMY2pjcUd1b35B&google_push=AehlK4CuaaL3IuUyIt72pu5_73H2ZI_zltOlf69HO-QvR2k_-mZjSSPxmoxzdgKLP_LQg1qCAQH0u-H1Pvn3f6Zv9I9VNoyiRek

Requested by

Host: 3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
URL: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1fWjNpQzB0RTJ1SEJLVkl3NFFfX1VrSGtMY2pjcUd1b35B&google_push=AehlK4CuaaL3IuUyIt72pu5_73H2ZI_zltOlf69HO-QvR2k_-mZjSSPxmoxzdgKLP_LQg1qCAQH0u-H1Pvn3f6Zv9I9VNoyiRek
date: Thu, 21 Jul 2022 15:00:43 GMT
server: ATS/9.1.0.46
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 200 dot.gif
s0.2mdn.net/ Frame 4BAB 43 B
65 B 48ms
46ms Image
image/gif 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESENXtPXh-nU46hOznfqR-5s8&google_cver=1&google_push=AehlK4Dl1rWo4pP1G4qkWJYb0qoKIqSIpV22BlGlK2NwUvW71Bk0B-rOPbeeq1QPY_OrBYF_bPaa3M7UBq4n7MTO9hPS4YOwE-E

Requested by

Host: 3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
URL: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 22 Jul 2022 15:00:43 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 4BAB 0
12 B 50ms
48ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LseioIGilQriqs9j-tEu-ZoJad5pZp35VTt3uFtUUgC1dsDPV9eYvYR2toXf0xclm5EuT_US4

Requested by

Host: 3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
URL: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:43 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 3277 22 KB
8 KB 37ms
37ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 38960
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Jul 2022 04:11:23 GMT
expires: Fri, 21 Jul 2023 04:11:23 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame F449
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEIndeHAqUB-nq52qF_oWNFM&google_cver=1&google_push=AehlK4BPprXQ7QD6TFK0hlifr2n573Fje43jjtmvcXN_1dL756dqfEiypPuxcdB9lrpPYH_7ntql1o1H2FUzMb9NwQt9VsfkUasurA
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzI3NTUyMzQ5MTE5Njk0MjcwNw==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEIndeHAqUB-nq52qF_oWNFM&google_cver=1

43 B
398 B

45ms
45ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEIndeHAqUB-nq52qF_oWNFM&google_cver=1
Requested by: Host: 3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
URL: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:43 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: image/gif
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:43 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEIndeHAqUB-nq52qF_oWNFM&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame F449 35 B
464 B 564ms
188ms Image
image/gif 2600:1f1c:a99:832c:2412:5a3c:977a:e751
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEKvEXfUSo2KZmZcorQB9YI4&google_cver=1&google_push=AehlK4CsfQ7HbT9pNwafwi7oNGUR3fc1Uz1BHz2rtzsIV8dylfM7mtdnVzrnpMnOdx8pfsxloAdCtuXIherVFLYm27ZIY41B4HnGOg

Requested by

Host: 3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
URL: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f1c:a99:832c:2412:5a3c:977a:e751 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:44 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F449
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEGxTiiguw_AhH7PaAxzq7yE&google_cve...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=YnNDclhwbVMxT2V4Rm81&google_gid=CAESEGxTiiguw_AhH7PaAxzq7yE&google_cver=1&google_push=AehlK4CrLhbWRHCDLANNOh0FAZfAzyK1GGotW_Klw20lLH-...

170 B
188 B

48ms
48ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=YnNDclhwbVMxT2V4Rm81&google_gid=CAESEGxTiiguw_AhH7PaAxzq7yE&google_cver=1&google_push=AehlK4CrLhbWRHCDLANNOh0FAZfAzyK1GGotW_Klw20lLH-qUPNP30QTqKiUUrNToeXjGDI8eniGKP0oJzFpLU6qIQDa7SFpfdOzpw

Requested by

Host: 3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
URL: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 21 Jul 2022 15:00:43 GMT
Server: PingMatch/658332f#658332fc5aaa95d8a9be88d89d84d3c319923363 i-0aa046f85b99a54d2@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=YnNDclhwbVMxT2V4Rm81&google_gid=CAESEGxTiiguw_AhH7PaAxzq7yE&google_cver=1&google_push=AehlK4CrLhbWRHCDLANNOh0FAZfAzyK1GGotW_Klw20lLH-qUPNP30QTqKiUUrNToeXjGDI8eniGKP0oJzFpLU6qIQDa7SFpfdOzpw
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F449
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEKjhiKDUiW-hehSrnvkO1Qg&google_cver=1&google_push=AehlK4DsuOUed_yUZOmg5bySy0SEpIH4KOo2ERTjnZ5SOSGsa2oNv_ZWxNCXuUcpVDTEwWDKbqSxR8cF-cp6E4CN...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4DsuOUed_yUZOmg5bySy0SEpIH4KOo2ERTjnZ5SOSGsa2oNv_ZWxNCXuUcpVDTEwWDKbqSxR8cF-cp6E4CNd5YAR6FHMrf_

170 B
188 B

50ms
49ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4DsuOUed_yUZOmg5bySy0SEpIH4KOo2ERTjnZ5SOSGsa2oNv_ZWxNCXuUcpVDTEwWDKbqSxR8cF-cp6E4CNd5YAR6FHMrf_

Requested by

Host: 3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
URL: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 21 Jul 2022 15:00:44 GMT
Server: MT3 4475 c1dc35a master zrh-pixel-x12 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4DsuOUed_yUZOmg5bySy0SEpIH4KOo2ERTjnZ5SOSGsa2oNv_ZWxNCXuUcpVDTEwWDKbqSxR8cF-cp6E4CNd5YAR6FHMrf_
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 21 Jul 2022 15:00:43 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F449
Redirect Chain

https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEKYVVy1uUSrKNHKW5ClxLaw&google_cver=1&google_push=AehlK4Dj9DRnQDbSoPyeM5LkkkIxeoLusIm_UXs02mEbvNGrTQxHisXVCRA_7402Mdx2JHRYmsc1SIhVdgBszw...
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AehlK4Dj9DRnQDbSoPyeM5LkkkIxeoLusIm_UXs02mEbvNGrTQxHisXVCRA_7402Mdx2JHRYmsc1SIhVdgBszwqpDtVmzuMEc9gdlg&google_hm=hmLZahujVNKVbSS...

170 B
188 B

48ms
48ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AehlK4Dj9DRnQDbSoPyeM5LkkkIxeoLusIm_UXs02mEbvNGrTQxHisXVCRA_7402Mdx2JHRYmsc1SIhVdgBszwqpDtVmzuMEc9gdlg&google_hm=hmLZahujVNKVbSSm2A&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D62D96A1BA354D2956D24A6D8BLIS

Requested by

Host: 3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
URL: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AehlK4Dj9DRnQDbSoPyeM5LkkkIxeoLusIm_UXs02mEbvNGrTQxHisXVCRA_7402Mdx2JHRYmsc1SIhVdgBszwqpDtVmzuMEc9gdlg&google_hm=hmLZahujVNKVbSSm2A&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D62D96A1BA354D2956D24A6D8BLIS
date: Thu, 21 Jul 2022 15:00:43 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F449
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEL6uzN8MtItH5d-4BDUJlpc&google_cver=1&google_push=AehlK4B2NOFeCZVR--aIYeoAFri4TN8_Bx-6rWgHdKGuy952WSpltf5fG7oBk-q2OZi5o2dVu_J...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVWNVVSNTEtUS1FWTdH&google_push=AehlK4B2NOFeCZVR--aIYeoAFri4TN8_Bx-6rWgHdKGuy952WSpltf5fG7oBk-q2OZi5o2dVu_J1bQvvwzdL0isVwHT4l6nRPnqi

170 B
188 B

50ms
49ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVWNVVSNTEtUS1FWTdH&google_push=AehlK4B2NOFeCZVR--aIYeoAFri4TN8_Bx-6rWgHdKGuy952WSpltf5fG7oBk-q2OZi5o2dVu_J1bQvvwzdL0isVwHT4l6nRPnqi

Requested by

Host: 3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
URL: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVWNVVSNTEtUS1FWTdH&google_push=AehlK4B2NOFeCZVR--aIYeoAFri4TN8_Bx-6rWgHdKGuy952WSpltf5fG7oBk-q2OZi5o2dVu_J1bQvvwzdL0isVwHT4l6nRPnqi
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
Expires: 0

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame F449 0
75 B 217ms
59ms Image
text/plain 185.86.137.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESELo2SXwtnB9aNnXfGQdNksA&google_cver=1&google_push=AehlK4CCVe3GXfvGcKldKGyh5GiPxgcy42nlnGDRTwelQwvDWPp_C5iNuEQDs4izpOjbGljdxq_saY9j_lDU3_i5NyobIQ69eBOC
Requested by: Host: 3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
URL: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:43 GMT
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame F449 0
12 B 46ms
45ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KGEjWGYQyQ3qyUz48Ta0RR-IWlGYIvrpVcgqbzkcwgsYQkKvL53gho_HwIAnh6NXsbU4OO

Requested by

Host: 3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
URL: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:43 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 6B48 70 B
264 B 57ms
55ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEAaSTpOoaw18qGSRwFwJggc&google_cver=1&google_push=AehlK4DSk8YIVvPdUFCdp7s9dPPnTzqJxSTeWJxKv_TL6JiTCZXMJ2cMGIQj-z-iaxGQtVYWVdTnuSLLVlVZU4aMj66wEScHn_WLDw
Requested by: Host: 3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
URL: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:43 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 6B48 0
191 B 55ms
53ms Image
text/plain 66.155.71.149
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESECQEBcqMal_CoyDdJ2kRqsI&google_cver=1&google_push=AehlK4ChedS-R0idC3fRe4sk6aXhUyuRgKmQ-a6QMg3UUHmwuTf7phousaACClzFF5ZwYdQjhBu-gkmzEJNp6Bb9C97cm4OkocsOog
Requested by: Host: 3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
URL: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:43 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6B48
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEDWnjKJOMO2R09ncXBBz7TE&google_cver=1&google_push=AehlK4AlAp0QOr6M1liaCkUWESJ0LDmZcdY_b8565ccIGvFd55TJUMmP76oQCHlilPxIHagrrCJXQNqz3HrtRYaIrC8Zpc0...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4AlAp0QOr6M1liaCkUWESJ0LDmZcdY_b8565ccIGvFd55TJUMmP76oQCHlilPxIHagrrCJXQNqz3HrtRYaIrC8Zpc0-uoO5_A&google_hm=Nzk5Nzg0OTgwNzA3Nzg0...

170 B
188 B

47ms
46ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4AlAp0QOr6M1liaCkUWESJ0LDmZcdY_b8565ccIGvFd55TJUMmP76oQCHlilPxIHagrrCJXQNqz3HrtRYaIrC8Zpc0-uoO5_A&google_hm=Nzk5Nzg0OTgwNzA3Nzg0NTgzMQ%3D%3D

Requested by

Host: 3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
URL: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 21 Jul 2022 15:00:44 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4AlAp0QOr6M1liaCkUWESJ0LDmZcdY_b8565ccIGvFd55TJUMmP76oQCHlilPxIHagrrCJXQNqz3HrtRYaIrC8Zpc0-uoO5_A&google_hm=Nzk5Nzg0OTgwNzA3Nzg0NTgzMQ%3D%3D
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H3 200 dot.gif
s0.2mdn.net/ Frame 6B48 43 B
65 B 48ms
46ms Image
image/gif 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESEMQyDtfaOBxqHqw_qED8ADo&google_cver=1&google_push=AehlK4Dl7PlrJjAwusjFI-gXbRmFYW0WPKJLgqPIX9MSFPwVfu-UPh8ItMMqXntklJkrZMxgEh4PzxOG8wo_9ZrLRV52UHaRYP-7

Requested by

Host: 3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
URL: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 22 Jul 2022 15:00:43 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6B48
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEL6uzN8MtItH5d-4BDUJlpc&google_cver=1&google_push=AehlK4A5SfFPKw1SEFU-zMmBPy9q6-8SESlew-3lTsQ4vGIlF9jDvMJe9V60yum64_cz-sweC-D...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVWNVVSNTEtUS1FWTdH&google_push=AehlK4A5SfFPKw1SEFU-zMmBPy9q6-8SESlew-3lTsQ4vGIlF9jDvMJe9V60yum64_cz-sweC-DJq75py_21U953dLe_H8_x2KctiQ

170 B
188 B

48ms
48ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVWNVVSNTEtUS1FWTdH&google_push=AehlK4A5SfFPKw1SEFU-zMmBPy9q6-8SESlew-3lTsQ4vGIlF9jDvMJe9V60yum64_cz-sweC-DJq75py_21U953dLe_H8_x2KctiQ

Requested by

Host: 3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
URL: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVWNVVSNTEtUS1FWTdH&google_push=AehlK4A5SfFPKw1SEFU-zMmBPy9q6-8SESlew-3lTsQ4vGIlF9jDvMJe9V60yum64_cz-sweC-DJq75py_21U953dLe_H8_x2KctiQ
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6B48
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEG_IeqK0FVn_vYVMjVclmPU&google_cver=1&google_push=AehlK4CMgNSWel0Fk1L21cZNnO9HlrA3-1g11-9TcIq-lq8gnhwxkOC-f3dLx0ck0AgErsRjlqdJO6afk0YxpGH28...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEG_IeqK0FVn_vYVMjVclmPU&google_cver=1&google_push=AehlK4CMgNSWel0Fk1L21cZNnO9HlrA3-1g11-9TcIq-lq8gnhwxkOC-f3dLx0ck0AgErsRjlqdJO6afk0YxpGH28...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AehlK4CMgNSWel0Fk1L21cZNnO9HlrA3-1g11-9TcIq-lq8gnhwxkOC-f3dLx0ck0AgErsRjlqdJO6afk0YxpGH28j9nZ89oRBSDnQ&google_hm=FA2EpGZH3H9sMPAtRY6O...

170 B
188 B

48ms
48ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AehlK4CMgNSWel0Fk1L21cZNnO9HlrA3-1g11-9TcIq-lq8gnhwxkOC-f3dLx0ck0AgErsRjlqdJO6afk0YxpGH28j9nZ89oRBSDnQ&google_hm=FA2EpGZH3H9sMPAtRY6OPI-v

Requested by

Host: 3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
URL: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 21 Jul 2022 15:00:44 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AehlK4CMgNSWel0Fk1L21cZNnO9HlrA3-1g11-9TcIq-lq8gnhwxkOC-f3dLx0ck0AgErsRjlqdJO6afk0YxpGH28j9nZ89oRBSDnQ&google_hm=FA2EpGZH3H9sMPAtRY6OPI-v
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6B48
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESENWrCpmm5gdsh_VOhJUGRCA&google_cver=1&google_push=AehlK4CpSI4zln70onXKcF7Z3o1YmbAlV3LBM7qlKctt-GGyBSI7HDxcHYjqowoPKQU3gfIlAc-wXT1FZbaw...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AehlK4CpSI4zln70onXKcF7Z3o1YmbAlV3LBM7qlKctt-GGyBSI7HDxcHYjqowoPKQU3gfIlAc-wXT1FZbawhfaRDtboPl6iqzqU

170 B
188 B

47ms
47ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AehlK4CpSI4zln70onXKcF7Z3o1YmbAlV3LBM7qlKctt-GGyBSI7HDxcHYjqowoPKQU3gfIlAc-wXT1FZbawhfaRDtboPl6iqzqU

Requested by

Host: 3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
URL: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AehlK4CpSI4zln70onXKcF7Z3o1YmbAlV3LBM7qlKctt-GGyBSI7HDxcHYjqowoPKQU3gfIlAc-wXT1FZbawhfaRDtboPl6iqzqU
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 6B48 0
12 B 46ms
45ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JLVYLobOo7R62f60vdHwpJq0vsyTU97Yrp0V3enDBKFKG8ZOcqVXbORNBUNwsYHHgEAOKF

Requested by

Host: 3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
URL: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:43 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1B62 42 B
64 B 147ms
71ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssvtNekRHvURMG818tz72XsMFvEXnG_caJUB_uhSt2DUGdlmI5XLyZ6Wp7oLmHzaOrTNVjUrbe5S-aiDAl7hUelQh8&sig=Cg0ArKJSzHZ5WnZliLRJEAE&cid=CAASF-RoLPgCsJOMioN5KpN1b_NKZs-LQpEO&id=lidar2&mcvt=1028&p=20,315,270,1285&mtos=1028,1028,1028,1028,1028&tos=1028,0,0,0,0&v=20220718&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=885339185&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1658415642432&rpt=383&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 styles.css
s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/ Frame 8983 1 KB
520 B 38ms
37ms Stylesheet
text/css 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/styles.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93dd9bdfb4786776e0be67aeb0f1bd07f2c8164d05c859888ea58aa5130afb2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 12:04:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 183344
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 491
x-xss-protection: 0
last-modified: Fri, 04 Mar 2022 09:44:33 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 19 Jul 2023 12:04:59 GMT

GET
H3 200 tweenmax_1.19.0_643d6911392a3398cb1607993edabfa7_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 8983 109 KB
37 KB 52ms
51ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.19.0_643d6911392a3398cb1607993edabfa7_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

36c0ec05d79bd9d3164effc3eca0f1962cd6f82bb1f41cb212e080910be24153

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37530
x-xss-protection: 0
last-modified: Tue, 06 Sep 2016 20:51:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Jul 2022 15:00:43 GMT

GET
H3 200 main.js Show response
s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/ Frame 8983 8 KB
2 KB 39ms
38ms Script
application/x-javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/main.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69441dcfb941a2e5b4ad898b22589d40edf42108aca20e07799d4ec0668536eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 12:04:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 183344
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2182
x-xss-protection: 0
last-modified: Fri, 04 Mar 2022 09:44:33 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 19 Jul 2023 12:04:59 GMT

GET
H3 200 styles.css
s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/ Frame 39FC 1 KB
520 B 38ms
37ms Stylesheet
text/css 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/styles.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93dd9bdfb4786776e0be67aeb0f1bd07f2c8164d05c859888ea58aa5130afb2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 12:04:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 183344
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 491
x-xss-protection: 0
last-modified: Fri, 04 Mar 2022 09:44:33 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 19 Jul 2023 12:04:59 GMT

GET
H3 200 tweenmax_1.19.0_643d6911392a3398cb1607993edabfa7_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 39FC 109 KB
37 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.19.0_643d6911392a3398cb1607993edabfa7_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

36c0ec05d79bd9d3164effc3eca0f1962cd6f82bb1f41cb212e080910be24153

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37530
x-xss-protection: 0
last-modified: Tue, 06 Sep 2016 20:51:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Jul 2022 15:00:43 GMT

GET
H3 200 main.js Show response
s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/ Frame 39FC 8 KB
2 KB 40ms
38ms Script
application/x-javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/main.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69441dcfb941a2e5b4ad898b22589d40edf42108aca20e07799d4ec0668536eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 12:04:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 183344
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2182
x-xss-protection: 0
last-modified: Fri, 04 Mar 2022 09:44:33 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 19 Jul 2023 12:04:59 GMT

GET
H3 200 adlib.css
s0.2mdn.net/sadbundle/8187117106374901760/160x600-EU%20Brand/ Frame 8406 5 KB
2 KB 38ms
37ms Stylesheet
text/css 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8187117106374901760/160x600-EU%20Brand/adlib.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8187117106374901760/160x600-EU%20Brand/index.html?e=69&leftOffset=0&topOffset=0&c=CuD0k3Tjzg&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ac0a8d8faf26b8a5ab31b9a5dcb8778adb98efcea5b4d2e38197e0a06e765c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8187117106374901760/160x600-EU%20Brand/index.html?e=69&leftOffset=0&topOffset=0&c=CuD0k3Tjzg&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 14:48:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 519146
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1887
x-xss-protection: 0
last-modified: Wed, 30 Mar 2022 14:40:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 15 Jul 2023 14:48:17 GMT

GET
H3 200 fonts.css
s0.2mdn.net/sadbundle/8187117106374901760/160x600-EU%20Brand/ Frame 8406 758 B
228 B 41ms
39ms Stylesheet
text/css 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8187117106374901760/160x600-EU%20Brand/fonts.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8187117106374901760/160x600-EU%20Brand/index.html?e=69&leftOffset=0&topOffset=0&c=CuD0k3Tjzg&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74fc77beb52c036c555c6368a019bdedccadd8333cb0090eabd12fa64adfe027

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8187117106374901760/160x600-EU%20Brand/index.html?e=69&leftOffset=0&topOffset=0&c=CuD0k3Tjzg&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 14:48:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 519146
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 199
x-xss-protection: 0
last-modified: Wed, 30 Mar 2022 14:40:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 15 Jul 2023 14:48:17 GMT

GET
H3 200 adStyle.css
s0.2mdn.net/sadbundle/8187117106374901760/160x600-EU%20Brand/ Frame 8406 6 KB
1 KB 44ms
42ms Stylesheet
text/css 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8187117106374901760/160x600-EU%20Brand/adStyle.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8187117106374901760/160x600-EU%20Brand/index.html?e=69&leftOffset=0&topOffset=0&c=CuD0k3Tjzg&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0001c7c9d2b4f9ac30f21a7f259a8f453fce318d126f5e78c52c83bb63ef35e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8187117106374901760/160x600-EU%20Brand/index.html?e=69&leftOffset=0&topOffset=0&c=CuD0k3Tjzg&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 14:48:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 519146
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1164
x-xss-protection: 0
last-modified: Wed, 30 Mar 2022 14:40:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 15 Jul 2023 14:48:17 GMT

GET
H3 200 Enabler_01_248.js Show response
s0.2mdn.net/879366/ Frame 8406 118 KB
40 KB 61ms
59ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_248.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8187117106374901760/160x600-EU%20Brand/index.html?e=69&leftOffset=0&topOffset=0&c=CuD0k3Tjzg&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4701dc5781a4f2bcdddd33cfe6b025b2e532b562faae5f3756973975556b4a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8187117106374901760/160x600-EU%20Brand/index.html?e=69&leftOffset=0&topOffset=0&c=CuD0k3Tjzg&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 09:21:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20368
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41094
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:45:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 22 Jul 2022 09:21:15 GMT

GET
H3 200 gsap_3.2.4_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 8406 57 KB
23 KB 96ms
95ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8187117106374901760/160x600-EU%20Brand/index.html?e=69&leftOffset=0&topOffset=0&c=CuD0k3Tjzg&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8187117106374901760/160x600-EU%20Brand/index.html?e=69&leftOffset=0&topOffset=0&c=CuD0k3Tjzg&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23276
x-xss-protection: 0
last-modified: Thu, 05 Mar 2020 03:53:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Jul 2022 15:00:43 GMT

GET
H3 200 adlibUtils-v3.js Show response
s0.2mdn.net/sadbundle/8187117106374901760/160x600-EU%20Brand/ Frame 8406 25 KB
10 KB 75ms
73ms Script
application/x-javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8187117106374901760/160x600-EU%20Brand/adlibUtils-v3.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8187117106374901760/160x600-EU%20Brand/index.html?e=69&leftOffset=0&topOffset=0&c=CuD0k3Tjzg&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

df1aadd8cebab62de6f2d3479ccd137beaf17ed4c64b69ed7306d3bff582d76a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8187117106374901760/160x600-EU%20Brand/index.html?e=69&leftOffset=0&topOffset=0&c=CuD0k3Tjzg&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 14:48:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 519146
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10717
x-xss-protection: 0
last-modified: Wed, 30 Mar 2022 14:40:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 15 Jul 2023 14:48:17 GMT

GET
H3 200 animation.js Show response
s0.2mdn.net/sadbundle/8187117106374901760/160x600-EU%20Brand/ Frame 8406 8 KB
1 KB 82ms
80ms Script
application/x-javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8187117106374901760/160x600-EU%20Brand/animation.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8187117106374901760/160x600-EU%20Brand/index.html?e=69&leftOffset=0&topOffset=0&c=CuD0k3Tjzg&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6dd8e0ccd88583912f4ae8dcd0c8f038159be15f7b7aff9cd6c1e84bd4496182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8187117106374901760/160x600-EU%20Brand/index.html?e=69&leftOffset=0&topOffset=0&c=CuD0k3Tjzg&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 14:48:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 519146
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1500
x-xss-protection: 0
last-modified: Wed, 30 Mar 2022 14:40:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 15 Jul 2023 14:48:17 GMT

GET
H3 200 ACi6DSqP1mWZFGCZU7-0gloc5gpOF9kOHjubX77D_HU.js Show response
pagead2.googlesyndication.com/bg/ Frame 0C92 35 KB
14 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ACi6DSqP1mWZFGCZU7-0gloc5gpOF9kOHjubX77D_HU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0028ba0d2a8fd6659914609953bfb4825a1ce60a4e17d90e1e3b9b5fbec3fc75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 10:29:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16294
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13853
x-xss-protection: 0
last-modified: Thu, 07 Jul 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 21 Jul 2023 10:29:09 GMT

GET
H3 200 ACi6DSqP1mWZFGCZU7-0gloc5gpOF9kOHjubX77D_HU.js Show response
pagead2.googlesyndication.com/bg/ Frame F30A 35 KB
14 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ACi6DSqP1mWZFGCZU7-0gloc5gpOF9kOHjubX77D_HU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0028ba0d2a8fd6659914609953bfb4825a1ce60a4e17d90e1e3b9b5fbec3fc75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 10:29:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16294
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13853
x-xss-protection: 0
last-modified: Thu, 07 Jul 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 21 Jul 2023 10:29:09 GMT

GET
H3 200 ACi6DSqP1mWZFGCZU7-0gloc5gpOF9kOHjubX77D_HU.js Show response
pagead2.googlesyndication.com/bg/ Frame 3277 35 KB
14 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ACi6DSqP1mWZFGCZU7-0gloc5gpOF9kOHjubX77D_HU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0028ba0d2a8fd6659914609953bfb4825a1ce60a4e17d90e1e3b9b5fbec3fc75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 10:29:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16294
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13853
x-xss-protection: 0
last-modified: Thu, 07 Jul 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 21 Jul 2023 10:29:09 GMT

GET
H3 200 bg1.jpg
s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/ Frame 8983 30 KB
30 KB 39ms
38ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/bg1.jpg

Requested by

Host: 3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
URL: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6317cb9eae37b490a553e682b2d8fac09e3866a149c0acb3b90b26d2b1a908ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 01:54:01 GMT
x-content-type-options: nosniff
age: 565603
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31197
x-xss-protection: 0
last-modified: Fri, 04 Mar 2022 09:44:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 15 Jul 2023 01:54:01 GMT

GET
H3 200 b1.png
s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/ Frame 8983 454 B
481 B 47ms
45ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/b1.png

Requested by

Host: 3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
URL: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b5db3bb38bd76da9e83a688bdcc8001ea36d2d9721b598c01e8e1c3a5325e6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 09:51:45 GMT
x-content-type-options: nosniff
age: 536939
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 454
x-xss-protection: 0
last-modified: Fri, 04 Mar 2022 09:44:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 15 Jul 2023 09:51:45 GMT

GET
H3 200 h1.png
s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/ Frame 8983 13 KB
13 KB 44ms
41ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/h1.png

Requested by

Host: 3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
URL: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00215534b8bfbee85755fa9aa4a9b6991284de6c25528d09fa2bb7298a2b0519

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 23:10:47 GMT
x-content-type-options: nosniff
age: 229797
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13570
x-xss-protection: 0
last-modified: Fri, 04 Mar 2022 09:44:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 18 Jul 2023 23:10:47 GMT

GET
H3 200 h2.png
s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/ Frame 8983 11 KB
11 KB 42ms
40ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/h2.png

Requested by

Host: 3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
URL: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1bdf6f2f0ae6db22067d27ff6560f2720ea2cddcbe953d4e317d2e7e8b17328

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 01:39:42 GMT
x-content-type-options: nosniff
age: 566462
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11140
x-xss-protection: 0
last-modified: Fri, 04 Mar 2022 09:44:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 15 Jul 2023 01:39:42 GMT

GET
H3 200 h3.png
s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/ Frame 8983 2 KB
2 KB 45ms
44ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/h3.png

Requested by

Host: 3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
URL: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d257e529cf82beeb2dce7c62b7f7deb6747384677d1f4b5ff6e7c7936278e717

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 09:51:45 GMT
x-content-type-options: nosniff
age: 536939
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2211
x-xss-protection: 0
last-modified: Fri, 04 Mar 2022 09:44:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 15 Jul 2023 09:51:45 GMT

GET
H3 200 cta.png
s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/ Frame 8983 1 KB
2 KB 45ms
43ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/cta.png

Requested by

Host: 3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
URL: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33ac7c2a73fd64b2ea828e6a46e26d79a25439d11db5cf50b532af5697ff85d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 09:51:45 GMT
x-content-type-options: nosniff
age: 536939
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1527
x-xss-protection: 0
last-modified: Fri, 04 Mar 2022 09:44:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 15 Jul 2023 09:51:45 GMT

GET
H3 200 logo.png
s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/ Frame 8983 1 KB
1 KB 41ms
39ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/logo.png

Requested by

Host: 3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
URL: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57c6676f4aae666c5dd775495b931dbcee43f6c3b09f2fb7cf07b108a445d4a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 09:51:45 GMT
x-content-type-options: nosniff
age: 536939
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1159
x-xss-protection: 0
last-modified: Fri, 04 Mar 2022 09:44:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 15 Jul 2023 09:51:45 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3D3F 0
26 B 152ms
76ms Ping
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvfLpI5pf8HKAZsgDHylgUF0V6-ez91IRaqZgqefFmWWGbb-ZE30ifwjdtw-Qc8r8GzM6Z_L6OMG2Bw6wE4TWVqiLbBJrTxv2sSJEn35Y9CXbZbKZloznl1AX4PkicRWvRVUhKIa1BhLjnMn4guEZ71NM_28qyxErrwsNCk3u5AJiLBcbzK2kyhGUyky5RpS3XPfqIYr8Z3Y13Mc1BB_jBLyafVBAonasP5DBkRwZLSOloKkDVm9NuXesgxXYjDl9ZXpsEU_Gj251K1_LqZV-KC8P3_LAp-S7GQghP6mY0FUR6IWPxu0dF3sF9KZtncP2ifuKhHEawtW2JiYjzC3pWNRgtdtSJqjdZr3yFlZxf6q6UatVEMAKLKA4AaHCNexKtUoR-k7-mIxTNEPHZufdQjoLmoV5EnyUHIsJgipzT_EiD0KH4dMogKp6OfL52dAZ12o3HGP6sl2XwL9-4THm3lgPLKqDHc-ScpFy96zFZSvBkexKs3Z2BADhgY20ldVNfiTZxfq3u7HsgGTIWwtz9RlI-4DHpC3cbC8ABOr7NMkbT9B9is_oZ6O0mI1fzh3ggNsPbeGGAr1b-EQFAVNxSqC4rbagoF4xjQg4yCRUCWC07w6FF_hZ7aGewpd4SOyiEIDS58Jq25pFS9vxcaxxGtNlfLRSKu0sVxIBpebazrxJ5HxMsvgRKdM5Olev4jwUTzXe9fmRlcvPoA6k8B-m_Mhz3Hj5xtG3bDD26cCuWuMJY7sq_csUvzcG8JtZ7C6m1H018JtJIayuVmCd3G9RTHMhW2Z5wK2S7I5lWPbkfsynvmDXhjbUzC-kY9qEid-gy6mCtT5s4OgtquL2rz9ck4BJJFcJMCnkRqagmLyWnzFgCL2ymIjgbej7P8qhfrotA4X9A2aZLhpQSdwQNqZn280yR3CYt6Ie6gyMqWDKO82AS1bpkzdfIodhFMmUHrERwtv6swHMuq99dXoL6wS0GWCE7CjnDr2VkMk5za0bbuzW5Ir4JF4Rtt1s2O8OHus7Y90gysbNDaxm6braZuKNnP_2XxOuHWUkBobWSD22Q227YCYSlgXR2LP1yjNTkKMWtR0XnYFpldR0ABdwZb1C22TqxASmJ09FvPrTF2TKyc59xJ5iVbxk2HuIgDq4QLKyZ6xZbtmg2PXjOq7eNFQNyE7HZ9sxLFmu_Gfet47D8_ueEkorAh9fTlsz2Cr4XXWDyLiP5lvfj8iIeW5cb7IrmneGGv5DAs6hI-CKKO6umv1StfqjcuLeUX&sai=AMfl-YR5EVfta1ukLtqEPyvBy7HwSgRpyiPLvRAR0qb_i390E59ReenxemJsszS1dTfQp7qPCD-DbplVDKUsnkfuoCH3t2tG2c9q9buM-VQec8NUBfIFMeaVHRQPbybJlYu-2pyLCdjqxLfVRkxQvE3iQtkxkwa91IQr5rFga_smNhcsQimCfWTKlCGvAihOk9Da4oxqseOcu9HASJgFliLCdA&sig=Cg0ArKJSzKCW8yZPKVQqEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=737&vt=11&dtpt=399&dett=3&cstd=334&cisv=r20220719.38262&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 21 Jul 2022 15:00:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 bg1.jpg
s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/ Frame 39FC 30 KB
30 KB 40ms
39ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/bg1.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6317cb9eae37b490a553e682b2d8fac09e3866a149c0acb3b90b26d2b1a908ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 01:54:01 GMT
x-content-type-options: nosniff
age: 565603
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31197
x-xss-protection: 0
last-modified: Fri, 04 Mar 2022 09:44:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 15 Jul 2023 01:54:01 GMT

GET
H3 200 b1.png
s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/ Frame 39FC 454 B
481 B 41ms
40ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/b1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b5db3bb38bd76da9e83a688bdcc8001ea36d2d9721b598c01e8e1c3a5325e6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 09:51:45 GMT
x-content-type-options: nosniff
age: 536939
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 454
x-xss-protection: 0
last-modified: Fri, 04 Mar 2022 09:44:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 15 Jul 2023 09:51:45 GMT

GET
H3 200 h1.png
s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/ Frame 39FC 13 KB
13 KB 42ms
41ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/h1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00215534b8bfbee85755fa9aa4a9b6991284de6c25528d09fa2bb7298a2b0519

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 23:10:47 GMT
x-content-type-options: nosniff
age: 229797
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13570
x-xss-protection: 0
last-modified: Fri, 04 Mar 2022 09:44:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 18 Jul 2023 23:10:47 GMT

GET
H3 200 h2.png
s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/ Frame 39FC 11 KB
11 KB 43ms
42ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/h2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1bdf6f2f0ae6db22067d27ff6560f2720ea2cddcbe953d4e317d2e7e8b17328

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 01:39:42 GMT
x-content-type-options: nosniff
age: 566462
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11140
x-xss-protection: 0
last-modified: Fri, 04 Mar 2022 09:44:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 15 Jul 2023 01:39:42 GMT

GET
H3 200 h3.png
s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/ Frame 39FC 2 KB
2 KB 45ms
43ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/h3.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d257e529cf82beeb2dce7c62b7f7deb6747384677d1f4b5ff6e7c7936278e717

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 09:51:45 GMT
x-content-type-options: nosniff
age: 536939
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2211
x-xss-protection: 0
last-modified: Fri, 04 Mar 2022 09:44:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 15 Jul 2023 09:51:45 GMT

GET
H3 200 cta.png
s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/ Frame 39FC 1 KB
2 KB 46ms
45ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/cta.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33ac7c2a73fd64b2ea828e6a46e26d79a25439d11db5cf50b532af5697ff85d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 09:51:45 GMT
x-content-type-options: nosniff
age: 536939
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1527
x-xss-protection: 0
last-modified: Fri, 04 Mar 2022 09:44:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 15 Jul 2023 09:51:45 GMT

GET
H3 200 logo.png
s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/ Frame 39FC 1 KB
1 KB 46ms
45ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/logo.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57c6676f4aae666c5dd775495b931dbcee43f6c3b09f2fb7cf07b108a445d4a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 09:51:45 GMT
x-content-type-options: nosniff
age: 536939
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1159
x-xss-protection: 0
last-modified: Fri, 04 Mar 2022 09:44:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 15 Jul 2023 09:51:45 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 1F9F 0
26 B 144ms
75ms Ping
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvzWBhRIydcNaxfB1IJ39H7wmpZWR-kl5HeT45XoW3X664YTVw6NwgHNwI18H0VLFiv3bAhbImbzJrfxLeSOi9Rwt5u9NIpQeC3ptWuyvimq3qALOAZN-pPtlAJ2tKXwQLyPlF7CRzc79vxOluW0wpLVc0EnhIVzRP2q7fWdJ0zcrKRKEVM9c00x-rs4HOK4doDSjYvpUgwFO-t1PGdNpvq8IZSn0i_FowWh6jzYdIOeYIDM32bbT4W6EvbdXZF1Bfcmf26q5LPcLKIcdVWsiGZ4qC_r9-TL30nrrBnVnWKcmbbfTQ4DojXBxfM_BcMsb33YbXdL2OQUsuHl-8Sn6V7ux2XirbdO8E5AthZ9oj6sAZj5Cd_Ey_QC3n7k7lgYuzeWm1__xCnbbjMwqOSRe9PGcnoLBG5wZC5dKH0nDIyG-Swp-eRYaDdI3N4aGN6djL4wjNVqxKV7AoAoxeCPmPR1ORy3smZ8e0EBGFzFLyG_U08Siyci_huHb-v91i8z4Uznp0uwpI7kjWOarGCVpj7B9YC8_2qwBlNhlUKBjT9bCr9I2ra6xhE7iow91Yuuc6fJhu2_rZjT1sYDFFuYzEWF-FcpjIaVC7vyQO3nrmlxV5XjS2XDSKa5NjhrKBQZiBK6KeM7toTUHfLxN5aFsIznV1S_y70UC0giAavqDqwRjybvf1K_11cQwRsXfMo07JGBMyTvQ2mMdIaVvIKpdcdeKMVSO7x3kb10_3uytuKggG0qGmLPpuAQfTcTHL-5bOJzRZ93CMw-Wr7yG6fn2aZwY0g8mf62lYct4BJ2pihpAVUai_e747fku4wJ6tc1Ev9YQUfAFZ5_k-21rQ5ciLOmJeZDTH1R-QhgyByDAxvHoSOkE43tlntoG0YjUPFbvRuB3xYsopqaO9RJ2bpiBNq_SBkt045-Bw-TSZrsZmbGO5ecRFgqlCmj0765x9YKrJl2jqzBxA0k1Z-ivMIO5PI0Y9cVSuxmqFKX1vNZd-wN3KisXXJb7w4bFqI6OIHzsOdAHFu8cnI1Z5gLnYyOvFo8Id9qroz-tENU6pckedT6PoRP8Xgc6rB4xAJ82X1nRkX7EmddNo3YcVyQM_fmZYnoRmn_M2e6Eb6ADbDGo0qoIkzA3sadRQXi-wj8jHQa5d1xKIna5bfdm_E6XHKe59yQ8UR7NQj4IXKyJShvE5W61rTT2ZhDCDfswnZ8OckD2fXhejEX20FUzJMRXWwY0v2X8z7I1KCPvEWv5fNnbwDZffWBp0&sai=AMfl-YRIwJSfybku1anUjeBKiRZno_rt4FN0ISWBpnjtG70EIhwG4R9J1-rX8NItOnCC7rD2QMZiUqN59cTR2t4EjZHjbrrFn28zlKhkLaz2Gws1pnqlEV4IqNalDB-DSZ9DYUauoUB93n0IFuPyxBtMyYWLM4JJjWeK9CrhlPnHcbir8A0OZouq_tiIranTWG_PcO7tF1_FtGs6NwLjVQQxMA&sig=Cg0ArKJSzF2piGEBihxrEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=757&vt=11&dtpt=327&dett=3&cstd=429&cisv=r20220719.15304&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 21 Jul 2022 15:00:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame D961 0
26 B 113ms
75ms Ping
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvdEtdjzeOriwcDLbEPPPcllpxktWJs1fAJ75ki8hTsLqivBcZBRoY6CJiK1i0pYE78uWd_Sacgd1Uw55WRKMO_ITekXMVd0hmTLD-ZhlRHnBFBdT2lWCenVi22hLuDjKwLSiW9FYGgXUj3IH9xb7V4gDEFHtjzRJsAmoZjG5FohiMcf983oDsRLOI1HK27wgjJ0ngAt4wR7p13uaCMcu0aUsH1cJTw7m4ipvJRy1JEO2VVhNstfRMX6Axxa37GxIuKSCOVDpuzOM6dWSQ2WfF-biX1irgsmkekyOImiBiQ836EKe95jpX6GwiMrN8iplX7ItRjTxGODmjcZhCHNXL24LzNNCaEC9ffgT7TlojE0yj7bjb98YXPUGnzlRvRkJcSXPfyRNvtaDX7CsmQ37lmw12V_Rvh86rTMzbr8DWB8Ap2PaZRF1tc-fm8-X2zGf0BTbkScipKsdaoBLkCIc3-ECR6S3ErRvvfdFdgqzAzfavW8ejGeH6WsvcmMWLmZrly33miK9LtPdAJ_zw1gOZELronZxLWeRjwUxzoDPLl5lIUAYEA2YoyJ1M9Z_RC1RHzOJlrFXjeNMTMjFrc18aIS3z1Z0x_2i2AJBtUEW6D9_h3I89yB-mjVxEXdru3Bw49Zdpt2TD6AP3MfmGuPm9hCoEOWCgFeh7K0szOopQGubH7LBiQZjXrnM3ULOx4I7ThH-wfy2_WWv0L9DI43m6MqfARZvBc-f9du_tVx1z1AnrHyq_kd1KOEKIGj7Q7YioXdr1TqBItXsPRxtZ3_0TmgkU_V4fhlxYZAfT-6WsfLbrPWzwPnAi4v-AgmfUfnK-PllHJhNIuIWz1nO-8SdOUU59I3dKDTtKTeVpFC1gt3mxXy8DPkeLmmNdQf0rEwRJx1fb0WOUg9ry8mm7Xd036fKojnDLg9i-elar4PGxS5X-nwLgYy6EFRJNWXgbLLM8gxbFm6DJwxxJZR9-6G6GdMPtI8vJlD17yL61qH3q1Fgwhy9N__DmdoWnYj9_XVF1-z7GW5kn8co0uwYqGVFUS6_JitJrFl3u-nrSDOfGK6RQfWkBOM7cix7UADqfjtvhbChhSoQV8hOkGtcryE2zDe4lKxYHl0Xa9gvqwW0gzudOAQobpG3SG23rUXSweM0ZtbNWJjfjrjo5cMhKKAB3bSoIIqxDq4OG14w4_fxPBH1B54Uyu4elCYKtbp36_cdH0xrokMdrQgtxfzfd0r1ZjxG6O_Jq3NOFtZNeDukxemBpHSfN0QnsNVA&sai=AMfl-YScpHjFFuzpkKtuW0UeouNjFk8SmhGgG70Y6iEQulFSOFcSDm4TAgFHLdP1q8_CoU0s0fFNCJYvfCt7trYTezxLqAsBIY9sIFwj-X2TyRZIy_D6c_KmPi_cWFxwK3tf-SN0z1dK8zHq5uM3rlqpacUPpisibryUS40klAwdfwf7eYvHz_UwmiyWITGMVpOZLrS_UqPQ_VdFtMr5drcQ518E6JcH_irRqio34J3NfzJuabo&sig=Cg0ArKJSzJrbFCmyRCUPEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=747&vt=11&dtpt=421&dett=3&cstd=319&cisv=r20220719.62158&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 21 Jul 2022 15:00:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 8406 7 KB
6 KB 53ms
49ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_248&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_248.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ddd2ca290d637b7fa121fbb6befa5a994984b297791e6452f48a24fa4053782

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 21 Jul 2022 15:00:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5788
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 8406 17 KB
6 KB 48ms
48ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_248.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 21 Jul 2022 15:00:44 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 22CC 0
127 B 41ms
41ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 21 Jul 2022 15:00:43 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H3 200 IG_Logo_Right.png_1646317550286_IG_Logo_Right.png
s0.2mdn.net/dynamic/2/10930274/cdn.ad-lib.io/v3/partners/5c8fc746b301b0322c3f5247/assets/singleFiles/620cf41be95a233cf5c3d598/original/ Frame 8406 2 KB
2 KB 37ms
37ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10930274/cdn.ad-lib.io/v3/partners/5c8fc746b301b0322c3f5247/assets/singleFiles/620cf41be95a233cf5c3d598/original/IG_Logo_Right.png_1646317550286_IG_Logo_Right.png

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d84e87941b298b1dd8f2955b926916d8de9ccebf237e22a0c42de0aed88a6da8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8187117106374901760/160x600-EU%20Brand/index.html?e=69&leftOffset=0&topOffset=0&c=CuD0k3Tjzg&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 15:06:27 GMT
x-content-type-options: nosniff
age: 258857
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1841
x-xss-protection: 0
last-modified: Thu, 03 Mar 2022 14:25:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 18 Jul 2023 15:06:27 GMT

GET
H3 200 IG_Turbo_Switchers_1000_Euro_Cashback_Image_Piggy_Bank_1000x1000.png_1646317550286_IG_Turbo_Switchers_1000_Euro_Cashback_Image_Piggy_Bank_1000x1000.png
s0.2mdn.net/dynamic/2/10930274/cdn.ad-lib.io/v3/partners/5c8fc746b301b0322c3f5247/assets/singleFiles/620cdbe5e95a23cedec240a1/original/ Frame 8406 79 KB
79 KB 39ms
38ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10930274/cdn.ad-lib.io/v3/partners/5c8fc746b301b0322c3f5247/assets/singleFiles/620cdbe5e95a23cedec240a1/original/IG_Turbo_Switchers_1000_Euro_Cashback_Image_Piggy_Bank_1000x1000.png_1646317550286_IG_Turbo_Switchers_1000_Euro_Cashback_Image_Piggy_Bank_1000x1000.png

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f4898663e5e389b3cbc4bd5ca27101f2a24a525e2414cb1860858fd6f898d3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8187117106374901760/160x600-EU%20Brand/index.html?e=69&leftOffset=0&topOffset=0&c=CuD0k3Tjzg&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 20:19:00 GMT
x-content-type-options: nosniff
age: 585704
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 80917
x-xss-protection: 0
last-modified: Thu, 03 Mar 2022 14:25:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Jul 2023 20:19:00 GMT

GET
H3 200 red-box-top-empty-space2.png_1647370831555_red-box-top-empty-space2.png
s0.2mdn.net/dynamic/2/10930274/cdn.ad-lib.io/v3/partners/5c8fc746b301b0322c3f5247/assets/singleFiles/62178f2b6d848128cf6d98f0/original/ Frame 8406 1 KB
1 KB 38ms
37ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10930274/cdn.ad-lib.io/v3/partners/5c8fc746b301b0322c3f5247/assets/singleFiles/62178f2b6d848128cf6d98f0/original/red-box-top-empty-space2.png_1647370831555_red-box-top-empty-space2.png

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc2323c842142c2e8fa4fefeb4e8097d46f2dc093ad0a61ac66412d4b1b9971b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8187117106374901760/160x600-EU%20Brand/index.html?e=69&leftOffset=0&topOffset=0&c=CuD0k3Tjzg&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 14:48:14 GMT
x-content-type-options: nosniff
age: 519150
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1315
x-xss-protection: 0
last-modified: Tue, 15 Mar 2022 19:00:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 15 Jul 2023 14:48:14 GMT

GET
H3 200 logo.png_1647370831555_logo.png
s0.2mdn.net/dynamic/2/10930274/cdn.ad-lib.io/v2/partners/5c8fc746b301b0322c3f5247/assets/concepts/6165615f827cdee0431ff33f/templates/62161a816d8481c0635aeb8a/content/ Frame 8406 3 KB
3 KB 40ms
40ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10930274/cdn.ad-lib.io/v2/partners/5c8fc746b301b0322c3f5247/assets/concepts/6165615f827cdee0431ff33f/templates/62161a816d8481c0635aeb8a/content/logo.png_1647370831555_logo.png

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9112f1944c248ef716e955e69c274e79ec49cfe6b6ea79335e35b2cf5bfebb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8187117106374901760/160x600-EU%20Brand/index.html?e=69&leftOffset=0&topOffset=0&c=CuD0k3Tjzg&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 14:48:14 GMT
x-content-type-options: nosniff
age: 519150
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2867
x-xss-protection: 0
last-modified: Tue, 15 Mar 2022 19:00:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 15 Jul 2023 14:48:14 GMT

GET
H3 200 Matter-Regular.woff
s0.2mdn.net/sadbundle/8187117106374901760/160x600-EU%20Brand/ Frame 8406 34 KB
34 KB 40ms
39ms Font
font/woff 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8187117106374901760/160x600-EU%20Brand/Matter-Regular.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8187117106374901760/160x600-EU%20Brand/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bae607135143b90dab81c8beb3f0ba0f0bf2ac7b9bb6eff2e9f948c7cc5fd1f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/8187117106374901760/160x600-EU%20Brand/fonts.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 14:48:14 GMT
x-content-type-options: nosniff
age: 519150
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35032
x-xss-protection: 0
last-modified: Wed, 30 Mar 2022 14:40:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 15 Jul 2023 14:48:14 GMT

GET
H3 200 Matter-Bold.woff
s0.2mdn.net/sadbundle/8187117106374901760/160x600-EU%20Brand/ Frame 8406 35 KB
35 KB 45ms
45ms Font
font/woff 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8187117106374901760/160x600-EU%20Brand/Matter-Bold.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8187117106374901760/160x600-EU%20Brand/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28d88d2f3708ac1e2f82fbd7b7fcca72ef5bb17a7682418e09f855dbdfcdae81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/8187117106374901760/160x600-EU%20Brand/fonts.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 19:44:09 GMT
x-content-type-options: nosniff
age: 242195
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35744
x-xss-protection: 0
last-modified: Wed, 30 Mar 2022 14:40:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 18 Jul 2023 19:44:09 GMT

GET
H3 200 Matter-Medium.woff
s0.2mdn.net/sadbundle/8187117106374901760/160x600-EU%20Brand/ Frame 8406 34 KB
34 KB 42ms
42ms Font
font/woff 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8187117106374901760/160x600-EU%20Brand/Matter-Medium.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8187117106374901760/160x600-EU%20Brand/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc3e1016f3ce1d292ecefa36feb9a334e5dda01113125dc5ee6433d7362b3a33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/8187117106374901760/160x600-EU%20Brand/fonts.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 14:48:14 GMT
x-content-type-options: nosniff
age: 519150
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35244
x-xss-protection: 0
last-modified: Wed, 30 Mar 2022 14:40:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 15 Jul 2023 14:48:14 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0C92 0
20 B 74ms
74ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B4U2cG2rZYtLqCKKu9u8Px4y9kAoAAAAAOAHgBAI&bg=!CAulC0_NAAZlvz3gRb87ACkAdvg8Wj97jZj_6RB4BPrAGW2LmB764D4_iUbFKkNPKB9tDtZvehNR7wIAAAEWUgAAAAJoAQcKADSagaXPSP3Fs2ZtT5I03nK8NBO2xkd3k34qYnJOUzbV16dC90XhB2CE45m2niFwwds-O7SQmQLwmlbXXzjLP2h6Zs9fVKu_7CS1Sj5-9ygrx6dCAUm9-B7i4yOU48tYpZPuA6hCCyDPJyByUi_Q-PoqpQySKFCiMuLiv9l6ihsSpoO7cRnP5PTXABp9DgLXPtqzaocTq-woWI2Izso3RsFYBWKq7xk3cmRQnV7OwS8rB5UvAHuLFxEdXaXNYn1jSLC74g3r_7HWhRhztNVagJCrZ4LotfFhnwo6NmGrmCv-CLHzFZ2IK0phdX2JT6jRp6rJyNC_2qCud2kQurp88JWDfG7oie1Gh9o4fy0IT4jAbfKqg-fviJwoKBYrpl2JuQMbRryAWx53F7uh52DOO4-SV6b6gKy2iWJ1ZP1uVjsbMIIgJ7z95G7VJSqu60mau7objdmSLVDPgzc7CY3KAbRj5d7uedOQRfT7uHeIKT77IAxY9Ggi8awGRVCLLOhxhWRQSLfv-PyDfySwYqZXZh-5vNjwnstOztKCBZJP1mDUjBsZzt6m1AFeLbHW56rFwtruLztrEF1ZLdaT_KbjcC8YpqdEdn3UM76ud3UGfZeRMjLJZpGN_IVJ_fzPDB5m0yqrp9UFdF0bwVQ7ge_7ioOiunqV3Nrd5UGsXgOqc4SObrw86GITjHO27nzGGou9xBqBM_2F3MhiQVpoSDIl8Pj8Xvdk2PXa-LboZhAK2gnJnCK7vDloPiuV_8fXqGxrMGRwrJPPugAUoZ6otgs0OtLzWfMFtVrvsWfIWRG_Wq3lKQ81aU_iVQnXssQS-1mR1EJcQrTEjSO9ziyhvfEHdIFe72hePbLclwniwUiPOGfKigP5Or_Qx1OYWu_mgoL1by-rKI_51BjzMJHr8lgCwo7l7tgcCgHikky1-3u7yKNx18J16Wmt0GNW4y4i3YyJxle7OvS9HlErOQJqm7LUiHqzFIO56edmHYwMP7B6xGM4d-0dp5tB22uQ-DaowwbeHIgWBJtxRPGQvWLiPBbsNiMa44crDsE4XK-y-4J1SW2SXMXWTZ6uN3k

Requested by

Host: 3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
URL: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ACi6DSqP1mWZFGCZU7-0gloc5gpOF9kOHjubX77D_HU.js Show response
pagead2.googlesyndication.com/bg/ Frame 8CC4 35 KB
14 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ACi6DSqP1mWZFGCZU7-0gloc5gpOF9kOHjubX77D_HU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0028ba0d2a8fd6659914609953bfb4825a1ce60a4e17d90e1e3b9b5fbec3fc75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 10:29:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16295
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13853
x-xss-protection: 0
last-modified: Thu, 07 Jul 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 21 Jul 2023 10:29:09 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F30A 0
20 B 74ms
74ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bf_N6G2rZYqfmCKKF9u8Prd2t6AUAAAAAOAHgBAI&bg=!ExClEFTNAAZlvz3gRb87ACkAdvg8WliYTdeiBADbmLlJWAA61oMDQylqh2aYLLmxdvJn0kMY9l7XbwIAAAE2UgAAAAFoAQcKAEKoRK-VMq6bP_sCJCGEnfZB9FPj-_eFq9-pFGq0BRYpEozlvzLVvYp2f01LMXps976pmqQXNN-Cc8YFNTdYhKI-uGWZAucvF7btkEDGZHx4fCZtVUaURWA2xs0AHjs0mknVd0yL7jvSiwBjlSkp6_n6Nd4J0xQWIn2Y8pW5Yn8dBwxSGqV2oEHax2hRNH1-LEm4ingOARTycPujIKVqroQb4PqNZ3aVkCz7NfVFTspLhY2jOQc4ReIvDanF1U81sR_qeYngvZTk22fWTr6FN4qJ1giqiX58W9DnLY7o0auhlUTqIgpbGm9C_sqI48eX2IW-8lEAdLXjxgCqcGP2lC4-hJzMEQyXUlzxhgnZ_rOtbDg3GDLyUSkiMVwG7Wywmxy8nBsnUEpAILCU3WV9wkHoBcJZ1G-_0ngZYRgOTFeTOo9ztFMskQPjjd9y_EAQ9vVgIicF23lAP02Fi_BeBW21l0HEPaZjY1XljzpSfthQdu1DT1AAtjRa1nc15cKVYNds77K4y7z8u52fK67bhMYKEtTPhMHCEJ5bVlw3uzECLmHig082Uf0lvw6KOEKR40GjYVTCK9drkXBWt6ivpa8oEqig_2CY9Yi4OIBvIdj2evJ2mBTQ3r-BRzGyL_qzLdqfGE5IGHfz-gRjiiOsUM8uomGc-ocIIaN1Sx1pUBqqVEri6qEubz8IR5G_6-2L3LAVBXNRMNGGxzdOqwi3_ScqYb2ekVO4JvAA-8FRvfeejlT_fX0h204n_gPelThcO_R50c8t2_zoelNFEG6mFwJk_xD5UfFUU6EX8584eJyt0LsecSFJg9sz9kQY6NG7yuOMkA9sDUUT3Miv2YDZyyA85RvNDS4gY5KLBW8_VgJIZMMWsnEwtKgVVZAXJULXX7Jak0EY7k92TgoFWbH5pA-Eho5OTMcGTb5n-VxQ8f6d_p9iU8kMlWYI75WwPScTjNB6XCefY72SlJQ0wlXLzT3JSb71qJ-yrgCD2cu_r00857MfDADKs2rrr7k6jHgXU4of1G9b0xIn-wfjVjIS1uE1ItBs_Bw8KoYL6ujGy1I7p9tabfBeTHjdzmcJCQ

Requested by

Host: 3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com
URL: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3277 0
20 B 73ms
73ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BTw41G2rZYvfJCN7H7_UPwoWGgAcAAAAAOAHgBAI&bg=!x8SlxIDNAAZlvz3gRb87ACkAdvg8Wg7h8i86Vahiam18vawUmDXUyYE0WU3vZW9x0C6qmjKgvmScAQIAAAE3UgAAAAFoAQeZAu_7dw20GDHvwBmCLlfoOKJICPLmya7FmFsczSyme8xXw-fnyyBiGFuEN-v0DXQg34i0DgrzEdFaeJXLa4cAggQIRJyXwu4P4KyEmEa91ligbxE_k2gNB-dQNweg_RSE61IYe_URsooobGjZISUoSWphWQyMTEnO0gm2YtjBkycaYUOd_fLah0ikUaP15cC5F2BH59cB3l-j7r6j1c646Tb6FgaUnM22F8dSVJyR9i-C8_p-mWIF84AEBpYOtFrZ501j0lLyb5Yt6UudUzQJTEzbL6O3QDL5pD-_Xffz66kGgY2bEWKcFRFQSJjbgi3U1kcjcFcEoDo8ZsatDLZwKG525PG2CzCjcZMcRD0w8HmfiZejYW0j20jrKviW7OZv6AjAjGQFBeL7nbWhiEvnl4xOkk4jFx8v1HLXMkRPap4ldDeNlzUBo6InBWMqYrAzD18gkrM417F62IBZHVa6h8IPJrwcmolby4uIKdgh9q3O0Y6LEsQdSnNdQdu0ept4m3gNz6ZiJAVXI4YsQK-AchMWQhr8ycfgwZEX04PLlx7gl7u30b-kTFcyWzFljy8c9my8t_nUZHVJeOvzfU6HoFeObupEWBrBgYT5DsM29Y4gV-qP-KCUNbJHuUqOEfgf_V7fuU5q5rrFbTgT-KRfAGKQH0qlOHUvUhOf6mBk3kmoYB3pNJfwUDF70hMFo2UAvg_KXn40hP9ZhgYwGfnh-9GwqpbAgAqSWw2fb4I-qbbAAXlrAYsp0wEG-sN1wlhUZm-Xu3xsTkJ5NpX0nmljWWh36a3yuz-p_9x-RsgGRLWZs6UCy0euvERlEDs8Rr395ooXzv9NNx9SluoMSZ4KvsA3LykqC_Ibvs-UASMhfvqtWcQAMfX7tmHGyoX8-BdAz5osRLjiAeEb35KgFxdszoljhmJa4wG8_9_0jA9dfoVmwj5OpfWGESuzh6XZSjTgroca3ZR6pLra1Suspv4GceHcQJu7bV406AC7Y03O66nt

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 get Show response
odb.outbrain.com/utils/ 50 KB
16 KB 533ms
533ms Script
text/javascript 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.walla.co.il%2F&idx=8&rand=39594&key=NANOWDGT01&widgetJSId=AR_25&va=true&et=true&format=html&t=ZjA1ZGEzMWZmMGQ0ZDk4MGJmYzBhMzFjZDRkMWQ3ZmE=&adblck=false&abwl=false&px=0&py=2452&vpd=1252&cw=1600&activeTab=true&darkMode=false&ab=0&wl=0&iem=1&settings=true&recs=true&version=2000820&sig=fzcKihyX&apv=false&false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fwww.walla.co.il%2F
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c58a539c3edeb736d559dc17c0244d6fa960c2ea171df16bfffb43c0861fd434

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:45 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, HHN, Europe1
x-timer: S1658415645.516279,VS0,VE496
accept-ranges: bytes
x-served-by: cache-lga21963-LGA, cache-hhn4050-HHN
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-cache-hits: 0, 0
x-traceid: 2be988fc61c53bb7f88dacdeaf819f60
content-encoding: gzip
content-length: 15815
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 53ms
53ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022071801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071801.js?cb=31068544

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b318a2a692434bc36beb3bccdbab4401687d2fdb60925fb6a71795f6f27cd651

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 21 Jul 2022 15:00:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10986
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 62ms
62ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071801.js?cb=31068544

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 21 Jul 2022 15:00:44 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 97E2 13 KB
5 KB 37ms
37ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 5975
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Jul 2022 13:21:09 GMT
expires: Fri, 21 Jul 2023 13:21:09 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 637B 783 B
534 B 48ms
48ms Document
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d70463ccaede1c1ba107122e3d4168ffa03f44f6e0b70d83c6868dffd66671bb

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-bRtQmKnRKloFpdWNRDf_Nw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-bRtQmKnRKloFpdWNRDf_Nw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 21 Jul 2022 15:00:44 GMT
expires: Thu, 21 Jul 2022 15:00:44 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 ACi6DSqP1mWZFGCZU7-0gloc5gpOF9kOHjubX77D_HU.js Show response
pagead2.googlesyndication.com/bg/ Frame 97E2 35 KB
14 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ACi6DSqP1mWZFGCZU7-0gloc5gpOF9kOHjubX77D_HU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0028ba0d2a8fd6659914609953bfb4825a1ce60a4e17d90e1e3b9b5fbec3fc75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 10:29:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16295
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13853
x-xss-protection: 0
last-modified: Thu, 07 Jul 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 21 Jul 2023 10:29:09 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 637B 0
0 102ms
102ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022071801&jk=177848091060524&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 97E2 0
9 B 37ms
37ms Image
text/plain 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?ivMkIA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:44 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D961 42 B
64 B 80ms
80ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssBFfAblazJQagI-YxCCaGm_bEERyyzqsxnX4AYdNzSyeFmkB83BprNHylR87gte2ghiczEBAGn5nQl40QpgbmxI8U1BHqHb4_6I9-z-4nSsgJjWCa2fvNPYB4J64is62oT65jC_A&sai=AMfl-YR7m5X0uF1V62EeKvj78taoT0TRdIWS3I4wLZkcAeQplJGwAd5IEqH2Jt_T-4oJxfvtTHSvHSV8zb-YHPvZ5DXzkipcIHlA4caoJVbiijy5yPcOLYKH7UhGDH4&sig=Cg0ArKJSzI2hSRr2VEjBEAE&cid=CAASJORoUs3tl79BzfNHQ7SFMtiZXYHOwyZAUNSmyjaAXJWsB13alQ&id=lidar2&mcvt=1003&p=451,1558,491,1599&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20220718&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2273020712&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1658415642844&rpt=871&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3ca7938e5ca0cc8becc4819f80d36d7c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 43ms
43ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1658361600000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:44 GMT
content-encoding: gzip
last-modified: Wed, 29 Dec 2021 12:30:46 GMT
server: nginx
etag: W/"61cc54f6-15c19"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 22 Jul 2022 15:00:44 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 5B73 15 KB
6 KB 153ms
50ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.walla.co.il

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

5e5c9149be229df7c934f8cd1acf1b3cc9e04e29cbbe6cbe0e2d726e79930cff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-length: 6144
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 21 Jul 2022 15:00:44 GMT
server-processing-duration-in-ticks: 2330
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 132ms
46ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b6d1f6662fba6c649c4b906368c6c758a51a9ffc03639875681c3fc4ce2f8998

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:45 GMT
content-encoding: gzip
last-modified: Fri, 08 Jul 2022 20:59:27 GMT
server: nginx
etag: W/"62c89aaf-15b76"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 22 Jul 2022 15:00:45 GMT

GET
H2 200 get Show response
mv.outbrain.com/Multivac/api/ 84 KB
20 KB 714ms
713ms Script
text/javascript 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fwww.walla.co.il%2F&settings=true&recs=true&widgetJSId=AR_25&key=NANOWDGT01&version=2000820&apv=true&sig=fzcKihyX&format=html&rand=21482&iem=1&osLang=en-US&va=true&et=true&cmpStat=0&ccpaStat=0&scrW=1600&scrH=1200&t=ZjA1ZGEzMWZmMGQ0ZDk4MGJmYzBhMzFjZDRkMWQ3ZmE=&winW=1600&winH=1200&adblck=false&abwl=false&secured=true&feedIdx=8&lastIdx=8&lastCardIdx=0&fAB=no_abtest&dpr=1&cw=1600&darkMode=false&activeTab=true&ogn=https%3A%2F%2Fwww.walla.co.il%2F
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/2000820/module/streamFeed.js?e=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a7b7b903bffe1e853087441a02820651afb7d093bd32d2ca838cbfbd95da725e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:45 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, HHN, Europe1
x-timer: S1658415645.069346,VS0,VE675
accept-ranges: bytes
x-served-by: cache-lga21947-LGA, cache-hhn4050-HHN
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-cache-hits: 0, 0
x-traceid: 22ad05f05b956d47521c1b0395aec202
content-encoding: gzip
content-length: 20697
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 5B73
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=walla.co.il&sn=ChromeSyncframe&so=0&topUrl=www.walla.co.il&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=snbfgXxXNFk1aHZpeWZqcUk3TGxLTEMwU2RpOXZ4VFloRHJHSGllemF1UlhHNnRPV1V1TXVCbjB1SEVRa2VsTHFxUG90MDExTko4WEYvZUtlcmYrR1Fuc1dId0R2ZW9DbjJCMXd3eEI4bjZ0UlFROEFXYjNnSjNIYW1iLz...

417 B
628 B

161ms
50ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=snbfgXxXNFk1aHZpeWZqcUk3TGxLTEMwU2RpOXZ4VFloRHJHSGllemF1UlhHNnRPV1V1TXVCbjB1SEVRa2VsTHFxUG90MDExTko4WEYvZUtlcmYrR1Fuc1dId0R2ZW9DbjJCMXd3eEI4bjZ0UlFROEFXYjNnSjNIYW1iLzNURlorQmpUdTBZZnl1VFRYQWZITW52OWxUYVBtWnFCVTlDNW9iMU9GcnhPODlNQWJYSnRSUkh4WVFuUVdEZCtpNzh2VEdYMm9neXBNSGE5WlBPSzJHWHRzT2ZreE1HdGplNm9tWURtTjVZbmxNNlZ3Yzhyc3F4ejhnTGxSRFpXUGJZNS9ObGJzRWhYOEFtOXF1OWt6VEpNNzQ3UnRJZz09fA&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

38a6e194c0e49db2122f6f2bb70dfbe73931f928201a5bb87fb01a05e49b7831

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:44 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 4264
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:44 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=snbfgXxXNFk1aHZpeWZqcUk3TGxLTEMwU2RpOXZ4VFloRHJHSGllemF1UlhHNnRPV1V1TXVCbjB1SEVRa2VsTHFxUG90MDExTko4WEYvZUtlcmYrR1Fuc1dId0R2ZW9DbjJCMXd3eEI4bjZ0UlFROEFXYjNnSjNIYW1iLzNURlorQmpUdTBZZnl1VFRYQWZITW52OWxUYVBtWnFCVTlDNW9iMU9GcnhPODlNQWJYSnRSUkh4WVFuUVdEZCtpNzh2VEdYMm9neXBNSGE5WlBPSzJHWHRzT2ZreE1HdGplNm9tWURtTjVZbmxNNlZ3Yzhyc3F4ejhnTGxSRFpXUGJZNS9ObGJzRWhYOEFtOXF1OWt6VEpNNzQ3UnRJZz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1504
content-length: 541
expires: 0

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.walla.co.il%2F&domain=www.walla.co.il&cw=1&pbt=1&lsw=1
https://mug.criteo.com/sid?cpp=95V8pnxLMVhkUkpxTHNwckdpOFZ0RXNXWWVKcXlTYW4vdWR1UzJuUG8zMEs3cExXZzlvRnNvMEFVZ1BDUFhoVHNEZUVFeDhOdGJEOU5Mb1ROd0VLeXBJL1lQT0RoaEdkRTFEUWdUNDRFVk9FSHNkL3NrVnJJaUpHMytqcH...

404 B
659 B

51ms
51ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=95V8pnxLMVhkUkpxTHNwckdpOFZ0RXNXWWVKcXlTYW4vdWR1UzJuUG8zMEs3cExXZzlvRnNvMEFVZ1BDUFhoVHNEZUVFeDhOdGJEOU5Mb1ROd0VLeXBJL1lQT0RoaEdkRTFEUWdUNDRFVk9FSHNkL3NrVnJJaUpHMytqcHVsQnhXNEFXd0l3Y1VUV1Uzd3JSWVhLdHlGaTFObGJtc1JxQ1g3TjdOMjY2R0pEWVRpT2xSTEpucFNCWENZMkw0THZCZXZxYklvc3ZSNkhVNHRXbkZPNnNhdndTdERWVDR4NnZWK25LOU1XRkxtOW12eDEwbi9NcldoSmpSWjd0THBxTXNFcXZRMUR6WjlVTFZRckNMejRBeEFMQktuZz09fA&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

99e48c0cf077b609f778228d5dd1e78fb1c895d50672c326af0863277b887d7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:44 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 3344
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:45 GMT
location: https://mug.criteo.com/sid?cpp=95V8pnxLMVhkUkpxTHNwckdpOFZ0RXNXWWVKcXlTYW4vdWR1UzJuUG8zMEs3cExXZzlvRnNvMEFVZ1BDUFhoVHNEZUVFeDhOdGJEOU5Mb1ROd0VLeXBJL1lQT0RoaEdkRTFEUWdUNDRFVk9FSHNkL3NrVnJJaUpHMytqcHVsQnhXNEFXd0l3Y1VUV1Uzd3JSWVhLdHlGaTFObGJtc1JxQ1g3TjdOMjY2R0pEWVRpT2xSTEpucFNCWENZMkw0THZCZXZxYklvc3ZSNkhVNHRXbkZPNnNhdndTdERWVDR4NnZWK25LOU1XRkxtOW12eDEwbi9NcldoSmpSWjd0THBxTXNFcXZRMUR6WjlVTFZRckNMejRBeEFMQktuZz09fA&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.walla.co.il
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1421
content-length: 541
expires: 0

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 138ms
46ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.walla.co.il%2F&domain=www.walla.co.il&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.walla.co.il
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.walla.co.il
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Thu, 21 Jul 2022 15:00:44 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1188
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 / Show response
csync.smilewanted.com/ Frame 4BA8 6 KB
2 KB 54ms
54ms Document
text/html 104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1658361600000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d7edd472ed43536f33a822114402d6493cd20a16bb1d04423f03c6c091f1320

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 72e4ced6f93d9290-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 21 Jul 2022 15:00:45 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame A14D 281 B
554 B 205ms
37ms Document
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1658361600000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 21 Jul 2022 15:00:45 GMT
ETag: "402b2-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame DCDD 15 KB
6 KB 39ms
39ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1658361600000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=29767
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Thu, 21 Jul 2022 15:00:45 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Thu, 21 Jul 2022 23:16:52 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 9DDD 52 KB
17 KB 205ms
41ms Document
text/html 23.35.236.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1658361600000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-188.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Thu, 21 Jul 2022 15:00:45 GMT
ETag: "623de86a-cf34"
Expires: Fri, 22 Jul 2022 15:00:47 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame AE33 3 KB
2 KB 210ms
48ms Document
text/html 23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1658361600000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1388
Content-Type: text/html; charset=UTF-8
Date: Thu, 21 Jul 2022 15:00:45 GMT
ETag: "e20015-b6b-5d84d0db0c30a"
Last-Modified: Fri, 18 Feb 2022 16:05:37 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server: Apache
Vary: Accept-Encoding

GET
H2 200 sync Show response
eb2.3lift.com/ Frame ED71 37 B
139 B 41ms
41ms Document
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1658361600000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Thu, 21 Jul 2022 15:00:45 GMT

GET
H2 204 /
onetag-sys.com/usync/ Frame CF89 0
0 39ms
38ms Document
text/plain 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1658415641929

Requested by

Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1658361600000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H3 200 pd Show response
u.openx.net/w/1.0/ Frame 5D6E 0
35 B 89ms
49ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1658361600000
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/485d39a /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Thu, 21 Jul 2022 15:00:45 GMT
server: OXGW/485d39a
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame E965 52 KB
17 KB 195ms
41ms Document
text/html 23.35.236.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1658361600000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-188.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Thu, 21 Jul 2022 15:00:45 GMT
ETag: "623de86a-cf34"
Expires: Fri, 22 Jul 2022 15:00:47 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding

GET
H/1.1 200
OK prebid
b1h-euc1.zemanta.com/usersync/ 26 B
151 B 40ms
39ms Image
image/gif 213.227.153.220
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b1h-euc1.zemanta.com/usersync/prebid
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.227.153.220 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: v182.ce13.ams-01.nl.leaseweb.net
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Thu, 21 Jul 2022 15:00:45 GMT
Connection: keep-alive
Content-Length: 26
Content-Type: image/gif

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 82ms
82ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022071801&jk=177848091060524&bg=!goGlgcXNAAZlvz3gRb87ACkAdvg8WunVuTF1kStb1muuRa0qQFY9hZ4dPd5EW29urvFXuU4SeMajTAIAAABVUgAAAAJoAQeZApoRp-2_fkRtUP6NOjVfX6PnKgQ7BWNdUwZnvHvTtm64uD95_ao9dxnyg7aexcRhGNNHpCPClR5L5K_VFr3n4mqrytQr7UFYqPj4B34PCW9F2Jjb5P6CJBToju4P0IFoDDTQ95-fFrPP98fXYU73IRMfv1k0LJacGc-iHcQKs8tQImQphunipk7KuhxHC3UArkNsIb3ITluFCYL6IJA6nx9xDlQnPE29XdnJ8kyELEFsJ1ivFPVfl2ysQ2adqjczMGWbICsBWFDHCPey32P5sMvFB_7fnxUOuZGHLVSgzYaSJMn6DRsdrheQKy2eZAOx6d5sxEl3-INoKkZ6BwgBAb_K65y62VGOKNmg3FO1lstaRQEOCbv6iRauZHpeQ_zGukooDEM4uEH_E1abZ2CGgH0kg_rvNKGa1T2_ilDiTGQTCVcQlNHsuS9F0mvoovO9xHstPYnzK53GJLrYqSwGD2gWe67p0DurzMTjfOnTBXa9R7Qnm_r29YwFsZBL4Tsaqkpk3KL7zxklooo20wnboz_AXqfDmtoYPm8XQkiqTXsWrBwc7Yd8-ezLOnfngVMV8GTg3P9H-57tPvZzOOXguHTTLjYzon7UmrjeyuK35LSQu2l7VQ1pQ8qO0DtDV1s6iPDfNejmg_kbRZtL6MEpEoDAS5RS6Oawv3HjmUz-vq8u6Fp03RTlKPw1yzKjXxMuLf5p_x-YsKz_B134c_J9XiMJ5yzgIChIF-G7NmnT_WlJoGnKGshPqn0o3-eN7vVj80LQ-xW6R9qDnA2YKGvVPzWMaEpd2JWvLF0q9y6sih3AS2dTHoDMs7QaUcXzygKviDzIRtclGnwpULyw8qy-tTfy47V1X0yqpMXY2x0HP9cBZreHFKyTZcNEu-I
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 143ms
48ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Thu, 21 Jul 2022 15:00:45 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1027
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 decode_consent.js Show response
static.smilewanted.com/js/decode_consent/ Frame 4BA8 48 KB
12 KB 52ms
52ms Script
application/javascript 104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.smilewanted.com/js/decode_consent/decode_consent.js

Requested by

Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://csync.smilewanted.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2366
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Thu, 15 Apr 2021 17:11:55 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"607873db-c1ce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 72e4ced83aa89290-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame A14D 31 KB
10 KB 44ms
44ms Script
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: c3d3e53145b2e47ef3c4a2a08c8a644b8acf51380859a40d48a39447646e9a02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Thu, 21 Jul 2022 15:00:45 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 Jul 2022 20:44:25 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=54196
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9450
Expires: Fri, 22 Jul 2022 06:04:01 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 9DDD 0
741 B 45ms
44ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 21 Jul 2022 15:00:45 GMT
X-Proxy-Origin: 80.255.7.107; 80.255.7.107; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: ee9eabaa-ce87-46a9-bc25-64ba9e54e910
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame E965 0
741 B 44ms
43ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 21 Jul 2022 15:00:45 GMT
X-Proxy-Origin: 80.255.7.107; 80.255.7.107; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 19a91a7d-a322-47db-a173-8732fd50a137
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 usermatch Show response
ssum-sec.casalemedia.com/ Frame DE90 2 KB
2 KB 74ms
74ms Document
text/html 104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5099146ac3b0daaaef5d90e0bea0ecf4ba824a2db6634bc2f76c07da51ccc8e3

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 72e4ced8b8036928-FRA
content-encoding: br
content-type: text/html
date: Thu, 21 Jul 2022 15:00:45 GMT
dropped-udsids: 230|241|39|46|5|188|73|88
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R97KzQjEiIJfxqw56Bc8Ja6lmd0Efxy7qL4SgCtt6oT0TQd1oz%2FWSEd7ZuJ6lo6QFFOlmxEnRK%2FlNzXMVv%2Bxq7fqFy6KDAYUOeijC%2BloRXXnFi6ug5QQ9y%2B6rd3Nx7V6brHk%2BV%2B00u6CGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Is-Traffic-Usersync, Accept-Encoding

GET
H2 200 drop_cookie_sw.php Show response
csync.smilewanted.com/ Frame F8D2 0
547 B 54ms
54ms Document
text/html 104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/drop_cookie_sw.php
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 72e4ced8cb509290-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 21 Jul 2022 15:00:45 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
vary: Accept-Encoding

GET
H/1.1

200
OK

setuid Show response
ib.adnxs.com/prebid/ Frame 3F66
Redirect Chain

https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%...
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=09b6e8fe602f87860209682331428310

43 B
1 KB

44ms
43ms

Document
image/gif

185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=09b6e8fe602f87860209682331428310

Requested by

Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

AN-X-Request-Uuid: 77924f97-a47c-44a8-81d2-194f0683e3b2
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Thu, 21 Jul 2022 15:00:45 GMT
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma: no-cache
Server: nginx/1.21.3
X-Proxy-Origin: 80.255.7.107; 80.255.7.107; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 72e4ced8cb559290-FRA
content-type: text/html; charset=UTF-8
date: Thu, 21 Jul 2022 15:00:45 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=09b6e8fe602f87860209682331428310
server: cloudflare

GET
H3 200 connectmyusers.php Show response
cdn.connectad.io/ Frame 47C3 1 KB
914 B 125ms
82ms Document
text/html 2606:4700:10::ac43:8ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 72e4ced96ad068e5-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 21 Jul 2022 15:00:45 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
vary: Accept-Encoding

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame DE90 170 B
188 B 48ms
47ms Image
image/png 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YtlqGmNDH3nKuhWYH7btgAAABHkAAAIB&gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame DE90
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YtlqGmNDH3nKuhWYH7btgAAABHkAAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YtlqGmNDH3nKuhWYH7btgAAABHkAAAIB&dcc=t

43 B
645 B

132ms
132ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YtlqGmNDH3nKuhWYH7btgAAABHkAAAIB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 21 Jul 2022 15:00:46 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: X71EQM28XP6MA4N62XX8
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 21 Jul 2022 15:00:46 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: Y8K77ZFAWXBPKSZBEHEA
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YtlqGmNDH3nKuhWYH7btgAAABHkAAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame DE90 70 B
264 B 57ms
56ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:45 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1 400
Request failed due to privacy signals getuid
secure.adnxs.com/ Frame DE90 0
0 149ms
58ms Image
text/html 185.83.142.19
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.83.142.19 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

GET
H2 200 ix
ad4m.at/ad/sim/ Frame DE90 0
0 146ms
56ms Image
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad4m.at/ad/sim/ix?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

GET
H2 204 CookieIndex
rtb.adentifi.com/ Frame DE90 0
35 B 378ms
123ms Image
text/plain 54.243.198.75
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adentifi.com/CookieIndex
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.243.198.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-243-198-75.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:45 GMT

GET
H2 200 YtlqGmNDH3nKuhWYH7btgAAABHkAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame DE90 43 B
984 B 60ms
59ms Image
image/gif 2a05:d018:d29:3601:8acf:2f57:4f13:f9f7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/YtlqGmNDH3nKuhWYH7btgAAABHkAAAIB?gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3601:8acf:2f57:4f13:f9f7 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:45 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

GET
H2 200 ZMAwryCI
sync-tm.everesttech.net/upi/pid/ Frame DE90 85 B
259 B 131ms
130ms Image
image/png 151.101.130.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:45 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1658415646.644850,VS0,VE93
x-served-by: cache-hhn4077-HHN
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-type: image/png
content-length: 85
x-cache-hits: 0

GET
H/1.1 200
OK htw-pixel.gif
js-sec.indexww.com/ht/ Frame DE90 43 B
425 B 38ms
37ms Image
image/gif 23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js-sec.indexww.com/ht/htw-pixel.gif?YtlqGmNDH3nKuhWYH7btgAAA%261145
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Thu, 21 Jul 2022 15:00:45 GMT
Last-Modified: Tue, 24 Jan 2017 19:36:04 GMT
Server: Apache
ETag: "902a3d-2b-546dc3a097100"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=1391
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 21 Jul 2022 15:23:56 GMT

GET
H/1.1

200
OK

getuid Show response
sync.smartadserver.com/ Frame 797E
Redirect Chain

https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]
https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1

0
75 B

48ms
48ms

Document
text/plain

185.86.137.110
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.110 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
date: Thu, 21 Jul 2022 15:00:45 GMT

Redirect headers

cache-control: no-cache,no-store
content-length: 0
date: Thu, 21 Jul 2022 15:00:44 GMT
location: https://sync.smartadserver.com:443/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
pragma: no-cache

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A14D
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVWNVVSNTEtUS1FWTdH

170 B
188 B

47ms
47ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVWNVVSNTEtUS1FWTdH

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVWNVVSNTEtUS1FWTdH
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame A14D
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=eilss2H9QQigwzj6ajauPQ&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=eilss2H9QQigwzj6ajauPQ

43 B
556 B

59ms
59ms

Image
image/gif

52.94.222.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=eilss2H9QQigwzj6ajauPQ

Protocol

HTTP/1.1

Server

52.94.222.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 21 Jul 2022 15:00:46 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: V3NCVKJ2T6J13E9WMEMP
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=eilss2H9QQigwzj6ajauPQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame A14D 70 B
264 B 58ms
55ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:45 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame A14D
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=j42ckRgzSCOedTgK2hpXMw&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=j42ckRgzSCOedTgK2hpXMw

43 B
556 B

135ms
135ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=j42ckRgzSCOedTgK2hpXMw

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 21 Jul 2022 15:00:46 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 222YZQNG197DTT4YGYR4
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=j42ckRgzSCOedTgK2hpXMw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

204

v1
ads.yahoo.com/cms/ Frame A14D
Redirect Chain

https://token.rubiconproject.com/token?pid=26594
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L5V5UR51-Q-EY7G&sigv=1&esig=2~483cbf686cfd4ed62e5dd5909f988d15260907e7

0
194 B

287ms
37ms

Image
text/plain

2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L5V5UR51-Q-EY7G&sigv=1&esig=2~483cbf686cfd4ed62e5dd5909f988d15260907e7

Protocol

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:46 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L5V5UR51-Q-EY7G&sigv=1&esig=2~483cbf686cfd4ed62e5dd5909f988d15260907e7
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

setuid
px.ads.linkedin.com/ Frame A14D
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L5V5UR51-Q-EY7G

0
706 B

483ms
235ms

Image
text/plain

2620:1ec:22::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L5V5UR51-Q-EY7G
Protocol: H2
Server: 2620:1ec:22::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:45 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 3A75E5FFDE59461C8EF6BF0EC01A5A20 Ref B: VIEEDGE3021 Ref C: 2022-07-21T15:00:46Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXkUft7EXCiDYyLqGP/6w==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L5V5UR51-Q-EY7G
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame A14D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGgO5ufW-5vqTlYFeUo0Wqs&google_cver=1

0
239 B

41ms
40ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGgO5ufW-5vqTlYFeUo0Wqs&google_cver=1
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:45 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGgO5ufW-5vqTlYFeUo0Wqs&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A14D
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjFmODZmZTBlZGUzNDFjMWQzYmQwNjgwM2ZmNTMwMjg0MjNkMzA3Mw

170 B
188 B

47ms
47ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjFmODZmZTBlZGUzNDFjMWQzYmQwNjgwM2ZmNTMwMjg0MjNkMzA3Mw

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 15:00:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjFmODZmZTBlZGUzNDFjMWQzYmQwNjgwM2ZmNTMwMjg0MjNkMzA3Mw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame EB71 0
0 41ms
40ms Document
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache,no-store,must-revalidate
Content-Type: image/gif
Expires: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
X-RPHost: 3bafef7aa4e37890defcd73f0a080481

GET
H3 204 1
sync-eu.connectad.io/syncer/ Frame 810B 0
0 55ms
54ms Document
text/plain 2606:4700:10::ac43:8ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by: Host: cdn.connectad.io
URL: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://cdn.connectad.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 72e4ced9fbd868e5-FRA
date: Thu, 21 Jul 2022 15:00:45 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
via: 1.1 google

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame FA55 15 KB
6 KB 40ms
39ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=29767
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Thu, 21 Jul 2022 15:00:45 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Thu, 21 Jul 2022 23:16:52 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2

200

YtlqGmNDH3nKuhWYH7btgAAA%261145 Show response
csync.smilewanted.com/set_partner_userid_get/indexexchange/ Frame DD99
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=193216&cb=https://csync.smilewanted.com/set_partner_userid_get/indexexchange/
https://csync.smilewanted.com/set_partner_userid_get/indexexchange/YtlqGmNDH3nKuhWYH7btgAAA%261145

0
608 B

58ms
57ms

Document
text/html

104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/indexexchange/YtlqGmNDH3nKuhWYH7btgAAA%261145
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 72e4cedabe1b9290-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 21 Jul 2022 15:00:45 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 72e4ceda6a826928-FRA
content-length: 0
date: Thu, 21 Jul 2022 15:00:45 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
location: https://csync.smilewanted.com/set_partner_userid_get/indexexchange/YtlqGmNDH3nKuhWYH7btgAAA%261145
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p7OPLEo2hK1mpqsmCTFkxh0GW0DyUKLCvaAJo5ha3C6nfmzoR4wqTpEkHbz9ExZm0V0VT7t1SSeFsxfh08OdnUao6hFFfIcTTQRTcTmU4Z3dDLGx43fo9vWT2J3cTmten1N6WYc3m0HsjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame FA55 0
39 B 42ms
42ms Script
text/plain 198.47.127.19
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=81848115&p=158810&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 15:00:44 GMT
content-length: 0

GET
H2

200

/ Show response
csync.smilewanted.com/set_partner_userid_get/outbrain/ Frame 9AC6
Redirect Chain

https://b1sync.zemanta.com/usersync/smilewanted?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Foutbrain%2F__ZUID__
https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0

0
80 B

61ms
61ms

Document
text/html

104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 72e4cede2a809290-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 21 Jul 2022 15:00:46 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
vary: Accept-Encoding

Redirect headers

Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 92
Content-Type: text/html; charset=utf-8
Date: Thu, 21 Jul 2022 15:00:46 GMT
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Location: https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
Pragma: no-cache

GET
H2

200

01bfd919-eb5a-47c7-91d3-f456fe0904cd Show response
csync.smilewanted.com/set_partner_userid_get/loopme/ Frame 9C4B
Redirect Chain

https://csync.loopme.me/?redirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Floopme%2F%7Bdevice_id%7D&gdpr=0&gdpr_consent=
https://csync.smilewanted.com/set_partner_userid_get/loopme/01bfd919-eb5a-47c7-91d3-f456fe0904cd?gdpr_consent=null&gdpr=0

0
699 B

53ms
53ms

Document
text/html

104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/loopme/01bfd919-eb5a-47c7-91d3-f456fe0904cd?gdpr_consent=null&gdpr=0
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 72e4cedce86d9290-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 21 Jul 2022 15:00:46 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 72e4cedc8ddd9bda-FRA
content-length: 0
date: Thu, 21 Jul 2022 15:00:46 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: https://csync.smilewanted.com/set_partner_userid_get/loopme/01bfd919-eb5a-47c7-91d3-f456fe0904cd?gdpr_consent=null&gdpr=0
server: cloudflare

GET
H2

200

y-R8COq3tE2uEk28djeUmGoFfCYQmAHedgeWWnUOA-~A&gdpr=0&gdpr_consent= Show response
csync.smilewanted.com/set_partner_userid_get/yahoo/ Frame 571F
Redirect Chain

https://ups.analytics.yahoo.com/ups/58618/occ?gdpr=0&gdpr_consent=
https://csync.smilewanted.com/set_partner_userid_get/yahoo/y-R8COq3tE2uEk28djeUmGoFfCYQmAHedgeWWnUOA-~A&gdpr=0&gdpr_consent=

0
676 B

59ms
58ms

Document
text/html

104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/yahoo/y-R8COq3tE2uEk28djeUmGoFfCYQmAHedgeWWnUOA-~A&gdpr=0&gdpr_consent=
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 72e4cedcd8669290-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 21 Jul 2022 15:00:46 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
vary: Accept-Encoding

Redirect headers

age: 0
content-length: 0
date: Thu, 21 Jul 2022 15:00:46 GMT
location: https://csync.smilewanted.com/set_partner_userid_get/yahoo/y-R8COq3tE2uEk28djeUmGoFfCYQmAHedgeWWnUOA-~A&gdpr=0&gdpr_consent=
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server: ATS/9.1.0.46
strict-transport-security: max-age=31536000

GET
H2

200

88218977-7a02-4316-8132-0e11d03ff92b Show response
csync.smilewanted.com/set_partner_userid_get/openx/ Frame 6070
Redirect Chain

https://u.openx.net/w/1.0/cm?id=158474f5-20ec-4fcc-8ba8-4c101c556b25&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fopenx%2F
https://u.openx.net/w/1.0/cm?cc=1&id=158474f5-20ec-4fcc-8ba8-4c101c556b25&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fopenx%2F
https://csync.smilewanted.com/set_partner_userid_get/openx/88218977-7a02-4316-8132-0e11d03ff92b

0
945 B

55ms
55ms

Document
text/html

104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/openx/88218977-7a02-4316-8132-0e11d03ff92b
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 72e4cedca8339290-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 21 Jul 2022 15:00:46 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 0
content-type: text/html
date: Thu, 21 Jul 2022 15:00:46 GMT
location: https://csync.smilewanted.com/set_partner_userid_get/openx/88218977-7a02-4316-8132-0e11d03ff92b
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/485d39a
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 9DDD 0
741 B 47ms
46ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 21 Jul 2022 15:00:46 GMT
X-Proxy-Origin: 80.255.7.107; 80.255.7.107; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: c84ac7b1-0889-4354-8548-28cdd1353ebb
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame E965 0
741 B 44ms
44ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS