www.walla.co.il Open in urlscan Pro
143.204.215.15 Public Scan

URL: https://mail.walla.co.il/

URL: https://zoom.walla.co.il/
Title: וואלה! Zoomמגזין תוכן

URL: https://news.walla.co.il/
Title: חדשות

URL: https://sports.walla.co.il/
Title: ספורט

URL: https://e.walla.co.il/
Title: תרבות

URL: https://celebs.walla.co.il/
Title: סלבס

URL: https://finance.walla.co.il/
Title: כסף

URL: https://food.walla.co.il/
Title: אוכל

URL: https://healthy.walla.co.il/
Title: בריאות

URL: https://travel.walla.co.il/
Title: תיירות

URL: https://fashion.walla.co.il/
Title: אופנה

URL: https://www.sheee.co.il/
Title: Sheee

URL: https://nadlan.walla.co.il/
Title: נדל"ן

URL: https://www.wallashops.co.il/home?utm_source=wallahp1&utm_medium=topnav&utm_campaign=kniyot
Title: קניות

URL: https://mekomi.walla.co.il/
Title: מקומי

URL: https://cars.walla.co.il/
Title: רכב

URL: https://www.yad2.co.il/?utm_source=walla&utm_medium=logo

URL: https://tech.walla.co.il/
Title: טכנולוגיה

URL: https://b.walla.co.il/
Title: ברנז'ה

URL: https://marketing.walla.co.il/
Title: שיווק ודיגיטל

URL: https://home.walla.co.il/
Title: בית ועיצוב

URL: https://gaming.walla.co.il/
Title: גיימינג

URL: https://mazaltov.walla.co.il/
Title: בדרך לחתונה

URL: https://vod.walla.co.il/
Title: VOD

URL: https://horoscope.walla.co.il/zodiacs
Title: רוח והורוסקופ

URL: https://judaism.walla.co.il/
Title: יהדות

URL: https://law.walla.co.il/
Title: משפטי

URL: https://career.walla.co.il/
Title: קריירה

URL: https://tld.walla.co.il/category/13221
Title: weshow

URL: https://fun.walla.co.il/
Title: משחקים

URL: https://fantasy-sport1.walla.co.il/?utm_source=app&utm_medium=hamburger&utm_campaign=RM_WallaSport
Title: ליגת החלומות

URL: https://seniors.walla.co.il/
Title: הוותיקים המבטיחים

URL: https://healthy.walla.co.il/category/594
Title: הורות וילדים

URL: https://now.walla.co.il/
Title: NOW

URL: https://calendar.walla.co.il/
Title: לוח שנה

URL: https://tv-guide.walla.co.il/
Title: לוח שידורים

URL: https://holidays.walla.co.il/
Title: שבתות וחגים

URL: https://www.b144.co.il/?sitecode=10&subsitecode=1406&site=walla&utm_source=walla&utm_medium=header
Title: B144

URL: https://mazaltov.walla.co.il/weddingdresses/
Title: שמלות כלה

URL: https://tld.walla.co.il/
Title: טוב לדעת

URL: https://beauty.walla.co.il/
Title: ביוטי

URL: https://perfectmatch.walla.co.il/
Title: חיבורים מושלמים

URL: https://mumlazim.walla.co.il/
Title: מומלצים

URL: https://b144.walla.co.il/
Title: עסקים קטנים

URL: https://yoram.walla.co.il/
Title: לימודים

URL: https://paisculture.walla.co.il/
Title: פיס בתרבות

URL: https://www.drushim.co.il/
Title: דרושים

URL: https://tmirecycle.walla.co.il/
Title: קיץ של מחזור

URL: https://starkist.walla.co.il/
Title: כל מה שטוב בטונה

URL: https://dogsandcats.walla.co.il/
Title: כלבים וחתולים

URL: https://galil.walla.co.il/
Title: גליל, תשאלו כל דחליל

URL: https://yarokkl.walla.co.il/
Title: שומרים על כדור הארץ

URL: https://madaney.walla.co.il/
Title: מדעני העתיד

URL: https://www.wallashops.co.il/%D7%9E%D7%91%D7%A6%D7%A2%D7%99%D7%9D-3?utm_source=WALLA&utm_medium=text_linkHP&utm_campaign=mivtzeim
Title: מבצעים

URL: https://www.wallashops.co.il/?utm_source=WALLA&utm_medium=text_linkHP&utm_campaign=wallashops
Title: וואלה! שופס

URL: https://eilat.wallashops.co.il/?utm_source=WALLA&utm_medium=text_linkHP&utm_campaign=EILAT
Title: וואלה! שופס אילת

URL: https://www.wallatours.co.il/zimmer/
Title: צימרים

URL: https://www.wallaprint.co.il/?utm_source=WALLA&utm_medium=HP&utm_campaign=PRINTtext
Title: אלבומים

URL: https://vod.walla.co.il/movies
Title: סרטים

URL: https://vod.walla.co.il/tvshows
Title: סדרות

URL: https://viva.walla.co.il/
Title: ויוה

URL: https://www.facebook.com/wallanews

URL: https://twitter.com/WallaNews

URL: https://www.instagram.com/wallanews/

URL: https://www.tiktok.com/@walla.news

URL: https://help.walla.co.il/
Title: עזרה

URL: https://help.walla.co.il/section/12344
Title: כתבו לנו

URL: https://dcx.walla.co.il/walla/terms/terms.pdf
Title: תנאי שימוש

URL: https://dcx.walla.co.il/walla_news_files/a516a87cfcaef229b342c437fe2b95f7.pdf
Title: מדיניות פרטיות

URL: https://apps.walla.co.il/
Title: אפליקציות

URL: https://www.wallashops.co.il/home?utm_source=wallahp1&utm_medium=walla&utm_campaign=hpnemalakniut_1
Title: קניות

URL: https://www.wallashops.co.il/%D7%9E%D7%91%D7%A6%D7%A2%D7%99%D7%9D-3?utm_source=WALLA&utm_medium=text_linkHP&utm_campaign=sales
Title: מבצעים

URL: https://bit.ly/3cy45s1
Title: וואלה!פרינט

URL: https://healthy.walla.co.il/category/13034
Title: הורים טריים

URL: https://horoscope.walla.co.il/
Title: הורוסקופ

URL: https://vod.walla.co.il/hot
Title: HOT VOD

URL: https://news.walla.co.il/breaking
Title: מבזקי חדשות

URL: https://news.walla.co.il/break/3549007
Title: 07:56אוסטרליה: "מקבלים את 2023 ללא הגבלות קורונה"

URL: https://news.walla.co.il/break/3549003
Title: 06:49אבו מאזן: "מברכים על החלטת האו"ם, ישראל תישא באחריות לפשעיה"

URL: https://news.walla.co.il/break/3549014
Title: 08:21איראן: בית המשפט קיבל ערעור של מפגין הנידון למוות, והחזיר את תיקו לבדיקה

URL: https://bit.ly/3QIYsbr

URL: https://e.walla.co.il/item/3548546

URL: https://e.walla.co.il/item/3548793
Title: לא הלוטוס הלבןהמצעד: זו הסדרה הכי טובה של 2022

URL: https://b.walla.co.il/item/3548738
Title: חושך בטלוויזיה2022 השחורה: ההתרסקות של רשת וקשת

URL: https://food.walla.co.il/item/3548067
Title: כיוונו גבוההם רצו לעשות את הבשר הכי טוב בישראל

URL: https://healthy.walla.co.il/item/3548069
Title: גם אתם ביניהם?1 מכל 3 אנשים סובל מתופעה החדשה הזו

URL: https://travel.walla.co.il/item/3548724
Title: גם עבור מטייליםהיחידה שמצלמת כל מקום. אבל כ-ל מקום

URL: https://news.walla.co.il/item/3548845
Title: משנה את כללי המשחקכשהבינה המלאכותית מחליפה את הטבעית: הצ'אטבוט שמאיים לשנות את פני האקדמיה

URL: https://news.walla.co.il/item/3547928
Title: תחסרו לנוהמלכה ששלטה 70 שנה והמנהיג האחרון של ברית המועצות: האישים שאיבדנו ב-2022

URL: https://sports.walla.co.il/item/3549001
Title: הכל מהכלהירידה לספסל לא הפריעה לדני אבדיה לספק תצוגה מרשימה

URL: https://madaney.walla.co.il/item/3480342
Title: בשיתוף מרכז מדעני העתיד, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.התוכנית שתעזור לילדים שלכם לפרוץ את כל הגבולותבשיתוף מרכז מדעני העתיד

URL: https://cars.walla.co.il/item/3548868
Title: סוגרים את 2022יש גם כאלה שעלו: מי איבד הכי הרבה ערך בשוק המשומשות?

URL: https://e.walla.co.il/item/3549002
Title: "פורצת דרך"מגישת הטלוויזיה האגדית ברברה וולטרס הלכה לעולמה

URL: https://paisculture.walla.co.il/item/3547462
Title: בשיתוף מפעל הפיס, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.מאחורי הקלעים של מפעל הפיס: איך מחליטים באילו אמנים לתמוך?בשיתוף מפעל הפיס

URL: https://food.walla.co.il/item/3547925
Title: טאבון גז ניידהמחיר מאוד אטרקטיבי, אבל בנוגע לשאר?

URL: https://finance.walla.co.il/item/3548710
Title: שנה מטלטלתמלא תהפוכות: המנכ"לים מסכמים 2022 גועשת

URL: https://food.walla.co.il/item/3544574
Title: כל המנות, כל ההפתעות: מדריך המסעדות לסילבסטריניב גרנות

URL: https://healthy.walla.co.il/item/3548494
Title: מה סופ"ש האלכוהול הזה יעשה לגוף?ד״ר יורם מנחם

URL: https://fashion.walla.co.il/item/3548361
Title: הלוקים הכי ויראליים של 2022טלי ארבל

URL: https://tld.walla.co.il/item/3542996
Title: AiGAiN: המכשיר שעושה מהפכה במלחמה בקמטים - במבצע היכרותמוגש מטעם בי קיור לייזר

URL: https://tld.walla.co.il/item/3522160
Title: עור חלק יותר כבר אחרי שימוש אחד במכשיר המהפכני לטיפול ביתימוגש מטעם בי קיור לייזר

URL: https://103.walla.co.il/item/3464967

URL: https://e.walla.co.il/item/3547978
Title: ברוק שילדס: כפו עליי להתאהב ולהיות ערומה עם כוכב "הלגונה הכחולה" כשהייתי בת 14

URL: https://e.walla.co.il/item/3548628
Title: מאסי כהן עד נטפליקס: העימותים הגדולים של דצמבר 2022

URL: https://www.outbrain.com/what-is/default/he

URL: https://news.walla.co.il/item/3548964
Title: שאלת הכיבוש הישראלי תופנה לבית הדין בהאג, הפלסטינים חוגגים

URL: https://news.walla.co.il/item/3548985
Title: היכונו לשנת 2023: איפה יקבלו את השנה החדשה לפני כולם?

URL: https://news.walla.co.il/item/3548880
Title: "היה בבואה של הדור": הלך לעולמו הצנחן האגדי והחקלאי המסור מבית השיטה

URL: https://sports.walla.co.il/item/3549005
Title: עם נציגות ישראלית: הקבוצה שכמעט החתימה את רונאלדו

URL: https://sports.walla.co.il/item/3548978
Title: ביום הולדתו ה-38: לברון ג'יימס הזכיר למה הוא "המלך"

URL: https://sports.walla.co.il/item/3548990
Title: חצי מיליון יורו ביום?! פרטי החוזה של רונאלדו, שמדבר לראשונה על העסקה

URL: https://sport1.maariv.co.il/square/article/1015423/
Title: "שונאת שקוראים לי טרנסג'נדרית": הדוגמנית שיצאה עם אמבפה פותחת הכל

URL: https://news.walla.co.il/category/5108
Title: אסור לפספס

URL: https://home.walla.co.il/item/3548568
Title: יש לכם במדיח פיצ'ר שלא הכרתם - ובעזרתו תשימו סוף לבעיה ממש מציקה

URL: https://travel.walla.co.il/item/3547068
Title: תגלית מפתיעה: לנחשות יש שני דגדגנים - והן נהנות ורוצות יותר סקס

URL: https://tld.walla.co.il/item/3546134?lm_supplier=16893&lm_bc=18422
Title: מוגש מטעם TI SWIM, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.10 שבועות ושוחים חצי שעה חתירה בקלות! TI מתחייבים!מוגש מטעם TI SWIM

URL: https://www.sheee.co.il/item/3546745
Title: "תפסתי את החבר שלי מענג את חברתי - והם אמרו שאני מפריעה"

URL: https://e.walla.co.il/item/3548674
Title: "אהבה בשחקים" מקום חמישי: אלה הסרטים הטובים של השנה

URL: https://e.walla.co.il/item/3548875
Title: אילנה דיין, שחררי מהאובססיה לביבי ותחזרי לעשות טלוויזיה טובה

URL: https://e.walla.co.il/item/3548794
Title: יש בסרט הזה המון סקס והמון סמים, אבל הדבר החשוב ביותר איננו

URL: https://celebs.walla.co.il/item/3548776
Title: האנשים, הסקנדלים והאירועים שעשו לכם את השנה החולפת

URL: https://celebs.walla.co.il/item/3548597
Title: מקנדל ועד הארי: חידון הרכילות השלם לשנת 2022

URL: https://celebs.walla.co.il/item/3548815
Title: הדר מוכתר או בן אל תבורי? המשפיענים עושים לכם סדר

URL: https://celebs.walla.co.il/blog/3548737
Title: לכבוד השנה החדשה: יוצאת הריאליטי הצטלמה טופלס

URL: https://www.manpower.co.il/?utm_source=walla&utm_medium=content&utm_campaign=jobs_search_new

URL: https://tld.walla.co.il/item/3542996?obOrigUrl=true
Title: AiGAiN: המכשיר שעושה מהפכה במלחמה בקמטים וואלה! טוב לדעת

URL: https://www.finarsky.co.il/archives/1412?obOrigUrl=true
Title: הסדרת מעמד של ישראלים השוהים בחו"ל מכל סיבה שהיא אל מול רשויות הצבא עורך דין אבי פינרסקי | עורך דין פלילי עורך דין צבאי | ממומן

URL: https://e.walla.co.il/item/3549012?obOrigUrl=true
Title: האחרונים מבינינו, ג'יני וג'ורג'יה, חיי השקר של המבוגרים, כבודו: מדריך סדרות ינואר 2023 תרבות

URL: https://shefence-citional.com/05b647a3-ac78-48c2-9dbb-31cddb69ab67?utm_source=ob&utm_campaign=GutDE_DesktoptCPA_2309&utm_term=$section_name$&utm_content=00838a7a749ba884d2c0e5fb2b42536340-Darm-Arzt%3A+Ich+flehe+alle+Deutschen+an%2C+ihren+Darm+mit+diesem+Tipp+dur&t=$ob_click_id$&a=ob&obOrigUrl=true
Title: Darm-Arzt: Ich flehe alle Deutschen an, ihren Darm mit diesem Tipp durchzuspülen (jeden Morgen) gesundheitdarm.com | ממומן

URL: https://finance.walla.co.il/item/3548723
Title: אפס ביחסי אנוש: מה עובר על האיש העשיר בעולם?

URL: https://finance.walla.co.il/item/3548726
Title: "הקליימטק יהפוך להשקעה המובילה בתוך שלוש שנים"

URL: https://finance.walla.co.il/item/3548716
Title: בלינג בלינג: פריטים נוצצים לערב של פעם בשנה

URL: https://food.walla.co.il/item/3462147
Title: בקערה אחת, ברור: "עוגת למי יש כוח בסופ"ש" מושלמת

URL: https://food.walla.co.il/item/3547825
Title: סטייק של מסעדה, בבית: כשמקדש בשר ישראלי דופק בדלת

URL: https://healthy.walla.co.il/item/3515335
Title: סוגרים שנה: זו המחלה שהכי הפחידה אתכם בשנת 2022

URL: https://healthy.walla.co.il/item/3548055
Title: באיזה גיל מותר להתחיל להוריד שיער מהרגליים - והאם זה יעיל?

URL: https://tld.walla.co.il/item/3540204?lm_supplier=16893&lm_bc=9857
Title: מוגש מטעם שחל, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.הTripleSafe של שחל: 3 מכשירים שיכולים להציל חיים (ואחד במתנה)מוגש מטעם שחל

URL: https://tld.walla.co.il/item/3373407?lm_supplier=16893&lm_bc=9857
Title: מוגש מטעם "גברא", הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.הסוד לשיפור חיי המין שלכם – כעת במבצע מיוחדמוגש מטעם "גברא"

URL: https://tld.walla.co.il/item/3495186
Title: מוגש מטעם בי קיור לייזר, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.בלעדי: בי-קיור לייזר במבצע התנסות במחיר חסר תקדיםמוגש מטעם בי קיור לייזר

URL: https://tld.walla.co.il/item/3195867?lm_supplier=16893&lm_bc=9857
Title: מוגש מטעם שחל, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.בדיקה חכמה חושפת סיכון לשבץ מוחי - כעת במבצע מיוחדמוגש מטעם שחל

URL: https://travel.walla.co.il/item/3548514
Title: סופסוף יש תשובה: האם דיוטי פרי באמת יותר זול?

URL: https://travel.walla.co.il/item/3548244
Title: צוללן בים סוף הותקף וננשך על ידי דג עם שיניים אנושיות

URL: https://travel.walla.co.il/item/3547414
Title: החלו טיסות ישירות לאתר הסקי והשופינג הכי זול באירופה

URL: https://fashion.walla.co.il/item/3548919
Title: אבדה לעולם האופנה: מעצבת העל ויויאן ווסטווד הלכה לעולמה בגיל 81

URL: https://fashion.walla.co.il/item/3548781
Title: הפקת אופנה: 4 שלבים בחגיגות ליל הסילבסטר

URL: https://fashion.walla.co.il/item/3548798
Title: מחפשות לוק סילבסטר לוהט? בלוגרית האופנה שתספק לכן השראה מטורפת

URL: https://www.sheee.co.il/item/3548093
Title: בן אביבי: "לא הבנתי עד כמה הציפיות שלהם כואבות לי באותו רגע"

URL: https://www.sheee.co.il/item/3548136
Title: מיזנתרופית, קודרת, דכאונית: השיק האפל של וונסדיי הוא הסקסי החדש

URL: https://finance.walla.co.il/item/3547158
Title: קמצנים או לארג'ים: כמה הישראלים משלמים על טבעת אירוסין?

URL: https://nadlan.walla.co.il/item/3548917
Title: השוק תקוע? עסקאות הנדל"ן של השבוע

URL: https://nadlan.walla.co.il/item/3548898
Title: שכונת העתיד תצא לדרך: הקרקע בהרצליה שוחררה, יש זוכה במכרז הענק

URL: https://nadlan.walla.co.il/item/3548590
Title: תוך 3 חודשים: ירידה של כ-20% במחירי הקרקעות של מכרזי רמ"י בחיפה

URL: https://nadlan.walla.co.il/item/3548777
Title: הבשורה - דירות במרכז החל ממיליון שקל; הקאטץ' - רק בעוד 5 שנים

URL: https://mekomi.walla.co.il/item/3548759
Title: רוצים לעשות Airbnb בביתו של הסופר שלום אש בבת ים?

URL: https://mekomi.walla.co.il/item/3548293
Title: "חוק הזוי. לא נשתף פעולה": 3500 שח מבעלי כלבים וחתולים

URL: https://mekomi.walla.co.il/item/3548541
Title: מחסלים את החיידקים בבתי הספר בישראל

URL: https://mekomi.walla.co.il/item/3548165
Title: כך ייאבקו ברעננה ברעש המטוסים משדה התעופה בהרצליה

URL: https://food.walla.co.il/item/3543666
Title: בשיתוף טיב טעם, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.3 מתכונים חגיגיים לסוף השנה שגם אתם יכולים להכין בביתבשיתוף טיב טעם

URL: https://finance.walla.co.il/item/3544057
Title: בשיתוף טיב טעם, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.5 רשתות בעולם שחוגגות את סוף השנה קצת אחרתבשיתוף טיב טעם

URL: https://finance.walla.co.il/item/3543725
Title: בשיתוף טיב טעם, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.חוויית קנייה בניחוח בינ"ל: הדרך הנכונה לחגוג את סוף השנהבשיתוף טיב טעם

URL: https://finance.walla.co.il/item/3547489
Title: בשיתוף טיב טעם, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית."מרגיש כמו חו"ל": מצאנו את המקום הכי חגיגי בישראלבשיתוף טיב טעם

URL: https://cars.walla.co.il/item/3548866
Title: קיה EV6: סוללה של הבטחות

URL: https://cars.walla.co.il/item/3548824
Title: שתיתם? לא תוכלו לרכב על אופנוע, קורקינט ואופניים חשמליים

URL: https://cars.walla.co.il/item/3548540
Title: מרב מיכאלי משאירה את תושבי השרון עם חברת האוטובוסים המאכזבת

URL: https://tech.walla.co.il/item/3548938
Title: אילון מאסק שיגר לחלל לוויין ריגול ישראלי פרטי מתקדם

URL: https://tech.walla.co.il/item/3548790
Title: "השלכות מסוכנות": יבואנית סמסונג במהלך נגד שוק הסוללות המזויפות

URL: https://tech.walla.co.il/item/3548755
Title: ציוד עם מידע ביומטרי של אלפי חיילים נמכר ב-eBay

URL: https://tech.walla.co.il/item/3548761
Title: בלי אירוע משמעותי, עם סכנות שמצטברות: סיכום השנה בסייבר

URL: https://nadlan.walla.co.il/item/3546711
Title: בשיתוף קבוצת עמרם את נידם, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.היסטוריה בטירת כרמל: פרויקט התחדשות עירונית ראשון יצא לדרךבשיתוף קבוצת עמרם את נידם

URL: https://madaney.walla.co.il/item/3545873
Title: בשיתוף מדעני העתיד, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית."מושכים את כולם כלפי מעלה": הכירו את מדעני העתיד של ישראלבשיתוף מדעני העתיד

URL: https://healthy.walla.co.il/item/3538430
Title: בשיתוף גואון, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.1 מכל 4 גברים מתחת לגיל 40 לא נהנה במיטה. למזלם, כיום יש פתרון פשוטבשיתוף גואון

URL: https://b.walla.co.il/item/3548655
Title: תומך בסגירת התאגיד והפרטת גל"צ: שלמה קרעי ימונה לשר התקשורת

URL: https://b.walla.co.il/item/3548574
Title: הפעם האקטיביזם החברתי של המגזר העסקי פה כדי להישאר

URL: https://marketing.walla.co.il/item/3548601
Title: עוקבים אחרי העובדים? אתם מסכנים את העסק

URL: https://marketing.walla.co.il/item/3548264
Title: מגיימינג ועד קריפטו: הטכנולוגיות שמתו ב-2022

URL: https://marketing.walla.co.il/item/3547984
Title: מטבעות דיגיטליים מעצבים מחדש את הכלכלה

URL: https://home.walla.co.il/item/3548079
Title: התעלפתם עליהם: הבתים הכי יפים שראינו השנה

URL: https://home.walla.co.il/item/3548320
Title: קסם זר, בנאדם: דירה צבעונית ומעלפת בלב אמסטרדם

URL: https://gaming.walla.co.il/item/3548843
Title: מונופולים, GTA 6 ושחקן חדש בשוק הקונסולות: השנה שהייתה

URL: https://gaming.walla.co.il/item/3548783
Title: PS PLUS: המשחקים החינמיים לשנה החדשה נחשפו

URL: https://gaming.walla.co.il/item/3548592
Title: מיקרוסופט טוענת שסוני מונעת ממשחקים להגיע לאקס בוקס

URL: https://mazaltov.walla.co.il/article/archive/8211/#utm_source=walla_news&utm_campaign=merkaz
Title: נסיה מציגים: קונספט האירועים החדש ששם הכל על השולחן

URL: https://mazaltov.walla.co.il/article/event-place/8210/?utm_source=walla_news&utm_campaign=merkaz
Title: עם איתמר בן גביר כאורח הכבוד: קובי פרץ חוגג לבנו

URL: https://mazaltov.walla.co.il/article/catalog-2023/8239/?fbclid=IwAR2x5jOxJEXJfRXFn4w4jW_l9vT2jKLXt86sI-r3F9WaZVOGBTmAhL3QdZA#utm_source=walla_news&utm_campaign=merkaz
Title: מצאנו את הטבות ה-NEW YEAR הכי שוות לשמלות כלה

URL: https://vod.walla.co.il/episode/3433057
Title: קיבוצניקים

URL: https://vod.walla.co.il/movie/2594114
Title: המסע הגדול

URL: https://vod.walla.co.il/tvshow/1875641
Title: מלכת השוק

URL: https://viva.walla.co.il/tvshow/3246926
Title: חלומות בהקיץ

URL: https://tech.walla.co.il/item/3546843
Title: "כוכב הגיהנום": אוקיינוסים של לבה ושנה שנמשכת 18 שעות

URL: https://tech.walla.co.il/item/3546488
Title: העתידן של נאס"א: כלכלת החלל עומדת להתפוצץ

URL: https://healthy.walla.co.il/item/2893794
Title: סערת התמונה של אדל בספלוב: עד איזה גיל להתקלח עם הילדים?

URL: https://healthy.walla.co.il/item/3546231
Title: בשיתוף JAMA, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.אחת ולתמיד: כל מה שצריך לארוז בתיק לקראת הלידהבשיתוף JAMA

URL: https://horoscope.walla.co.il/item/3548542
Title: הורוסקופ לשנת 2023 לפי חלוקה למזלות

URL: https://horoscope.walla.co.il/item/3547305
Title: האיש שחזה את גורל הארי ומייגן במסר מדאיג לישראל

URL: https://horoscope.walla.co.il/item/3548184
Title: קלפי הטארוט קובעים: כך תצאו לדייט בשנת 2023

URL: https://judaism.walla.co.il/item/3548758
Title: מוגש מטעם שובה ישראל, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.כולם הופתעו: הרב פינטו דיבר עברית עם הבכיר האוסטרימוגש מטעם שובה ישראל

URL: https://judaism.walla.co.il/item/3548757
Title: מוגש מטעם שובה ישראל, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.צפו: התפרץ בבכי בעיצומו של המפגש הדרמטימוגש מטעם שובה ישראל

URL: https://judaism.walla.co.il/item/3548582
Title: מוגש מטעם שובה ישראל, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.הצצה לכלא העתיק בעולם: נרות חנוכה מאחורי סורג ובריחמוגש מטעם שובה ישראל

URL: https://law.walla.co.il/item/3546063
Title: בשיתוף zap משפטי, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.איך נכון לקחת משכנתא בזמני עליית הריבית?בשיתוף zap משפטי

URL: https://law.walla.co.il/item/3546064
Title: בשיתוף zap משפטי, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.מהו תרגום נוטריוני ולשם מה צריך אותו?בשיתוף zap משפטי

URL: https://law.walla.co.il/item/3546346
Title: בשיתוף zap משפטי, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.שחרור ממעצר: מדוע כדאי לפנות לעורך דין?בשיתוף zap משפטי

URL: https://career.walla.co.il/item/3528831
Title: בשיתוף Manpower, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.עד כמה היציבות התעסוקתית משחקת תפקיד בשוק העבודה?בשיתוף Manpower

URL: https://career.walla.co.il/item/3536808
Title: בשיתוף ManpowerGroup, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.כל הפרטים על אחת הדרכים היעילות לחיפוש עבודהבשיתוף ManpowerGroup

URL: https://career.walla.co.il/item/3528833
Title: בשיתוף Manpower, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.מתי צריך לשנמך את קורות החיים וכיצד לעשות את זה?בשיתוף Manpower

URL: https://tld.walla.co.il/item/3548810
Title: מוגש מטעם weshow, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.בשר בירושה: חוגגים 50 לאטליז הכי מוכר בגלילמוגש מטעם weshow

URL: https://tld.walla.co.il/item/3548637
Title: מוגש מטעם weshow, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.הוונדר וומן של עולם הביוטי: שיר נקש מובילת מהפכת הגבותמוגש מטעם weshow

URL: https://tld.walla.co.il/item/3548559
Title: מוגש מטעם weshow, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.התבלבלתם יותר מידי מהרדיפה והצעות המחיר של חברות התקשורת? זה בשבילכםמוגש מטעם weshow

URL: http://www.enaim.co.il/
Title: הסרת משקפיים

URL: https://www.b144.co.il/%D7%A4%D7%A8%D7%97%D7%99%D7%9D/%D7%AA%D7%9C-%D7%90%D7%91%D7%99%D7%91-%D7%99%D7%A4%D7%95/?&sitecode=10&subsitecode=1400&site=walla&d=1
Title: כל חנויות הפרחים

URL: https://www.b144.co.il/%D7%97%D7%A9%D7%9E%D7%9C%D7%90%D7%99%D7%9D/%D7%97%D7%A9%D7%9E%D7%9C%D7%90%D7%99%D7%9D-24-%D7%A9%D7%A2%D7%95%D7%AA/%D7%90%D7%96%D7%95%D7%A8-%D7%AA%D7%9C-%D7%90%D7%91%D7%99%D7%91-%D7%95%D7%94%D7%9E%D7%A8%D7%9B%D7%96/?&sitecode=10&subsitecode=1402&site=walla&d=1
Title: חשמלאים

URL: https://www.kamaze.co.il/
Title: השוואת מחירים

URL: https://www.b144.co.il/%D7%A0%D7%93%D7%9C%D7%9F/%D7%AA%D7%99%D7%95%D7%95%D7%9A/%D7%90%D7%96%D7%95%D7%A8-%D7%AA%D7%9C-%D7%90%D7%91%D7%99%D7%91-%D7%95%D7%94%D7%9E%D7%A8%D7%9B%D7%96/?&sitecode=10&subsitecode=1403&site=walla&d=1
Title: תיווך

URL: https://www.sugat.com/all-recipes/
Title: מתכונים מנצחים

URL: http://m.onelink.me/b3fbc033
Title: חדשות בזמן אמת

URL: http://pricelist.yad2.co.il/
Title: מחירון רכב

URL: http://www.yad2.co.il/Nadlan/sales.php
Title: דירות למכירה

URL: http://www.yad2.co.il/Nadlan/rent.php
Title: דירות להשכרה

URL: https://yoram.walla.co.il/mivdak?utm_source=wallacampaign
Title: המבדק של יורם

URL: http://www.oref.org.il/11093-he/Pakar.aspx
Title: פיקוד העורף

URL: https://news.walla.co.il/category/1
Title: חדשות בארץ

URL: https://www.maariv.co.il/jewishism/shabat-times
Title: כניסת שבת

URL: https://bama.bio/b2b
Title: הבמה שלך באינטרנט

URL: https://www.hamal.co.il/
Title: חמ"ל

ec2-35-158-173-74.eu-central-1.compute.amazonaws.com

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.walla.co.il/ HTTP 301
https://www.walla.co.il/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 95

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9869.VtbY8pnlcSMisqAmEgngTgCATidh1mcwDanEV0zVGq3ub74P0mi_Ag-_XXbIJQDM.QvOWegSncH_z_AZ0Soro18sTUKM%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9869.By8klIMXXUGuc28sVbD1XmswMoas9lBKoiwy8QyqwsKPytf99QVvpqM_ZzYNvIy82AQAqhXeQ_YfezsIYqRK5TiG74JXe3hwrMUHw7NCLBE%2C.RnDrIAL-yYTWs24p7anPAUac9AU%2C

Request Chain 96

https://mc.yandex.co.il/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.co.il&token=9869.ZERWQ12-ms3frFOD9ZUgC_0QhN_joySZ4ck6kkejXxWo3JXsejpinGnffVPk0W_5.k8FFqPXtcDIqKr9hYDgi5JsUhwY%2C HTTP 302
https://mc.yandex.co.il/sync_cookie_image_decide?token=9869.paMZ_BkgdTtvl3NOrrwWfSd0u4nL7Dwl-ww91vV1RrlApaib3jtPk9Hv4G2inUTR4z8wYHRyEo7HoiDY7mCN3S8JteOCQZ7sODnYFlFKciE%2C.fc3sJMrLs7B3ISmknNvQ3VzL1NQ%2C

Request Chain 104

https://ib.adnxs.com/getuid?https://ledger.crowdad.io/map-id?publisherId=WALLA&publisherUserId=&kaUserId=a0e6259b-cc9b-43de-8a0a-18c200cd7064&adnxsUserId=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fledger.crowdad.io%2Fmap-id%3FpublisherId%3DWALLA%26publisherUserId%3D%26kaUserId%3Da0e6259b-cc9b-43de-8a0a-18c200cd7064%26adnxsUserId%3D%24UID HTTP 302
https://ledger.crowdad.io/map-id?publisherId=WALLA&publisherUserId=&kaUserId=a0e6259b-cc9b-43de-8a0a-18c200cd7064&adnxsUserId=6142884088923626129

Request Chain 164

https://mc.yandex.com/watch/91804681?wmode=7&page-url=https%3A%2F%2Fwww.walla.co.il%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Awzrng0ylweo7u6lqi2r53%3Afp%3A321%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A943%3Acn%3A1%3Adp%3A0%3Als%3A249590984476%3Ahid%3A1062254245%3Az%3A0%3Ai%3A20221231092127%3Aet%3A1672478488%3Ac%3A1%3Arn%3A336045894%3Arqn%3A1%3Au%3A1672478488852330163%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C22%2C18%2C22%2C31%2C0%2C%2C329%2C0%2C%2C%2C%2C423%3Aco%3A0%3Acpf%3A1%3Ans%3A1672478486811%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1672478489%3At%3A%D7%95%D7%95%D7%90%D7%9C%D7%94!%20-%20%D7%94%D7%90%D7%AA%D7%A8%20%D7%94%D7%9E%D7%95%D7%91%D7%99%D7%9C%20%D7%91%D7%99%D7%A9%D7%A8%D7%90%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%9E%D7%A1%D7%91%D7%99%D7%91%20%D7%9C%D7%A9%D7%A2%D7%95%D7%9F&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/91804681/1?wmode=7&page-url=https%3A%2F%2Fwww.walla.co.il%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Awzrng0ylweo7u6lqi2r53%3Afp%3A321%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A943%3Acn%3A1%3Adp%3A0%3Als%3A249590984476%3Ahid%3A1062254245%3Az%3A0%3Ai%3A20221231092127%3Aet%3A1672478488%3Ac%3A1%3Arn%3A336045894%3Arqn%3A1%3Au%3A1672478488852330163%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C22%2C18%2C22%2C31%2C0%2C%2C329%2C0%2C%2C%2C%2C423%3Aco%3A0%3Acpf%3A1%3Ans%3A1672478486811%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1672478489%3At%3A%D7%95%D7%95%D7%90%D7%9C%D7%94%21%20-%20%D7%94%D7%90%D7%AA%D7%A8%20%D7%94%D7%9E%D7%95%D7%91%D7%99%D7%9C%20%D7%91%D7%99%D7%A9%D7%A8%D7%90%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%9E%D7%A1%D7%91%D7%99%D7%91%20%D7%9C%D7%A9%D7%A2%D7%95%D7%9F&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Request Chain 167

https://mc.yandex.com/sync_cookie_image_check_secondary HTTP 302
https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=9869.eeK0sOc_XRJnXDZqwBEclPOAktTj5ITKhIQyAcgcqzlR8u899xIGsgBRwepsr78z.xnKxP-ZKYtOkEV9fhnM7oW9k5h8%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9869.SLRrHowRDzz71lJ0Cih1fI8dD95HEqAl3sFXK8Ql2KUuMofg5X1-wjyWCyXasZGvRLlvEnnIB5wW9XzJKz4Z9wmouq_yYp0vbJudOlM-1M8%2C.D_AZou9pEAgHWx9KiJ7HQ5WIVR4%2C

Request Chain 168

https://mc.yandex.co.il/sync_cookie_image_check_secondary HTTP 302
https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.co.il&token=9869.IRrglyGDRAGgtOuOzR9mRCUa8M14dswKo3Q8Ow_FdPocrHUBV69RLJVEICHWkFyU.mIk-yN3k6wBf_OJDv97c0kQmI8w%2C HTTP 302
https://mc.yandex.co.il/sync_cookie_image_decide_secondary?token=9869.KsU6v8M3_JssKwoOu5sseQCnomZ0JCSD3iS2DEoUYttdRTbFZ5ORu8VdonamE7Lj6-mx4DkVtvHYISZBEJd5w7IQ7Q7y6HS-ZkUGHzLlXmo%2C.lB1l9c9CwuFmkqzPRvN4qH8eKXs%2C

Request Chain 198

https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjstzeXgsi3bGc-n6K4-Le3xONIlxDNsqoxQFZhhc12WWsVsAPM96gz26i3wyx1pjRVHs2z7dBGWTKG-ihYY5vT6SG8zDoUZb-FtTQNWRok1VhZ0fmcZOEDI1kq0qFTt-uMxw1XduR787QFqJc3DIGg1OQhsvK3On2coceNdwEA44gP10TOumohzIW79TIxNIT_4AZnGAvV4oTHGMkzeHaPfQI3p_21VWXsZ68CAhAsbeonD7thQoPNL76LFVfb55spG-5_XnilP-_vBghfAvAiFin1BNQNlzM4eYU4ZI52S8oxYO7Q3yMPtBIRi3R2MhiBrluSMWT0T-CO9oDlQ%26sai%3DAMfl-YSbiu1_V_MX8fns4dtWKObMcjiwePzN1BMa-n3Hb27S5t4C1-91mzD-hfzyyXfUfuyTTbXbGXQki7R7EaMsVEt-tOLmqWC_EvJORfF4BJlddBqO_FDDnFzF6ujg-aLUKg%26sig%3DCg0ArKJSzKx7GULdDnIgEAE%26uach_m%3D%5BUACH%5D%26urlfix%3D1%26adurl%3Dhttps://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDLh7jr_AEQARgBMghMyp1u-ZMMNg HTTP 302
https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDLh7jr_AEQARgBMghMyp1u-ZMMNg HTTP 301
https://tpc.googlesyndication.com/simgad/3664297453309006094

Request Chain 200

https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjsvbuwUjTHreCBkJnVsF2sHlcbPByhf6T87g9v8llLonKhdd-LDcgHeDR1xrz7NBwtFT8j2oGcdpmMqyv2rDVyqvPrd6P5NSifpOKzqDbED0CZqsI7U7JeJRMnP7Lh-B6CfDtIg2AADBQge1f6ZTnm4TE6w72-To8O_NSR9trDN9DDhnHL3zY6IUAYjEJZQulVRBEPTt0KaOtC-5DGCPUt3-zUnVg3VxUcIylEaaYXKB0GxHH4uA6rAbQaTNFeTjNPXnydWroFFIjs_W82mdtCcbjaDJ5kM5jPkFlC4iK2uIiR1QGC_2pm0BBcN7LRCTbgo1rG952wMJX-JCsEA%26sai%3DAMfl-YSWZflDJjCz4c4tt_uUjULshlKGtjbd6HK4AC-6tbxwofRJbGHvMcTHI5gMb6SkvLqT2EULPIAVyal_FM8bVAbpx6mUA4MHtIKqz9SHRuk9ABhPKUua0KQNmU7ngF5rIg%26sig%3DCg0ArKJSzF_uJRpT2_XjEAE%26uach_m%3D%5BUACH%5D%26urlfix%3D1%26adurl%3Dhttps://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDLh7jr_AEQARgBMghMyp1u-ZMMNg HTTP 302
https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDLh7jr_AEQARgBMghMyp1u-ZMMNg HTTP 301
https://tpc.googlesyndication.com/simgad/3664297453309006094

Request Chain 202

https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjst8UVmZ00jfDaZZCgshPGx7eEpCocPvDzTHBT7uX5buTVLSQLrQj3OBwlScP8eN4OUeN8Iy2dahiNHQyRlR5pefKJDkeHSAwEhopsyP4vqOzx1rntWg1XLAtaPJxd3fCi2iFEMYf7xJV8-DvrqUeUhf9pZQNcFi_rfEpqcfBLbQXBSOZ562aeFXmXGWygMuvrUSlsoMFNFMG7A9guz5nTI0Bm_l_TsIsiZyIhTleoLd87YLXRov2SwdLAMZbuZrk-47I7smEV53gQTrLE9jEIFmgHyvzw6--RqUufQUPu3n_7jmF3_LqxunXc5Xc0-RPxP2XO26cq65_pMJqX8%26sai%3DAMfl-YQgwWRqoyyn7-K47uCrMsaRfA3xboMYwfrFI73aFFKmTtxOdKTUP3Wa_jF4bgkmkYIKiBG1W9E7pLqSicGWDg8sDmNUVCj479flAZEgGht27Ww0gbztcWjyH2w99Gbn0g%26sig%3DCg0ArKJSzP-SoUYGdkkhEAE%26uach_m%3D%5BUACH%5D%26urlfix%3D1%26adurl%3Dhttps://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDLh7jr_AEQARgBMghMyp1u-ZMMNg HTTP 302
https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDLh7jr_AEQARgBMghMyp1u-ZMMNg HTTP 301
https://tpc.googlesyndication.com/simgad/3664297453309006094

Request Chain 204

https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjsvqK_VYp9KXthHHwsLHQi0wGshL_9IyU0g8VvuVboylX5gpOrImdgOgzizM6J_BeSQp5hN6nbFafxvzzt1DWRBz9gUi0uhE_MXyAe7pe9dRWugGY5yImjjjXXrzrlUQC2FmNxAzdCUxK0FOGE_IhbGQXTRhUS1km_hLcQVmsvauo1NIEjnoOo54-z5IqKSrBX9lIl26ACAEQA-lG4fFhFybxkEcAs_WfeFy_bCnXOpjBsD0z4DQqn7cO5AMPWowDx3p4s47dM3HoUFxULZSKzrnzaY3mI-OwqgRtUmwITLayYlo719oNZlzDEAzh1s6C6cvn6whnM5EypF1GIzx%26sai%3DAMfl-YTuSyYyzoIslDa7cwknaeEl3S_U3vnEmnRPXaoufMSc4wmlCCq7ys8oJuVpJ0PvkLNADgXdoK3ckwe57cyjMioinjJM1qDWbP4IOtPtgXnl7v0UOzPm0kIlXquAgU_8vw%26sig%3DCg0ArKJSzDGHXoetb2TMEAE%26uach_m%3D%5BUACH%5D%26urlfix%3D1%26adurl%3Dhttps://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDLh7jr_AEQARgBMghMyp1u-ZMMNg HTTP 302
https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDLh7jr_AEQARgBMghMyp1u-ZMMNg HTTP 301
https://tpc.googlesyndication.com/simgad/3664297453309006094

Request Chain 212

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELoDf9C0sYFg9_qI5o22JUU&google_cver=1

Request Chain 213

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y6--GX4k0RL85DpHIYUDBgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELoDf9C0sYFg9_qI5o22JUU&google_cver=1

Request Chain 214

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEKwtco2V9QVF5lEZ2uUFTuk&google_cver=1

Request Chain 215

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjE0Mjg4NDA4ODkyMzYyNjEyOQ%3D%3D

Request Chain 227

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEAWeuTem0gSDTumcaxvsVA4&google_cver=1&google_push=AavPq0OEpHDogAITlKi-Pbd6JEvW1jJsSp4mQ-vZcoBdMuyDGQvA_AFI5_PesWGyGLFlhVLrpjpQFQ-8jE8SUZLU2tvYOkLcSzHeBlMHv0NX6B0tArTJPwsNXUF2K4c7hKFkqE9DE2nnxKQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjcwODA0MzEzMzIxODU4MDc1Mw==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEOw1FjtaC3UOM6ufysdi8Kg&google_cver=1

Request Chain 228

https://a.tribalfusion.com/i.match?p=b6&u=CAESELKiBcQ7aKttvLApdYGbTno&google_cver=1&google_push=AavPq0OXGhcZaT941qpE9eNdtDOYDpHNALnxoFvuOf4lOjOMMgPgcyKXGYZc-DdZn3-zHPc8DBbRKOR_R7B_wiiqxB3xkvZjUp1B3NRH7JEuAA9OedSCkZllFa7_hBLf-nvnaE6DYMUf9w4&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0OXGhcZaT941qpE9eNdtDOYDpHNALnxoFvuOf4lOjOMMgPgcyKXGYZc-DdZn3-zHPc8DBbRKOR_R7B_wiiqxB3xkvZjUp1B3NRH7JEuAA9OedSCkZllFa7_hBLf-nvnaE6DYMUf9w4%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELKiBcQ7aKttvLApdYGbTno&google_cver=1&google_push=AavPq0OXGhcZaT941qpE9eNdtDOYDpHNALnxoFvuOf4lOjOMMgPgcyKXGYZc-DdZn3-zHPc8DBbRKOR_R7B_wiiqxB3xkvZjUp1B3NRH7JEuAA9OedSCkZllFa7_hBLf-nvnaE6DYMUf9w4&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0OXGhcZaT941qpE9eNdtDOYDpHNALnxoFvuOf4lOjOMMgPgcyKXGYZc-DdZn3-zHPc8DBbRKOR_R7B_wiiqxB3xkvZjUp1B3NRH7JEuAA9OedSCkZllFa7_hBLf-nvnaE6DYMUf9w4%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 229

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEP3nBiCxq76NvXDF7jtEehU&google_cver=1&google_push=AavPq0N-xEmGWOeucfequuH5vXVqHcVFkw6Aku_T1kW_Tsvm2rjvD0d297UCDoxdMsK_FvodNJ4tF1nXwZb6GKlsowczkhkViJZpVTXZ2ToJZSuVspq55NoChg3Sv_dQyNB6n4djUkn7eu4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEP3nBiCxq76NvXDF7jtEehU&google_push=AavPq0N-xEmGWOeucfequuH5vXVqHcVFkw6Aku_T1kW_Tsvm2rjvD0d297UCDoxdMsK_FvodNJ4tF1nXwZb6GKlsowczkhkViJZpVTXZ2ToJZSuVspq55NoChg3Sv_dQyNB6n4djUkn7eu4

Request Chain 230

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEHdgrhVOTlR12PRqNT5JIRw&google_cver=1&google_push=AavPq0NoUEhTkGVzgT-d3Bc0t-ktZV6PIllmkxWGvVwzdp1zmhzEIPDWOLR3_DauK5HFEcxeprCJkAHxh-vnl8EczBnYBpKEtoI5DBiw8X25CvRZvaMKOWlx07GXogxqF6tD4-4CiKyUAA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0NoUEhTkGVzgT-d3Bc0t-ktZV6PIllmkxWGvVwzdp1zmhzEIPDWOLR3_DauK5HFEcxeprCJkAHxh-vnl8EczBnYBpKEtoI5DBiw8X25CvRZvaMKOWlx07GXogxqF6tD4-4CiKyUAA&google_hm=eS1zN1NOTlVGRTJwSHlIOXZoblpzY1JpM2pOMmdCdndsVn5B

Request Chain 231

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHOV_y6wakBZm4zSogVorL8&google_cver=1&google_push=AavPq0Mujq8dijiPTsErI8Hk2CbwvO81jk4QM9VtwcC1n2GkR5CUiDmIpBbXFUi0WdJvdbGqJjPM9yxJOCrKP0JSA4c_0FSfq66GbMj6oeSVKaIqPdKX2bWiT2dP1-CiKXV3yddnjcsD-w HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEHOV_y6wakBZm4zSogVorL8&google_cver=1&google_push=AavPq0Mujq8dijiPTsErI8Hk2CbwvO81jk4QM9VtwcC1n2GkR5CUiDmIpBbXFUi0WdJvdbGqJjPM9yxJOCrKP0JSA4c_0FSfq66GbMj6oeSVKaIqPdKX2bWiT2dP1-CiKXV3yddnjcsD-w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTE3NzMyMjIyMjU1NTkxNDY1NA&google_push=AavPq0Mujq8dijiPTsErI8Hk2CbwvO81jk4QM9VtwcC1n2GkR5CUiDmIpBbXFUi0WdJvdbGqJjPM9yxJOCrKP0JSA4c_0FSfq66GbMj6oeSVKaIqPdKX2bWiT2dP1-CiKXV3yddnjcsD-w

Request Chain 232

https://match.360yield.com/match/ebda?google_gid=CAESEGkAWjIwaBkqFsFEOF7opvo&google_cver=1&google_push=AavPq0M_SZYacxTEU6QjrS2heL-aeJ9rskpnV-Ls75xSCLfWIWzD8r2LuSstECuCZBd_oEdqGuxhYVyXuE6qypkG-nlIux3doOFClkyMFIa6dOy2WoseMGh6rSvwiHfdr-jOrzRiQ2gc0Q8 HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEGkAWjIwaBkqFsFEOF7opvo&google_cver=1&google_push=AavPq0M_SZYacxTEU6QjrS2heL-aeJ9rskpnV-Ls75xSCLfWIWzD8r2LuSstECuCZBd_oEdqGuxhYVyXuE6qypkG-nlIux3doOFClkyMFIa6dOy2WoseMGh6rSvwiHfdr-jOrzRiQ2gc0Q8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=_EJ-mpXKSgCEdbD7OpErmQ&google_push=AavPq0M_SZYacxTEU6QjrS2heL-aeJ9rskpnV-Ls75xSCLfWIWzD8r2LuSstECuCZBd_oEdqGuxhYVyXuE6qypkG-nlIux3doOFClkyMFIa6dOy2WoseMGh6rSvwiHfdr-jOrzRiQ2gc0Q8

Request Chain 233

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEINppgz9AdrAd3p5UEGxPO4&google_cver=1&google_push=AavPq0PXRn540y6I7QsHXtM7HxAMFuzLk5mwLIWF3K_4ix0CBswMs6VfZUHErjJi9HaLO-xT32rmyEIcJ0KCKp2hK50Ht-g2BN7TVaYsBZTZkNZWR242RLPkymopbZk8LZ1GqskMPdJQoJc HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEINppgz9AdrAd3p5UEGxPO4&google_cver=1&google_push=AavPq0PXRn540y6I7QsHXtM7HxAMFuzLk5mwLIWF3K_4ix0CBswMs6VfZUHErjJi9HaLO-xT32rmyEIcJ0KCKp2hK50Ht-g2BN7TVaYsBZTZkNZWR242RLPkymopbZk8LZ1GqskMPdJQoJc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=0f105afb-2092-42b4-a326-8c182e7c26d7&%%GOOGLE_PUSH_PAIR%%

Request Chain 258

https://gcdn.2mdn.net/videoplayback/id/cf841da30618bb53/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3804568057/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/4B69049688E4003122C135632A4CB3D76DE76066.51C337EF27BC065E67B4EB8743C183ED76ACD1A3/key/ck2/file/file.mp4?cpn=R7lknflbYZG_HAZJ HTTP 302
https://r4---sn-4g5ednds.c.2mdn.net/videoplayback/id/cf841da30618bb53/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3804568057/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/6B47EFBA9FCEF920E3783AE78EA1744651658826.52E81623F810BB567F922A8A883824B76F3111EA/key/cms1/cms_redirect/yes/mh/FW/mip/2a01:4a0:2b::7/mm/42/mn/sn-4g5ednds/ms/onc/mt/1672478119/mv/u/mvi/4/pl/43?cpn=R7lknflbYZG_HAZJ&file=file.mp4

Request Chain 315

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEAWeuTem0gSDTumcaxvsVA4&google_cver=1&google_push=AavPq0P5jtCcEa58sx8OR89cq4_aYikO63o472dX9Sc2xa2wIAKWeOrXmVXxWYhfmVfsb1nPOJ6Xq6lKauGKR5I7m9YhVjv7-_LD HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjcwODA0MzEzMzIxODU4MDc1Mw==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEOw1FjtaC3UOM6ufysdi8Kg&google_cver=1

Request Chain 316

https://um.simpli.fi/gp_match?google_gid=CAESEA9JskbDPSbG7i-D-7nse2s&google_cver=1&google_push=AavPq0NWBkUp4sXE5fux0MlUW3HRuPqpxawuDq3eqkkvoVJqKNqfqFexuSmAdwCJtGmZp2sl7-xUk-GJScT7L6mue7oCNi4LTF4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E7A2B62F53D146028BC9E6C1F559061C&google_push=AavPq0NWBkUp4sXE5fux0MlUW3HRuPqpxawuDq3eqkkvoVJqKNqfqFexuSmAdwCJtGmZp2sl7-xUk-GJScT7L6mue7oCNi4LTF4

Request Chain 318

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESED3knne6YluPHHPPb7ZbXrU&google_cver=1&google_push=AavPq0N-OdqNQNBmoyzGUTqQFhe4yONQsNDS-CrHmJT9_RZcCst4EWPUh_qLA4tLeWe4idKQMoaZELxxo86-XyQilcZOuUn0CcIN HTTP 302
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=f77c74e6-1d71-4f99-9882-c848f64a9683&ssp=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0N-OdqNQNBmoyzGUTqQFhe4yONQsNDS-CrHmJT9_RZcCst4EWPUh_qLA4tLeWe4idKQMoaZELxxo86-XyQilcZOuUn0CcIN&google_hm=DxBa-yCSQrSjJowYLnwm1w==

Request Chain 319

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHOV_y6wakBZm4zSogVorL8&google_cver=1&google_push=AavPq0OuDTCIIRSzLw4A_7VQHmf5xajB4o8mJy2nyCQ7PR51ZJYnLCrvpQhMajGKoiPHYwvg4du5QUsFhHpA7FR8AAy1vymSaMqW HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTE3NzMyMjIyMjU1NTkxNDY1NA&google_push=AavPq0OuDTCIIRSzLw4A_7VQHmf5xajB4o8mJy2nyCQ7PR51ZJYnLCrvpQhMajGKoiPHYwvg4du5QUsFhHpA7FR8AAy1vymSaMqW

Request Chain 321

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEC5FKZut4iTpSV4HWLC_J0I&google_cver=1&google_push=AavPq0PMbUoXKmrvYK9orzoltrsNYge4Xj95rGDCI1j9FfA7R2S5qq-iTNXl-tks-u8MzItgDsoK9cIL8WmuB4ig-CqKjw2CL7_5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1HcmZHZ0JwRTJ1Ry50X3JXZ09taEl2Sld6bGRvUkJuX35B&google_push=AavPq0PMbUoXKmrvYK9orzoltrsNYge4Xj95rGDCI1j9FfA7R2S5qq-iTNXl-tks-u8MzItgDsoK9cIL8WmuB4ig-CqKjw2CL7_5

Request Chain 325

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFN3SBMHXy1Go1cRphCLJsY&google_cver=1

Request Chain 326

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y6--GX4k0RL85DpHIYUDBgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFN3SBMHXy1Go1cRphCLJsY&google_cver=1

Request Chain 327

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEAZa-qeTP2hos7FLc15OPH0&google_cver=1

Request Chain 328

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjE0Mjg4NDA4ODkyMzYyNjEyOQ%3D%3D

Request Chain 329

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFN3SBMHXy1Go1cRphCLJsY&google_cver=1

Request Chain 330

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y6--GX4k0RL85DpHIYUDBgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFN3SBMHXy1Go1cRphCLJsY&google_cver=1

Request Chain 331

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEAZa-qeTP2hos7FLc15OPH0&google_cver=1

Request Chain 332

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjE0Mjg4NDA4ODkyMzYyNjEyOQ%3D%3D

Request Chain 348

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEAJrXva75wy8swWaM0wPe4Q&google_cver=1&google_push=AavPq0MX-TFK2i6yyFWWCkAPsH1HBV_wLyMpHIOmXbfIxT7oONh9WsG41pRUMWXmxqEOFGuEio4wTwYWWnY71zMVIB6YUdgUHTyFZL_Zo3XF1aN8FcX4-OaBnmIrI_i5RrU6gCuXfrG-0w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AavPq0MX-TFK2i6yyFWWCkAPsH1HBV_wLyMpHIOmXbfIxT7oONh9WsG41pRUMWXmxqEOFGuEio4wTwYWWnY71zMVIB6YUdgUHTyFZL_Zo3XF1aN8FcX4-OaBnmIrI_i5RrU6gCuXfrG-0w

Request Chain 351

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIeGQOWlSw6Z9_zuy7aRm9M&google_cver=1&google_push=AavPq0Ny4UMKISlSA91qj_TvZuJjnlk3b-Ml_audIsSYDNXzKXVlQJaScCQFrnkDHaExZA2_zDlt7xULS-FlWNBiouz8HBS_yrqHwmLt4Hmg-UBMB-xAt8PtFtIyvfoANUDFou56QJzUUYI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENCUUlDWEQtMVgtNkNWNA==&google_push=AavPq0Ny4UMKISlSA91qj_TvZuJjnlk3b-Ml_audIsSYDNXzKXVlQJaScCQFrnkDHaExZA2_zDlt7xULS-FlWNBiouz8HBS_yrqHwmLt4Hmg-UBMB-xAt8PtFtIyvfoANUDFou56QJzUUYI

Request Chain 352

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEHYjSO45xBN5RAw0A6CvVqA&google_cver=1&google_push=AavPq0O4xOJ6XJcuHxvLXj4XCREApTMmZouQEh6tifRdtoJUlOQkGzTNmhtP-oEgCqtRiZE6yOW1kHbBnnYloDjtgHASI03XLTLyLY__aKKfoB-H53H8hLgz_KcEClqAeQd9qtnXR7CsS5Bd HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1HcmZHZ0JwRTJ1Ry50X3JXZ09taEl2Sld6bGRvUkJuX35B&google_push=AavPq0O4xOJ6XJcuHxvLXj4XCREApTMmZouQEh6tifRdtoJUlOQkGzTNmhtP-oEgCqtRiZE6yOW1kHbBnnYloDjtgHASI03XLTLyLY__aKKfoB-H53H8hLgz_KcEClqAeQd9qtnXR7CsS5Bd

Request Chain 353

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESECB5Tj76sRNu8mV-91GVqV0&google_cver=1&google_push=AavPq0MBV2H5Q5dS5lq427iQVpkRriqF4JO6ZRdQ5stfRtTY7f-ho9P-6PM3apjyjCR4IxtiKlA1rXPMupT9PBFaK5JVRzbqi1mrZcid2_lzFVX00tWjd9USTow1-Lky5mxymgD9DtWMZ2l2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NjE0Mjg4NDA4ODkyMzYyNjEyOQ%3D%3D&google_gid=CAESECB5Tj76sRNu8mV-91GVqV0&google_cver=1&google_push=AavPq0MBV2H5Q5dS5lq427iQVpkRriqF4JO6ZRdQ5stfRtTY7f-ho9P-6PM3apjyjCR4IxtiKlA1rXPMupT9PBFaK5JVRzbqi1mrZcid2_lzFVX00tWjd9USTow1-Lky5mxymgD9DtWMZ2l2

Request Chain 373

https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent= HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/freewheel/63efe3b826707541f628dadb689854fb?gdpr_consent=&gdpr=0

Request Chain 376

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 407

https://creativecdn.com/cm-notify?pi=smilewanted HTTP 302
https://creativecdn.com/cm-notify?pi=smilewanted&tc=1 HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/7ctc1kcITs0Fu8pB9fMY?pi=smilewanted&tc=1

Request Chain 408

https://fw.adsafeprotected.com/rfw/st/990511/61634100/4.js?ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=&adContainerId=brand_safety_Gf-vY4HXLqa99u8PgOunsA0&cbFunctionName=goog_wrapCb_Gf-vY4HXLqa99u8PgOunsA0&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.walla.co.il&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.walla.co.il%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Ff70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Ff70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:db0458b7-4be3-4dc2-9a1b-090ece622c21,c:ymEG28,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-5bd77c4f97-j8shg,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:3,mot:0,app:0,maw:0,fm:trAhiNT+111%7C112%7C12%7C13%7C14%7C151%7C152%7C153%7C1541%7C161%7C162%7C17%7C18%7C19%7C1a%7C1b1%7C1b2%7C1b3%7C1c1%7C1c2%7C1d*.990511-61634100%7C1d1%7C1d2%7C1d3%7C1e1%7C1e2%7C1e3%7C1f%7C1g%7C1h%7C1i%7C1j,idMap:1d*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:23,oid:82774fb2-88ec-11ed-a1c4-8a4543b2a4f5,v:19.8.377,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js

Request Chain 410

https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 302
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=24d5d2111c0b9b698ba36841a7691e64

Request Chain 412

https://fw.adsafeprotected.com/rfw/st/990511/61634100/4.js?ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=&adContainerId=brand_safety_Gf-vY8jELt2w3gPykpkI&cbFunctionName=goog_wrapCb_Gf-vY8jELt2w3gPykpkI&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.walla.co.il&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.walla.co.il%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Ff70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Ff70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:ce28b9cf-602a-859f-7d24-b3896159f8f4,c:ymEG3A,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-5bd77c4f97-rghpz,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:6,mot:0,app:0,maw:0,fm:trAhiPk+111%7C112%7C12%7C13%7C14%7C151%7C152%7C153%7C1541%7C161%7C162%7C17%7C18%7C19%7C1a%7C1b1%7C1b2%7C1b3%7C1c1%7C1c2%7C1d1%7C1d2%7C1d3%7C1d4%7C1e*.990511-61634100%7C1e1%7C1e2%7C1e3%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k,idMap:1e*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:25,oid:8277ec6a-88ec-11ed-b16a-5a689124d581,v:19.8.377,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js

Request Chain 416

https://um.simpli.fi/gp_match?google_gid=CAESELzL2L28q4812vpLh-UIzGU&google_cver=1&google_push=AavPq0NWuK9OKUq1Pq9ipvjrrB8z4oLUFGugSaWjrkuQGC6cliZBQeiXwViOsV0ifrZ9avL5Cj9lzNsHcHBJnkPLpUMySGrftidQ6A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E7A2B62F53D146028BC9E6C1F559061C&google_push=AavPq0NWuK9OKUq1Pq9ipvjrrB8z4oLUFGugSaWjrkuQGC6cliZBQeiXwViOsV0ifrZ9avL5Cj9lzNsHcHBJnkPLpUMySGrftidQ6A

Request Chain 417

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEMwvA-jOx95tAFV1RvGMyq4&google_cver=1&google_push=AavPq0Ns_E02VU54JacsnwgAeIWM2UXpHGDm4xtrSNKLTlpeaT1NX9l27c1C6nEnR7aemHOtjWK5FoZGHTj9fSS2H1mhAruXTvyrmg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AavPq0Ns_E02VU54JacsnwgAeIWM2UXpHGDm4xtrSNKLTlpeaT1NX9l27c1C6nEnR7aemHOtjWK5FoZGHTj9fSS2H1mhAruXTvyrmg&google_hm=kmDKUYTxRLeCaiDAELqxOCM

Request Chain 418

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEFLA40TKfyheTouIcQQjGdI&google_cver=1&google_push=AavPq0PkZcOlkkcRSC6yyIRAubT0qaxLfkiPQmkaoDW-UM9rzIlji0cJwqJ5iFHjvLAHOU3-SvdA7tawtCor2zXgC7895uUEa3VYcg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0PkZcOlkkcRSC6yyIRAubT0qaxLfkiPQmkaoDW-UM9rzIlji0cJwqJ5iFHjvLAHOU3-SvdA7tawtCor2zXgC7895uUEa3VYcg&google_hm=eS1zN1NOTlVGRTJwSHlIOXZoblpzY1JpM2pOMmdCdndsVn5B

Request Chain 419

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELt_9tA64n2c7lShc-0DRpk&google_cver=1&google_push=AavPq0M1VNsNsZfjJqtCyrjMknAg1hO5cJpJy4tRuYKxTEpfG_sMR_xnue3M1FgdplzXUpCbsvb0XZRh1deYt1rbumqvPZbqNBLu HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELt_9tA64n2c7lShc-0DRpk&google_hm=Y6__GX4k0RL85DpHIYUDBgAADHgAAAIB&google_nid=index&google_push=AavPq0M1VNsNsZfjJqtCyrjMknAg1hO5cJpJy4tRuYKxTEpfG_sMR_xnue3M1FgdplzXUpCbsvb0XZRh1deYt1rbumqvPZbqNBLu

Request Chain 420

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESENBwKOMT3OmQlcjtO7tc7dE&google_cver=1&google_push=AavPq0OoL6GvTRM8Sn9KhdnMv0Wqo4ZEX-IuIRFRr6EOQ5bfln9vrckQ_q5URIo-uZOgQoxHh99uhVAdGMF5sDxdT2MX6Mg41HqQvg HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESENBwKOMT3OmQlcjtO7tc7dE&google_cver=1&google_push=AavPq0OoL6GvTRM8Sn9KhdnMv0Wqo4ZEX-IuIRFRr6EOQ5bfln9vrckQ_q5URIo-uZOgQoxHh99uhVAdGMF5sDxdT2MX6Mg41HqQvg&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AavPq0OoL6GvTRM8Sn9KhdnMv0Wqo4ZEX-IuIRFRr6EOQ5bfln9vrckQ_q5URIo-uZOgQoxHh99uhVAdGMF5sDxdT2MX6Mg41HqQvg&google_hm=F6ERvGZHntJY28Y3QlS6XFaB

Request Chain 421

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESECB5Tj76sRNu8mV-91GVqV0&google_cver=1&google_push=AavPq0Nnk5E1P5w--KFgG1B_-ngkXlcSG8sG1NKSm9GXkdBZkA-pLCJGHTSifEEbOBiiARylK-WY-Q2xkOZ5rTSPAHxh1jMosA7a6A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NjE0Mjg4NDA4ODkyMzYyNjEyOQ%3D%3D&google_gid=CAESECB5Tj76sRNu8mV-91GVqV0&google_cver=1&google_push=AavPq0Nnk5E1P5w--KFgG1B_-ngkXlcSG8sG1NKSm9GXkdBZkA-pLCJGHTSifEEbOBiiARylK-WY-Q2xkOZ5rTSPAHxh1jMosA7a6A

Request Chain 422

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEPJJQsSHPuuYseNJ-Rl1ri4&google_cver=1&google_push=AavPq0NOKS0d4-8SxQ_fKiQcUCReN69jic3uzhVQ9rX4IhzaKhc1G253i02gUPNagEH6GZt_Nnpb-Qn1xX7zjuaWg08cMQ_PwTXjOQw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=0f105afb-2092-42b4-a326-8c182e7c26d7&%%GOOGLE_PUSH_PAIR%%

Request Chain 429

https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid] HTTP 302
https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1

Request Chain 432

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEDAIWOy4pprOpqvcnBgWQUk&google_cver=1&google_push=AavPq0NNUu6_ZrRhGeehMyBwPwR2zdBPeBzkpc1DeeHCNdLREBkK2ulqHTy5Uuce0jnvNyfR6NrOEVkxM6L3FBezPyg-YAZ1DAh_ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WTYtLUdRQUFEZEdKWndBZQ==&google_gid=CAESEDAIWOy4pprOpqvcnBgWQUk&google_cver=1&google_push=AavPq0NNUu6_ZrRhGeehMyBwPwR2zdBPeBzkpc1DeeHCNdLREBkK2ulqHTy5Uuce0jnvNyfR6NrOEVkxM6L3FBezPyg-YAZ1DAh_

Request Chain 433

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEMwvA-jOx95tAFV1RvGMyq4&google_cver=1&google_push=AavPq0Pn5JundSjU_njUkC9HNJNV-UpOT8W1Qq2ov2Txl-EMg8ARlK-mASW6WSuSfE2YibYIu2Svxc77F1FpM7yH0-4s0la0xQZV HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AavPq0Pn5JundSjU_njUkC9HNJNV-UpOT8W1Qq2ov2Txl-EMg8ARlK-mASW6WSuSfE2YibYIu2Svxc77F1FpM7yH0-4s0la0xQZV&google_hm=J7rhZ-oiQJq6ddfLBtdJRCM

Request Chain 434

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEFLA40TKfyheTouIcQQjGdI&google_cver=1&google_push=AavPq0Nh8-mDW1CN89bAX_Sm_mEbg2JtpsCS0G_1oQfjQOjTZoFfyhWM6lI8HstBsWWGmSciGDlSdeFmXOWbdVbnHxPEPlugc7M HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0Nh8-mDW1CN89bAX_Sm_mEbg2JtpsCS0G_1oQfjQOjTZoFfyhWM6lI8HstBsWWGmSciGDlSdeFmXOWbdVbnHxPEPlugc7M&google_hm=eS1zN1NOTlVGRTJwSHlIOXZoblpzY1JpM2pOMmdCdndsVn5B

Request Chain 435

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEDjdWcRC2YWKmcYF8s-tUIQ&google_cver=1&google_push=AavPq0NHUna2KmXmukyDEq-hTRdSZjHroBuP6qFp-I8fh5Pv58XVMviGwxlVdYAabBktxcxNgkIRpcbzn9vYqnglFwk71rkOo0gg HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEDjdWcRC2YWKmcYF8s-tUIQ&google_cver=1&google_push=AavPq0NHUna2KmXmukyDEq-hTRdSZjHroBuP6qFp-I8fh5Pv58XVMviGwxlVdYAabBktxcxNgkIRpcbzn9vYqnglFwk71rkOo0gg&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=QTOxV9o4RluFaQgHyu3FUQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AavPq0NHUna2KmXmukyDEq-hTRdSZjHroBuP6qFp-I8fh5Pv58XVMviGwxlVdYAabBktxcxNgkIRpcbzn9vYqnglFwk71rkOo0gg

Request Chain 437

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESECB5Tj76sRNu8mV-91GVqV0&google_cver=1&google_push=AavPq0P4ZAz9asUGI2AE-tNCfayIWVqZRU7WxjbUoOuVXrn-hgnCrzLr4P2lzLUTKUEsoMzD54k_a5KodzbZ5CnMXWzw5Hkmtw65 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NjE0Mjg4NDA4ODkyMzYyNjEyOQ%3D%3D&google_gid=CAESECB5Tj76sRNu8mV-91GVqV0&google_cver=1&google_push=AavPq0P4ZAz9asUGI2AE-tNCfayIWVqZRU7WxjbUoOuVXrn-hgnCrzLr4P2lzLUTKUEsoMzD54k_a5KodzbZ5CnMXWzw5Hkmtw65

Request Chain 440

https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010 HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/improve/fc427e9a-95ca-4a00-8475-b0fb3a912b99&partner_id=1010

Request Chain 473

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:cf5463af-ff1b-4a00-8166-3bf50d84b994&gdpr=0&gdpr_consent=

Request Chain 474

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6336672988600916080

Request Chain 476

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=4133B157-DA38-465B-8569-0807CAEDC551&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=4133B157-DA38-465B-8569-0807CAEDC551&redir=true&gdpr=0&gdpr_consent=&dcc=t

Request Chain 477

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6142884088923626129&gdpr=0&gdpr_consent=

Request Chain 479

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=QTOxV9o4RluFaQgHyu3FUQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

Request Chain 482

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3527243415 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=4133B157-DA38-465B-8569-0807CAEDC551

Request Chain 483

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDEzM0IxNTctREEzOC00NjVCLTg1NjktMDgwN0NBRURDNTUx&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 484

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEO3ueZg13ru9ALU0Lhv2XyQ&google_cver=1

Request Chain 487

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=9177322222555914654

Request Chain 507

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.walla.co.il%2F&domain=www.walla.co.il&cw=1&pbt=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=TU7JYnxIV0kzRHI4ZVlpdWlOVlFnL3c4bXRtaldzTmd3TG12UUc0ZkpsS2lsWnhHVTkzcGRaTWY4SUthajcxQ1piUGswQkV0VTZXbGZPSGJwWVU3UlpDb2ZTdXZBTkpEL0ozMjA3ck40T05IZHM0N1dURVVKTFl2T2IxY1dHbWVWOEhDK1oyb0d3OVpoaDRySkFsNGNHTC8yc2dzMnpmbXQ2TFRTL1BoVWc2UzJpYmFiMDVIUmRIOVlSaEVaK2NxRU9iNmc2UnQ3VFNmWDJSeXRUajdsbWlZdTh0WmxIWStYQ0ZPMFRMSmVpaUpmQ0xqWlNycW8zQTR0MWQzek1pQ2YzaklQfA&cppv=2

Request Chain 527

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/NeOwYSYJ63TU6i_eD6dSb8n5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-zKsdvIlE2oIXVtaIjJrfMKoLxmWYlnb.dtMNPg--~A

Request Chain 528

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NmJlY2VmNDNmMjMzZTE1ZDk1MzVmNzdlNTRhMGNmYmUxMzA1MmUzYQ

Request Chain 529

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOJ9L8JsbCmjZ2-6gr0ZXtk&google_cver=1

Request Chain 530

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LCBQICXD-1X-6CV4

Request Chain 531

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=47w7TWqFScuVwfVNvrrtsw&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=47w7TWqFScuVwfVNvrrtsw

Request Chain 532

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENCUUlDWEQtMVgtNkNWNA==

Request Chain 533

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=sWzf5dGLSaG00dsWApRibQ&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=sWzf5dGLSaG00dsWApRibQ

Request Chain 534

https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 302
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=24d5d2111c0b9b698ba36841a7691e64

Request Chain 536

https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid] HTTP 302
https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1

Request Chain 541

https://gum.criteo.com/sid/json?origin=publishertag&domain=walla.co.il&sn=ChromeSyncframe&so=3&topUrl=www.walla.co.il&bundle=ek2RK19nOTF1MTkwWDBUMkp4SkFFODdKJTJGejVJb0JGNmxZVWFlTVpEVkFDMVN2UGl0QUpyS0EyakNweHFDYnhyNEc5d1d6bVVDc0pwNDIzVyUyRlhxQiUyQmlYeTdDTWZBWVAlMkZ1WU85ekpaSlpGUGhTemp5ejNoQlgwJTJGeFZVTXlYbkpZcFUwc2Q&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=l8X5THxTckdJZG9tcXJXMDR2dHlJb1BPRlpIQ0x4NWc2WTVhMUlKMnMwZGJVOURCVVZmcHhXL3daTHJGWjU0dG9WUmNmVFYrSDlpTUdaUFBUNGJIN2U0eHNYNXhXNjlQWUZWdFlDL2ozZm5xUlhwNmpFTk16T2pLdEtzSTduWDczbTRrNEQ3Zm9ndUhBcHIvb2hpRWc0OGx3YndjMFdaTGI5QXpnMTJSaVhvem1hUHJkZ25yVUxTT3JNR1JwdjRKcXE1ZlZzc016RStDUUw2K2Nad3pjakd0Y3BGaEVzY2hEYkFSVDFsZmFiVmcyOXlHZnFPUGxjOCtBVEo0ZzREWTZqdExsR0t6WWJoZGdGYTNWc2hOQm4wUHhEQT09fA&cppv=2

Request Chain 542

https://ssum-sec.casalemedia.com/usermatchredir?s=193216&cb=https://csync.smilewanted.com/set_partner_userid_get/indexexchange/ HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/indexexchange/Y6--GX4k0RL85DpHIYUDBgAA%263192

Request Chain 544

https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID&__user_check__=1&sync_id=83e34276-88ec-11ed-967f-1ee5b9e10106 HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/spotx/83e34231-88ec-11ed-967f-1ee5b9e10106

Request Chain 547

https://b1sync.zemanta.com/usersync/smilewanted?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Foutbrain%2F__ZUID__ HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0

Request Chain 550

https://csync.loopme.me/?redirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Floopme%2F%7Bdevice_id%7D&gdpr=0&gdpr_consent= HTTP 307
https://csync.smilewanted.com/set_partner_userid_get/loopme/7655e3f8-dad5-4f2a-8a26-a4c3fac78a7b?gdpr_consent=null&gdpr=0

Request Chain 561

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=KXQc2HkhTN8yfxiKLXRQj3kjGIkyIRiJKn7zTSGl

Request Chain 562

https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7183240439289673868&gdpr=0&gdpr_consent=

Request Chain 563

https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=l0-mn9YdS7BVYr1235t4w1FfBSM

Request Chain 564

https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFPZTJVN0hYXzRBQUNCX3hxcXZGdw&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAOe2U7HX_4AACB_xqqvFw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 302
https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAOe2U7HX_4AACB_xqqvFw&pid=558502&do=add&gdpr=0 HTTP 303
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAOe2U7HX_4AACB_xqqvFw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=5509693535018914195&gdpr=0&gdpr_consent= HTTP 303
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAOe2U7HX_4AACB_xqqvFw&gdpr=0&gdpr_consent=

Request Chain 565

https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=4133B157-DA38-465B-8569-0807CAEDC551 HTTP 302
https://a.audrte.com/p

Request Chain 566

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=4133B157-DA38-465B-8569-0807CAEDC551&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=4133B157-DA38-465B-8569-0807CAEDC551&sInitiator=external&gdpr=0&gdpr_consent=

Request Chain 567

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=4133B157-DA38-465B-8569-0807CAEDC551&gdpr= HTTP 302
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=4133B157-DA38-465B-8569-0807CAEDC551&gdpr=&fbounce=1 HTTP 302
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=4133B157-DA38-465B-8569-0807CAEDC551&addseg=19,36,42

Request Chain 568

https://pixel.onaudience.com/?partner=214&mapped=4133B157-DA38-465B-8569-0807CAEDC551&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0

Request Chain 570

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=4133B157-DA38-465B-8569-0807CAEDC551&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Xxxp9t5E2uUG7hBR7Sqd7Ta5Uveq_B0-~A&gdpr=0&gdpr_consent=

Request Chain 571

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=0f105afb-2092-42b4-a326-8c182e7c26d7 HTTP 302
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=0f105afb-2092-42b4-a326-8c182e7c26d7 HTTP 302
https://x.bidswitch.net/sync?dsp_id=4&user_id=8abb9270-7531-4f41-9a72-a1ffd151f044&ssp=pubmatic&expires=30&user_group=5&bsw_param=0f105afb-2092-42b4-a326-8c182e7c26d7 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=0f105afb-2092-42b4-a326-8c182e7c26d7&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 574

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2708043133218580753&gdpr=0&gdpr_consent=&us_privacy=

566 HTTP transactions
12 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.walla.co.il/
Redirect Chain

http://www.walla.co.il/
https://www.walla.co.il/

569 KB
271 KB

41ms
18ms

Document
text/html

143.204.215.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-15.fra53.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: f23d66f6297adabc8a0f7795b73265577f5edb6cf5480aeb38c15d512ccfdd95

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 14
cache-control: public, max-age=30
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sat, 31 Dec 2022 09:21:26 GMT
etag: W/"8e585-8GFWPirI7XIhbhX+S/1WOAQylRQ"
server: openresty/1.15.8.1
vary: Accept-Encoding
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
x-amz-cf-id: u0iwtreuBMyMvydYTQXPQpv7e6fo-_NKeOXr9hVeIPZVWCVMxxuiTA==
x-amz-cf-pop: FRA53-C1
x-cache: Hit from cloudfront
x-cached: MISS

Redirect headers

Connection: keep-alive
Content-Length: 167
Content-Type: text/html
Date: Sat, 31 Dec 2022 09:21:26 GMT
Location: https://www.walla.co.il/
Server: CloudFront
Via: 1.1 18e87eada05046c231b7f49230fa6dc4.cloudfront.net (CloudFront)
X-Amz-Cf-Id: uoUX7JWHPWG94Ul4mhH_twgJMVG7oQQxM_Hzr9OsFojr8rz8q7YjsQ==
X-Amz-Cf-Pop: FRA53-C1
X-Cache: Redirect from cloudfront

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 81 KB
28 KB 118ms
56ms Script
text/javascript 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34fd432b7a129fd6d9599b585bcfc8cde51d7cfd47ad4f906f0b36ac359a562a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27666
x-xss-protection: 0
server: sffe
etag: "1437 / 621 of 1000 / last-modified: 1670587582"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 31 Dec 2022 09:21:26 GMT

GET
H2 200 chartbeat_mab.js Show response
static.chartbeat.com/js/ 23 KB
10 KB 90ms
16ms Script
application/x-javascript 2600:9000:2304:f400:18:1fcd:351:7bc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_mab.js
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:f400:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 00:43:34 GMT
content-encoding: gzip
via: 1.1 a17242a6cf9be61e0412ecea1610cbde.cloudfront.net (CloudFront)
last-modified: Wed, 20 Jul 2022 00:57:56 GMT
server: nginx
x-amz-cf-pop: VIE50-P1
age: 31072
etag: W/"62d75314-5d6b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: wj6uBIYTXw370syTKzCE4Z27X6Z6N6F20wNLCJflC83bx8xv9QFEIg==
expires: Sun, 01 Jan 2023 00:43:34 GMT

GET
H2 200 new-logo-mobile.svg
www.walla.co.il/public/assets/homepage2/ 1 KB
967 B 8ms
8ms Image
image/svg+xml 143.204.215.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/homepage2/new-logo-mobile.svg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-15.fra53.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: a1cb876b8d4ac161aa3960063801ce2a3e1f893863524b9132de74867fe9d16b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 11:03:54 GMT
content-encoding: gzip
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
last-modified: Fri, 30 Dec 2022 10:46:16 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA53-C1
age: 80252
etag: W/"473-18562a3bcc0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-id: GBzHr9gZIaKbyRIqA15MdIJ5vf6VO2iGl3D_VHmiDbfDNf1Czyz3LA==
x-cached: MISS

GET
H2 200 icon-weather-mobile.svg
www.walla.co.il/public/assets/icons/ 2 KB
1 KB 9ms
8ms Image
image/svg+xml 143.204.215.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/icons/icon-weather-mobile.svg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-15.fra53.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: fd3121a04a4b745f71058c38f7902b207de37f86aa3a9674eda80a2baf366382

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 11:03:54 GMT
content-encoding: gzip
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
last-modified: Fri, 30 Dec 2022 10:46:16 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA53-C1
age: 80252
etag: W/"7ee-18562a3bcc0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-id: l55H4TzER_Ku7rAIHbBwoAr9GpBjXJnBtA8jrqHO9Iknu7nPi92YIg==
x-cached: MISS

GET
H2 200 icon-mail-no-bg.svg
www.walla.co.il/public/assets/homepage2/ 464 B
823 B 8ms
7ms Image
image/svg+xml 143.204.215.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/homepage2/icon-mail-no-bg.svg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-15.fra53.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 50795dddaa17612e809ddf339489bc1fdff6f7bcc76115ba6eeb17eccb68eb47

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 11:03:54 GMT
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
last-modified: Fri, 30 Dec 2022 10:46:16 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA53-C1
age: 80253
etag: W/"1d0-18562a3bcc0"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 464
x-cached: MISS
x-amz-cf-id: RHxa6H7DVLlEdzKu6C8vAH7tNGGlcUthj1rOOv1W5t-XSY7hX1E08A==

GET
H2 200 new-logo.svg
www.walla.co.il/public/assets/homepage2/ 1 KB
990 B 8ms
7ms Image
image/svg+xml 143.204.215.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/homepage2/new-logo.svg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-15.fra53.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: a0321d7f4006d1ef24eb6f33f7252ab8bcbb9237a56c49aad5abe30b085ae3fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 11:03:53 GMT
content-encoding: gzip
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
last-modified: Fri, 30 Dec 2022 10:46:16 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA53-C1
age: 80254
etag: W/"492-18562a3bcc0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-id: tqH2UBy7KDkr6rRnfav8ydPCO2tdYw6BOdrlafbDp2Da3Fhpao2LdQ==
x-cached: MISS

GET
H2 200 allay-icon.svg
www.walla.co.il/public/assets/icons/ 3 KB
2 KB 11ms
10ms Image
image/svg+xml 143.204.215.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/icons/allay-icon.svg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-15.fra53.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 06629d4561f4f5300f64a9bd017f09f07617d10fe67e3c82feabd39d52aad534

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 11:03:54 GMT
content-encoding: gzip
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
last-modified: Fri, 30 Dec 2022 10:46:16 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA53-C1
age: 80253
etag: W/"c00-18562a3bcc0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-id: 1g96JMvgmJ4a8CW_v31bdwjKNQlFv6sT-2MoM5bFMeviforCqq2ieA==
x-cached: MISS

GET
H2 200 yad2.png
www.walla.co.il/public/assets/icons/ 1 KB
1 KB 8ms
8ms Image
image/png 143.204.215.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/icons/yad2.png
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-15.fra53.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: a374b60100f2559a33f142d53bf332d5efad58e505683bff5cf0523abacc0274

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 11:03:54 GMT
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
last-modified: Fri, 30 Dec 2022 10:46:16 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA53-C1
age: 80253
etag: W/"488-18562a3bcc0"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 1160
x-cached: MISS
x-amz-cf-id: lFon7D3P9KjMoDQlNV3pB01y_HKNzQhKp6eFneMp2LEW7CNjohCOow==

GET
H2 200 3476820-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_1000,t_54/3/4/7/6/ 48 KB
49 KB 54ms
12ms Image
image/avif 143.204.215.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wcdn.co.il/f_auto,q_auto,w_1000,t_54/3/4/7/6/3476820-46.jpg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-94.fra53.r.cloudfront.net
Software: cloudinary /
Resource Hash: 046c27acf2cdc42b07376c0b64082ba6321de415863d4b97a5d70be65e0af7e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:20:35 GMT
via: 1.1 varnish, 1.1 d01ad8df731d3f120823f9e20df55146.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 52
edge-cache-tag: 342499202503995363093955539094953530261,325240592619059456640567246033780590469,d2bce9e04f88d43dd8350e859c701704
cache-tag: 342499202503995363093955539094953530261,325240592619059456640567246033780590469,d2bce9e04f88d43dd8350e859c701704
status: 200 OK
x-cache: Hit from cloudfront
content-length: 49076
x-request-id: 11336fca1b58a15de74a318d4641dbed
x-served-by: cache-lga21926-LGA
last-modified: Sat, 31 Dec 2022 09:20:36 GMT
server: cloudinary
x-timer: S1672478433.501177,VS0,VE2973
etag: "9cf5cd7cb2223c95afe4d8c1d7be9fc2"
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: MPpWd1SRT4LpvBbzucv-tVjUVKw-grhwwo2_qGR1G-mBlOY1psPVUw==
x-cache-hits: 0

GET
H2 200 invalid-name2.svg
www.walla.co.il/public/assets/shivuki/ 2 KB
1 KB 9ms
8ms Image
image/svg+xml 143.204.215.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/shivuki/invalid-name2.svg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-15.fra53.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: ce3152168290b1b92efe3a9ec4ee91acf3b91397b117aecaa158ae938bb826f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 11:03:54 GMT
content-encoding: gzip
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
last-modified: Fri, 30 Dec 2022 10:46:16 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA53-C1
age: 80253
etag: W/"834-18562a3bcc0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-id: QS38uWQIUXOG3TPycpXciSYe7o4kczbGtBkPpKxWoT_Sn_pzRHmAfw==
x-cached: MISS

GET
H2 200 103fm.png
www.walla.co.il/public/assets/homepage2/radio-stations/ 895 B
1 KB 9ms
9ms Image
image/png 143.204.215.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/homepage2/radio-stations/103fm.png
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-15.fra53.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: e28df0d1ecf0a67bfe7db32c3aafada6f839721734581e6a36cd5a5fcdf55fdb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 11:03:54 GMT
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
last-modified: Fri, 30 Dec 2022 10:46:16 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA53-C1
age: 80253
etag: W/"37f-18562a3bcc0"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 895
x-cached: MISS
x-amz-cf-id: 1EzMEXkwPd1kG_YpDysrmtuXnq-zkP0ArNi6oot6OULDAX-mdpUmPw==

GET
H2 200 99fm.png
www.walla.co.il/public/assets/homepage2/radio-stations/ 933 B
1 KB 8ms
8ms Image
image/png 143.204.215.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/homepage2/radio-stations/99fm.png
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-15.fra53.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 3008b4354e1b60f29f320cfa65b9725167ad632656392673a4785d836bf3f14d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 11:03:54 GMT
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
last-modified: Fri, 30 Dec 2022 10:46:16 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA53-C1
age: 80253
etag: W/"3a5-18562a3bcc0"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 933
x-cached: MISS
x-amz-cf-id: eI83xPrqsLIcybhCYgKTAm-cvd8xQ4c4i_sYSROKdbogkxHn9wix5w==

GET
H2 200 3473542-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_100/3/4/7/3/ 26 KB
27 KB 14ms
7ms Image
image/avif 143.204.215.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wcdn.co.il/f_auto,q_auto,w_300,t_100/3/4/7/3/3473542-46.jpg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-94.fra53.r.cloudfront.net
Software: cloudinary /
Resource Hash: 37fc4e7a3abd23889801a34b63714ec4e84e169551243febaff7cb70b9706f62

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 05:41:05 GMT
via: 1.1 varnish, 1.1 d01ad8df731d3f120823f9e20df55146.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 186022
edge-cache-tag: 168706918149911572649044903575986906203,425792032652047450413919300283245243783,d2bce9e04f88d43dd8350e859c701704
cache-tag: 168706918149911572649044903575986906203,425792032652047450413919300283245243783,d2bce9e04f88d43dd8350e859c701704
status: 200 OK
x-cache: Hit from cloudfront
content-length: 26508
x-request-id: 90f4a399a8294c15e8882d5b1400d8e2
x-served-by: cache-lga21969-LGA
last-modified: Thu, 29 Dec 2022 05:41:06 GMT
server: cloudinary
x-timer: S1672292464.402096,VS0,VE940
etag: "0834094cf7f4894b37f9cecc1be7df1f"
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: DJRHn9Pepu1gY508bgE4IX5PyxbPaXwbV7GAUY--T1WdpOTC1-nmaw==
x-cache-hits: 0

GET
H2 200 2357136-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_100,t_53/2/3/5/7/ 3 KB
4 KB 15ms
8ms Image
image/avif 143.204.215.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wcdn.co.il/f_auto,q_auto,w_100,t_53/2/3/5/7/2357136-46.jpg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-94.fra53.r.cloudfront.net
Software: cloudinary /
Resource Hash: 34c5d307a57bf09f3c159a6c129370b8c293ec67847b9e4c99c400ec60d476cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 12:49:17 GMT
via: 1.1 varnish, 1.1 d01ad8df731d3f120823f9e20df55146.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 160330
edge-cache-tag: 119880395262718257581038856239212261192,126791851644153346182560705225699570347,d2bce9e04f88d43dd8350e859c701704
cache-tag: 119880395262718257581038856239212261192,126791851644153346182560705225699570347,d2bce9e04f88d43dd8350e859c701704
status: 200 OK
x-cache: Hit from cloudfront
content-length: 2991
x-request-id: 0afcbfb066e4ab814f340ee8496d1161
x-served-by: cache-iad-kjyo7100126-IAD
last-modified: Thu, 29 Dec 2022 12:49:18 GMT
server: cloudinary
x-timer: S1672318157.480163,VS0,VE452
etag: "5ba53b157384829f59a062e5e73937e6"
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: qLMOZocuF9hRo63B-wkeq991YgbBBxGcJRECU5m6btD5oybbJ28vpQ==
x-cache-hits: 0

GET
H2 200 3434921-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_100,t_53/3/4/3/4/ 6 KB
6 KB 16ms
9ms Image
image/avif 143.204.215.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wcdn.co.il/f_auto,q_auto,w_100,t_53/3/4/3/4/3434921-46.jpg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-94.fra53.r.cloudfront.net
Software: cloudinary /
Resource Hash: 0cc5a07f71a488044ff4b872409d1cd3939b33f6256407a9aef3337c4d368091

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 05:45:18 GMT
via: 1.1 varnish, 1.1 d01ad8df731d3f120823f9e20df55146.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 185769
edge-cache-tag: 370695323095822955181903807708708040269,126791851644153346182560705225699570347,d2bce9e04f88d43dd8350e859c701704
cache-tag: 370695323095822955181903807708708040269,126791851644153346182560705225699570347,d2bce9e04f88d43dd8350e859c701704
status: 200 OK
x-cache: Hit from cloudfront
content-length: 5786
x-request-id: 23327a100a9364b36ebfc1f80ce67c54
x-served-by: cache-iad-kjyo7100081-IAD
last-modified: Thu, 29 Dec 2022 05:45:19 GMT
server: cloudinary
x-timer: S1672292717.603901,VS0,VE1890
etag: "66c224bd6c5aab53c137a15119ba0fc0"
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: ulNtWLtOBTsWYgS0oPnlMc8va2C3sIAj7fNpy5Et9Awg1Y9l7gFFUg==
x-cache-hits: 0

GET
H2 200 3452246-46.jpg
images.wcdn.co.il/x_0.015,y_0.17002237136465326,w_0.985,c_crop,f_auto/t_54,f_auto,w_300/3/4/5/2/ 3 KB
4 KB 16ms
10ms Image
image/avif 143.204.215.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wcdn.co.il/x_0.015,y_0.17002237136465326,w_0.985,c_crop,f_auto/t_54,f_auto,w_300/3/4/5/2/3452246-46.jpg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-94.fra53.r.cloudfront.net
Software: cloudinary /
Resource Hash: 989af426e243a225f6997022a66e84394f780a57781313e21fbddd18724fb1c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 14:26:22 GMT
via: 1.1 varnish, 1.1 d01ad8df731d3f120823f9e20df55146.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 2573705
edge-cache-tag: 348793752942556590483112722556846937235,418511967002694493509171342187185552083,d2bce9e04f88d43dd8350e859c701704
cache-tag: 348793752942556590483112722556846937235,418511967002694493509171342187185552083,d2bce9e04f88d43dd8350e859c701704
status: 200 OK
x-cache: Hit from cloudfront
content-length: 3491
x-request-id: 009daebc3a8e1c9eed9afed99511ac42
x-served-by: cache-iad-kjyo7100073-IAD
last-modified: Thu, 01 Dec 2022 14:26:23 GMT
server: cloudinary
x-timer: S1669904779.818359,VS0,VE3858
etag: "d47e40427aa6db5e6f74e6263057d59b"
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: yIIOjRGTy2BC8zadDxxpTTqoPVmFWLLG8EMim5h-LrmZJ-Ehd0apAA==
x-cache-hits: 0

GET
H2 200 3416873-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/4/1/6/ 7 KB
8 KB 18ms
12ms Image
image/avif 143.204.215.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/4/1/6/3416873-46.jpg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-94.fra53.r.cloudfront.net
Software: cloudinary /
Resource Hash: bd9a5912afa57f032a595d9249aeca9aeb194ab77b00d332f290edf47bfadac9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Dec 2022 14:23:48 GMT
via: 1.1 varnish, 1.1 d01ad8df731d3f120823f9e20df55146.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 845859
edge-cache-tag: 339413559485137298811311803888009080115,284918326951630284351529302470151995623,d2bce9e04f88d43dd8350e859c701704
cache-tag: 339413559485137298811311803888009080115,284918326951630284351529302470151995623,d2bce9e04f88d43dd8350e859c701704
status: 200 OK
x-cache: Hit from cloudfront
content-length: 7357
x-request-id: 919a7af1e0fa54acab24e500560f2f7d
x-served-by: cache-iad-kjyo7100150-IAD
last-modified: Wed, 21 Dec 2022 14:23:49 GMT
server: cloudinary
x-timer: S1671632628.795466,VS0,VE789
etag: "35df029479ac2479c5634f3bf7b02137"
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: LsvWVMf876-03VJdW0jxzL159vX5O1GV5zvSw8B6H8KoI3PoUt5KMw==
x-cache-hits: 0

GET
H2 200 outbrain.png
www.walla.co.il/public/assets/outbrain/ 780 B
1 KB 20ms
14ms Image
image/png 143.204.215.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/outbrain/outbrain.png
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-15.fra53.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 00778b7246ce1ad6cbc6085624d78cdeb6c805c67c60113beab05259080b7a25

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 11:03:54 GMT
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
last-modified: Fri, 30 Dec 2022 10:46:16 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA53-C1
age: 80253
etag: W/"30c-18562a3bcc0"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 780
x-cached: MISS
x-amz-cf-id: OGZeiMzo9A1Ds6GGt7HLOaemfIS8l95zBQJXyVSXjfK73PLg7RS90w==

GET
H2 200 new-logo-walla-negativ.png
www.walla.co.il/public/assets/icons/ 636 B
991 B 16ms
10ms Image
image/png 143.204.215.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/icons/new-logo-walla-negativ.png
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-15.fra53.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: f6a69ae74374cd68efa0256c89a99d1cccbb7095e33ffb88d1ae54ee900d4741

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 11:03:54 GMT
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
last-modified: Fri, 30 Dec 2022 10:46:16 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA53-C1
age: 80253
etag: W/"27c-18562a3bcc0"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 636
x-cached: MISS
x-amz-cf-id: jyoLqQtztGskejaRrZwc9mSMb7pIbQZitnxYxKJ8ugUr9zdQiAPk_w==

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 107 KB
42 KB 91ms
19ms Script
application/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=GTM-MKKBK36

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

88365730897fa6716482f89e8fb9d67932fcb7fc0c71c941394a54f2948fa478

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42965
x-xss-protection: 0
last-modified: Sat, 31 Dec 2022 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 31 Dec 2022 09:21:27 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 97 KB
29 KB 187ms
8ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6796) /
Resource Hash: c02444f391e8655e79ff8d7d4cb69c3426c3bffbf8731a994fa23aed0f641d12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sat, 31 Dec 2022 09:21:27 GMT
Content-Encoding: gzip
Age: 753
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=
Content-Length: 29221
Last-Modified: Wed, 02 Nov 2022 19:43:37 GMT
Server: ECS (frb/6796)
Etag: "6633f9603c759c40d9b200995454f17c+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800
Vary: Accept-Encoding

GET
H2 200 446_1865aef0cf6839db2ebc_1865aef0cf6839db2ebc_walla.js Show response
www.walla.co.il/public/ 11 KB
4 KB 20ms
14ms Script
application/javascript 143.204.215.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.walla.co.il/public/446_1865aef0cf6839db2ebc_1865aef0cf6839db2ebc_walla.js
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-15.fra53.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: e18c7f470c660da0fbb80b92916bd2f6d3b5c5c761d5dfa9008ab8fa3db1abc1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 11:03:54 GMT
content-encoding: gzip
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
last-modified: Fri, 30 Dec 2022 10:48:56 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA53-C1
age: 80253
etag: W/"2d69-18562a62dc0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=2592000
x-amz-cf-id: -xRD9dIP2vRQwFJpHP2WPQ4Eru7GepcV_bMPX81uBctT-fEV6yPpFw==
x-cached: MISS

GET
H2 200 462_98a2c9c9019c75bf0c50_98a2c9c9019c75bf0c50_walla.js Show response
www.walla.co.il/public/ 309 KB
101 KB 20ms
15ms Script
application/javascript 143.204.215.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.walla.co.il/public/462_98a2c9c9019c75bf0c50_98a2c9c9019c75bf0c50_walla.js
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-15.fra53.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: f48a26731c5bedb73f2c65bc3537c096ee30acd40dc1dbc52ab9dc0c7300c28f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 11:03:54 GMT
content-encoding: gzip
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
last-modified: Fri, 30 Dec 2022 10:48:56 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA53-C1
age: 80253
etag: W/"4d5fa-18562a62dc0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=2592000
x-amz-cf-id: eNcB8XXiOzTo3Yf-Fw5AVykM7c9EbhbR1RSD1KUBQkKkiH4sxbepMQ==
x-cached: MISS

GET
H2 200 main_e61f3c364b4d932dfab9_e61f3c364b4d932dfab9_walla.js Show response
www.walla.co.il/public/ 1 MB
259 KB 20ms
15ms Script
application/javascript 143.204.215.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.walla.co.il/public/main_e61f3c364b4d932dfab9_e61f3c364b4d932dfab9_walla.js
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-15.fra53.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: da28ea512b7c7e638b7689bd2ebb59cb7c796070f9518119f6d0475c08ac736f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 11:03:53 GMT
content-encoding: gzip
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
last-modified: Fri, 30 Dec 2022 10:48:56 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA53-C1
age: 80254
etag: W/"11ec9a-18562a62dc0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=2592000
x-amz-cf-id: eR1rZJ95tgUA1AxIzqljCfi75dCpZdytSeVre0G2f42QL_z5ZBEAFw==
x-cached: MISS

GET
H2 200 29_556abeff572d0b62c092_556abeff572d0b62c092_walla.js Show response
www.walla.co.il/public/ 13 KB
4 KB 16ms
11ms Script
application/javascript 143.204.215.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.walla.co.il/public/29_556abeff572d0b62c092_556abeff572d0b62c092_walla.js
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-15.fra53.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 1e36da77124c1e4d487d41ed4604cb51a1983e6444f3474ea022370aeabbe00e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 11:03:53 GMT
content-encoding: gzip
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
last-modified: Fri, 30 Dec 2022 10:48:56 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA53-C1
age: 80254
etag: W/"33ec-18562a62dc0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=2592000
x-amz-cf-id: U4utHd-tbCegiRyJy-rGJB_oB3AfvscvctIgcRwOZOHOEECWibYlUw==
x-cached: MISS

GET
H2 200 homepage_1bf5acd2c77fb362c4e5_1bf5acd2c77fb362c4e5_walla.js Show response
www.walla.co.il/public/ 209 KB
40 KB 16ms
12ms Script
application/javascript 143.204.215.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.walla.co.il/public/homepage_1bf5acd2c77fb362c4e5_1bf5acd2c77fb362c4e5_walla.js
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-15.fra53.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: d99b90f783bad0cb9b8aff5311c99ae0a93091d1017397e466bf8a939da6377c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 11:03:54 GMT
content-encoding: gzip
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
last-modified: Fri, 30 Dec 2022 10:48:56 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA53-C1
age: 80253
etag: W/"3424e-18562a62dc0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=2592000
x-amz-cf-id: AFfJslHx-VSVrD94g7OVhftuf3ZF7yN9V3y6K-tDOf_jllpOCtziEg==
x-cached: MISS

GET
H2 200 pubads_impl_2022120701.js Show response
securepubads.g.doubleclick.net/gpt/ 382 KB
130 KB 33ms
9ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071257

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2f8c7997f52d388163a69b8832524663fd4b607f83cdb13ed9c6e928ad71fac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Thu, 29 Dec 2022 16:44:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 146223
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132289
x-xss-protection: 0
last-modified: Wed, 07 Dec 2022 09:34:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 29 Dec 2023 16:44:24 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 918 B
930 B 65ms
42ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.walla.co.il

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9d2763e8b165b3ceef74fae748c6097b118da3fc6a85e4f494fc079fe47d962e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 294
x-xss-protection: 0
expires: Sat, 31 Dec 2022 09:21:27 GMT

GET
H2 200 walla-v2-prod.js Show response
cdn.valuad.cloud/hb/ 908 KB
246 KB 1142ms
847ms Script
application/javascript 205.185.216.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672444800000

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

31b7fe34672f874c1bdbc1cbfd84735a07aff08c1b0df1df162a281dc22052f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:27 GMT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
last-modified: Mon, 19 Dec 2022 13:38:58 GMT
x-sp-metadata: HS256.CKeawJ0GEoUBCiRiZGRjMjc4OS02OTQ0LTQxMmQtODJiMC0yM2ExZGVkYjA2NjIQ+PLE+NXG+wIaBgiX/r+dBiIKODEuOTUuNS4zNSj+zwIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRosCAESJGVhZDUxMmQzLTAwMGUtNDZkYy05MGY0LTA1MjQ2Nzg4YTFkOBjwqA8iGAgCEhRjZHMxNjAuZnI4Lmh3Y2RuLm5ldA==.9QTllYKVI2k7E81w448TfFHnJBX2i8LZ+gxxEDU0/2k=
x-amz-request-id: tx000000000000055e68d69-0063aef6cb-2b9ec190-fra1a
etag: "b4e93c760a48491f1d71d088544ada03"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1672478487.dop132.fr8.t,1672478487.cds321.fr8.hn,1672478487.cds160.fr8.c
content-type: application/javascript
x-rgw-object-type: Normal
cache-control: public, max-age=86400
accept-ranges: bytes
content-length: 250992

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 405 KB
83 KB 118ms
48ms Script
application/javascript 2a00:1450:400d:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T728TH

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b4fe05fc9c6ed79d98227c2edafbc8363162879f2282b22d755929a41cc6c9fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84942
x-xss-protection: 0
last-modified: Sat, 31 Dec 2022 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 31 Dec 2022 09:21:27 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 496 KB
65 KB 152ms
83ms Script
application/javascript 2a00:1450:400d:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WGMK7ZS

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2cda67bd949687cf0c594ac6479a5d5ea592553db21ee111680f1bce01bc7868

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 66708
x-xss-protection: 0
last-modified: Sat, 31 Dec 2022 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 31 Dec 2022 09:21:27 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 122 KB
46 KB 118ms
49ms Script
application/javascript 2a00:1450:400d:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KL6PRJM

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e9f5d557af76f027fe8399083994aa4cd6e0412fbaa2c5885201c261dc87528e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47509
x-xss-protection: 0
last-modified: Sat, 31 Dec 2022 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 31 Dec 2022 09:21:27 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 91ms
22ms Script
text/javascript 2a00:1450:400d:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 31 Dec 2022 08:27:20 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 3247
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Sat, 31 Dec 2022 10:27:20 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 372 KB
125 KB 77ms
31ms Script
text/javascript 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b0e18d026f801cfbb4fdf886e99a811a4befbeb289daf315a8d30c963242943

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126857
x-xss-protection: 0
expires: Sat, 31 Dec 2022 09:21:27 GMT

GET
H2 200 api.js Show response
www.gstatic.com/readaloud/player/web/api/walla/js/ 442 KB
151 KB 101ms
22ms Script
text/javascript 2a00:1450:400d:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/readaloud/player/web/api/walla/js/api.js

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

686e58d5a724aedeaf95623eee27e4f1d115bf2d05b4b668c17066498a695f9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:04:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1025
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/speakr
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 153942
x-xss-protection: 0
last-modified: Sun, 25 Dec 2022 11:06:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="speakr"
vary: Accept-Encoding
report-to: {"group":"speakr","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/speakr"}]}
content-type: text/javascript
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Sat, 31 Dec 2022 09:54:22 GMT

GET
H2 200 wallawb.js Show response
cf.dxmcdn.com/dta/ 5 KB
2 KB 138ms
61ms Script
application/javascript 2600:9000:206f:6c00:11:da61:a100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cf.dxmcdn.com/dta/wallawb.js
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:6c00:11:da61:a100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7ebba04d5ca8ae78a79b3c7f229a37c102753633e9ca182fc6158e235594d2a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 00:31:52 GMT
x-amz-version-id: oybraUamdMFbqZV3UFLEjZ40HZNFemmw
content-encoding: br
last-modified: Wed, 28 Dec 2022 09:09:59 GMT
server: AmazonS3
via: 1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
etag: W/"0f82c0f29fb7d086fa70ef5c1fc0b22c"
age: 31776
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: FXiF2ElfoN5-TfwRe3KZIrLPMPHXrCdiGLq0Jd1Ij1zxsnrAATrtEw==

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 37 KB
15 KB 19ms
16ms Script
application/x-javascript 2600:9000:2304:f400:18:1fcd:351:7bc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:f400:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 7b307f2ce73aec07bfa1ab1d6462f491de0497c8819b1d6fed66eda9638a3530

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 01:01:25 GMT
content-encoding: gzip
via: 1.1 a17242a6cf9be61e0412ecea1610cbde.cloudfront.net (CloudFront)
last-modified: Thu, 08 Dec 2022 17:25:10 GMT
server: nginx
x-amz-cf-pop: VIE50-P1
age: 30002
etag: W/"63921df6-9377"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: YP5c3kK8NARg0csKg3-nbms-LELd3jpFydYZAkznGm-7lrCVd21-QQ==
expires: Sun, 01 Jan 2023 01:01:25 GMT

GET
H2 200 google.gif
www.walla.co.il/public/assets/icons/ 1 KB
2 KB 20ms
18ms Image
image/gif 143.204.215.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/icons/google.gif
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-15.fra53.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: a9556451882c7b86d689ee82a86c2b360cf0acea6d92a4165c80054371e52336

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 11:03:53 GMT
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
last-modified: Fri, 30 Dec 2022 10:46:16 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA53-C1
age: 80254
etag: W/"5b6-18562a3bcc0"
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 1462
x-cached: MISS
x-amz-cf-id: 4rV81ZSmohtzaM5uJ59_6_UxsJrcr56Pj7tHaoXZFeiKEbCj4KiIqA==

GET
H2 200 icon-serch.svg
www.walla.co.il/public/assets/homepage2/ 743 B
1 KB 19ms
17ms Image
image/svg+xml 143.204.215.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/homepage2/icon-serch.svg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-15.fra53.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: b7ee2e2c1f36198a263d4d442d6752e78d61fecd54473cb5c1c3dbb8b6053817

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 11:03:54 GMT
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
last-modified: Fri, 30 Dec 2022 10:46:16 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA53-C1
age: 80253
etag: W/"2e7-18562a3bcc0"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 743
x-cached: MISS
x-amz-cf-id: dOymu5Ktb6J3_bAkCh1rwuHJWZVXoEnzPrVAIywfBFhaOYWClunncw==

GET
H2 200 zoom.svg
www.walla.co.il/public/assets/icons/ 2 KB
1 KB 24ms
23ms Image
image/svg+xml 143.204.215.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/icons/zoom.svg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-15.fra53.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: ed9a1c0a002eebd39ff310d9a7d166a21448676cc03b5546a5bebfbc762b1742

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 11:03:53 GMT
content-encoding: gzip
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
last-modified: Fri, 30 Dec 2022 10:46:16 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA53-C1
age: 80254
etag: W/"7e3-18562a3bcc0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-id: fsJfZ4NNat41bWgZsxqEh1BSAGt2xM9WXh6NM7t9gyZOCJFXdY7u5w==
x-cached: MISS

GET
H2 200 icon-wather.svg
www.walla.co.il/public/assets/icons/ 2 KB
1 KB 25ms
23ms Image
image/svg+xml 143.204.215.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/icons/icon-wather.svg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-15.fra53.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: c2095f6920579eb6938ef2ddecc5652d5a9557555a32b019969e329a93731897

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 11:03:53 GMT
content-encoding: gzip
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
last-modified: Fri, 30 Dec 2022 10:46:16 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA53-C1
age: 80254
etag: W/"85c-18562a3bcc0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-id: LhIUph2jVYhLiMoMjfhTd5WDIWEKYUyaT3TgUDcJg1cO6uw_ng0exg==
x-cached: MISS

GET
H2 200 icon-mail-empty.svg
www.walla.co.il/public/assets/homepage2/ 1 KB
1 KB 25ms
24ms Image
image/svg+xml 143.204.215.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/homepage2/icon-mail-empty.svg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-15.fra53.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 56dc3f20e9bfd5faaa6cb74b9e2b1c4f6ef120732aa1f111b56e988123800fbd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 11:03:53 GMT
content-encoding: gzip
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
last-modified: Fri, 30 Dec 2022 10:46:16 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA53-C1
age: 80254
etag: W/"5f6-18562a3bcc0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-id: ma98DaeEIDc77RUJIbJKrK5ZMHzW7RowXzdqdcQpEm9pXV8m9NkvMA==
x-cached: MISS

GET
H2 200 almoni-neue-aaa-600.woff
www.walla.co.il/public/font/almoni/ 58 KB
59 KB 17ms
15ms Font
font/woff 143.204.215.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.walla.co.il/public/font/almoni/almoni-neue-aaa-600.woff
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-15.fra53.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 963bd10345f70bf05d8735d5e33a7586d1c4b5e8a5b45861d36febe8be0d9af8

Request headers

Referer: https://www.walla.co.il/
Origin: https://www.walla.co.il
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 11:03:53 GMT
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
last-modified: Fri, 30 Dec 2022 10:46:16 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA53-C1
age: 80254
etag: W/"e954-18562a3bcc0"
x-cache: Hit from cloudfront
content-type: font/woff
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 59732
x-cached: MISS
x-amz-cf-id: JB5uo-0oGpBnyibnuAF0ihcE_4C8CoosOd3D7c7eNf08_Kd4mZuImQ==

GET
H2 200 / Show response
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 2 KB
1 KB 277ms
7ms XHR
application/json 2a04:4e42:200::714
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=walla.co.il&domain=walla.co.il&path=%2F
Requested by: Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4b64e6a6515b16f8e74e112ee7c7bef32818d4c09a7ce39de9a2bc98b008acb0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-cache-hits: 44
date: Sat, 31 Dec 2022 09:21:27 GMT
content-encoding: gzip
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
age: 1325
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 780
x-served-by: cache-hhn-etou8220090-HHN
x-timer: S1672478487.402651,VS0,VE0
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges: bytes
expires: Thu, 29 Dec 2022 08:59:22 GMT

GET
H2 200 recorder.js Show response
web-sdk.smartlook.com/ 3 KB
2 KB 33ms
8ms Script
application/javascript 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://web-sdk.smartlook.com/recorder.js

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

2ac8150003a3c49d2735c3e68ebde6e820308ff0ee6bf57e38604259a4931eac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 31 Dec 2022 09:21:27 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
x-cache: HIT
x-77-cache: HIT
cross-origin-resource-policy: cross-origin
x-age: 219
x-77-nzt: AcO1rgUF9CP/2wAAAA
x-accel-expires: @1672478868
last-modified: Wed, 21 Dec 2022 12:31:30 GMT
server: CDN77-Turbo
etag: W/"63a2fca2-c4a"
x-77-nzt-ray: 25b02131ac03101717ffaf63dbb9ad0e
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=600

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 211 KB
72 KB 155ms
51ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

a84c7cc39305302875b9bbc7a62ebe486241cce1e3a3ee3b9e4521e6acf90ad7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Fri, 30 Dec 2022 07:53:53 GMT
etag: "63ae6ee1-12019"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 73753
expires: Sat, 31 Dec 2022 10:21:27 GMT

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ 215 KB
74 KB 131ms
10ms Script
application/x-javascript 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/outbrain.js
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 74de8bd9a3d2f4875f511a343db456e030ce719e7aa4aa4d8a4935a616bb128d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:27 GMT
content-encoding: gzip
last-modified: Sun, 25 Dec 2022 11:27:35 GMT
etag: "15-0L3jQkLcjo1Gep7DPmF3aiFUIw0"
vary: Accept-Encoding
edge-cache-tag: widget-cheetah
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET,POST
cache-control: max-age=14400
access-control-allow-credentials: false
x-traceid: 4debd7d0b239d7deb1c09441bd1fba8a
timing-allow-origin: *, *
content-length: 75278

GET
H2 200 arrow-forward.svg
www.walla.co.il/public/assets/homepage2/ 475 B
834 B 8ms
7ms Image
image/svg+xml 143.204.215.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/homepage2/arrow-forward.svg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-15.fra53.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 00df84c0176ae68719671b3cf670d45da854c8e4b092eb72eb0b36f6737ae111

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 11:03:53 GMT
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
last-modified: Fri, 30 Dec 2022 10:46:16 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA53-C1
age: 80254
etag: W/"1db-18562a3bcc0"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 475
x-cached: MISS
x-amz-cf-id: mNYNYQzSZyhOi2Hs0SxlsaVadyYdJkyGevtjdHIYlaQlwswup0iWWw==

GET
H2 200 video@2x.webp
www.walla.co.il/public/assets/icons/homepage3/ 2 KB
2 KB 9ms
8ms Image
image/webp 143.204.215.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/icons/homepage3/video@2x.webp
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-15.fra53.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 1c4dcf3b62662f4aa2a585956c0a77eb845c6bb99dbc5d71263f742286d79c18

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 11:03:53 GMT
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
last-modified: Fri, 30 Dec 2022 10:46:16 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA53-C1
age: 80254
etag: W/"74c-18562a3bcc0"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 1868
x-cached: MISS
x-amz-cf-id: h1tpALT7tlFznsj3vDIq3hMitjF-XLo5cb6XsbxjUEdLDkGaP4YY2A==

GET
H2 200 play103fm.svg
www.walla.co.il/public/assets/homepage2/radio-stations/ 409 B
768 B 9ms
8ms Image
image/svg+xml 143.204.215.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/homepage2/radio-stations/play103fm.svg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-15.fra53.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: f20eeef8fb712ad2bf5e21dfe5944ab2b62010e44ffa8f79a3bfa354973ab517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 11:03:53 GMT
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
last-modified: Fri, 30 Dec 2022 10:46:16 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA53-C1
age: 80254
etag: W/"199-18562a3bcc0"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 409
x-cached: MISS
x-amz-cf-id: MUMlAI4Xvp_ppzEcGxlFmni9q_Ww1wHWKAbk6Rxr7e0sya49wwG-0w==

GET
H2 200 play99fm.svg
www.walla.co.il/public/assets/homepage2/radio-stations/ 409 B
767 B 9ms
8ms Image
image/svg+xml 143.204.215.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/homepage2/radio-stations/play99fm.svg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-15.fra53.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: e5bf77a4605d9bb4c0ecfc1127ab95009dc2fa6ec763418424cf36f523db8e08

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 11:03:53 GMT
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
last-modified: Fri, 30 Dec 2022 10:46:16 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA53-C1
age: 80254
etag: W/"199-18562a3bcc0"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 409
x-cached: MISS
x-amz-cf-id: B8iCJDrd1g5vXSl1u1SfV2K9aiiIsOEgdGcQIyV8NjwOyiKsoi-7SQ==

GET
H2 200 video.webp
www.walla.co.il/public/assets/icons/homepage3/ 930 B
1 KB 8ms
7ms Image
image/webp 143.204.215.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/icons/homepage3/video.webp
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-15.fra53.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 8cce178d2af1945d796fb0f59a956e2d51086ed8d5dd8152efc951c05ecf1f6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 11:03:53 GMT
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
last-modified: Fri, 30 Dec 2022 10:46:16 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA53-C1
age: 80254
etag: W/"3a2-18562a3bcc0"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 930
x-cached: MISS
x-amz-cf-id: dXu5QKfzjhdLIKdWJN_A8ZvTDIYy1VYiz5SGStP7PuIEn6CQv5eMPA==

GET
H2 200 wallaicons.woff
www.walla.co.il/public/font/fonticon/ 15 KB
15 KB 11ms
11ms Font
font/woff 143.204.215.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.walla.co.il/public/font/fonticon/wallaicons.woff
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-15.fra53.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 5927b526dea517c6d58a54685beb027c35c2f7dfef38f318d487ff4275d3913a

Request headers

Referer: https://www.walla.co.il/
Origin: https://www.walla.co.il
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 11:03:55 GMT
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
last-modified: Fri, 30 Dec 2022 10:46:15 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA53-C1
age: 80252
etag: W/"3bdc-18562a3b8d8"
x-cache: Hit from cloudfront
content-type: font/woff
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 15324
x-cached: MISS
x-amz-cf-id: u1C9RLF1r82-fjKzg3sd5exSmjuFcev52ZuF-e6Fo0Sg64GHMmCXIw==

GET
H2 200 almoni-neue-aaa-400.woff
www.walla.co.il/public/font/almoni/ 58 KB
58 KB 12ms
12ms Font
font/woff 143.204.215.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.walla.co.il/public/font/almoni/almoni-neue-aaa-400.woff
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-15.fra53.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 5d571c24dd581cd84d7fb29cf1ca60872930eb09dec2678e282ddfd2b6091086

Request headers

Referer: https://www.walla.co.il/
Origin: https://www.walla.co.il
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 11:03:54 GMT
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
last-modified: Fri, 30 Dec 2022 10:46:15 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA53-C1
age: 80253
etag: W/"e770-18562a3b8d8"
x-cache: Hit from cloudfront
content-type: font/woff
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 59248
x-cached: MISS
x-amz-cf-id: aJg0BZHmhMdXuKF5homn7KbjuY1qYJvwuNJNHSR0BGzhrnDmsCoDBg==

GET
H2 200 almoni-neue-aaa-500.woff
www.walla.co.il/public/font/almoni/ 58 KB
58 KB 26ms
26ms Font
font/woff 143.204.215.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.walla.co.il/public/font/almoni/almoni-neue-aaa-500.woff
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-15.fra53.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 3ce180dce4e114166047284e549a6dae0c28ec609c5539920da8fa3a0c6a9034

Request headers

Referer: https://www.walla.co.il/
Origin: https://www.walla.co.il
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 11:03:53 GMT
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
last-modified: Fri, 30 Dec 2022 10:46:16 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA53-C1
age: 80254
etag: W/"e7c0-18562a3bcc0"
x-cache: Hit from cloudfront
content-type: font/woff
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 59328
x-cached: MISS
x-amz-cf-id: AwbD1Z_RkaVqpCK7zLvuu__RFTvQNQWRg7x0xEpG-5m7027yP188zw==

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 282ms
92ms Image
image/gif 52.21.47.218
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=walla.co.il&p=%2F&u=OrbSsDPS6tuHtYWq&d=walla.co.il&g=20047&g0=%D7%95%D7%95%D7%90%D7%9C%D7%94&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=11983&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.walla.co.il%2F&b=496&t=ChjnhpDGSVYiBaFx0_QyuxkqZCNg&V=139&i=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20-%20%D7%94%D7%90%D7%AA%D7%A8%20%D7%94%D7%9E%D7%95%D7%91%D7%99%D7%9C%20%D7%91%D7%99%D7%A9%D7%A8%D7%90%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%9E%D7%A1%D7%91%D7%99%D7%91%20%D7%9C%D7%A9%D7%A2%D7%95%D7%9F&tz=0&sn=1&sv=DULbPyCyG23vDnoSAWmaxZLDle7qM&sd=1&im=067b2fff&_
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.47.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-47-218.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 31 Dec 2022 09:21:27 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H2 200 452_26dc5e427d85df112ddb_26dc5e427d85df112ddb_walla.js Show response
www.walla.co.il/public/ 123 KB
36 KB 9ms
8ms Script
application/javascript 143.204.215.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.walla.co.il/public/452_26dc5e427d85df112ddb_26dc5e427d85df112ddb_walla.js
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/public/main_e61f3c364b4d932dfab9_e61f3c364b4d932dfab9_walla.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-15.fra53.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 1305b2f052d8eaa0fa1e83f15dfbe15cb58cdff54c44a3a24daa273e2e523a75

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 11:03:53 GMT
content-encoding: gzip
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
last-modified: Fri, 30 Dec 2022 10:48:56 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA53-C1
age: 80254
etag: W/"1eaa7-18562a62dc0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=2592000
x-amz-cf-id: s5SJmuEom_C5sQ5qhfRI6eQJwTx6yPGlDIuf2cgQF3KHv933FBTrUA==
x-cached: MISS

GET
H2 200 PikudInner_bb9f77b480edaf21f1e3_bb9f77b480edaf21f1e3_walla.js Show response
www.walla.co.il/public/ 3 KB
2 KB 9ms
9ms Script
application/javascript 143.204.215.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.walla.co.il/public/PikudInner_bb9f77b480edaf21f1e3_bb9f77b480edaf21f1e3_walla.js
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/public/main_e61f3c364b4d932dfab9_e61f3c364b4d932dfab9_walla.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-15.fra53.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 2d4b858c0e7906266e5342c077cb13a45cc546c1c678da9ca63a13a0940a7a7e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 11:03:53 GMT
content-encoding: gzip
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
last-modified: Fri, 30 Dec 2022 10:48:56 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA53-C1
age: 80254
etag: W/"cfd-18562a62dc0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=2592000
x-amz-cf-id: dbY-rE_bzzb1EsKmkM0WYpYW_MFlHiht1kWDIz5wbgro-Q7sokNMWA==
x-cached: MISS

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
27 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/public/462_98a2c9c9019c75bf0c50_98a2c9c9019c75bf0c50_walla.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0648dd60b72161450eb93d6fa81bb6ec46bb9dffb2d2d0c6f3b5d4ac1e01dda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27542
x-xss-protection: 0
server: sffe
etag: "1437 / 727 of 1000 / last-modified: 1670587517"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 31 Dec 2022 09:21:27 GMT

GET
H2 200 2323 Show response
dal.walla.co.il/editor/ 7 KB
3 KB 35ms
8ms XHR
application/json 99.86.4.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dal.walla.co.il/editor/2323?from=www.walla.co.il
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/public/462_98a2c9c9019c75bf0c50_98a2c9c9019c75bf0c50_walla.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-91.fra6.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: ec2771dc89436b6998f17c9927e6ed44a5efb421ed1afed64cfb34c8de2f7854

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:20:47 GMT
content-encoding: gzip
via: 1.1 8e04f5d6c745b231c10fce7c2aa9c70e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 40
x-srkey: 9ca383bf7f5c06689b373a08cfd03266
x-cache: Hit from cloudfront
x-cached: HIT
pragma: cache
server: openresty/1.15.8.1
x-speed: 0.0594980717
vary: Accept-Encoding
x-hostname: 823398b1735f
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.walla.co.il
x-ip-x: 76.71.121.33, 64.252.74.245
x-ip-r: 10.30.22.186
cache-control: max-age=60
x-amz-cf-id: GXiPZ9z65w6vkp5joLk8AT3h0gGUHBE2qHJgw9zLJeyI4Vbpq5cgPA==
expires: Sat, 31 Dec 2022 09:21:42 GMT

GET
H2 200 985_8f9f43cb2d0d34144d8f_8f9f43cb2d0d34144d8f_walla.js Show response
www.walla.co.il/public/ 43 KB
12 KB 9ms
8ms Script
application/javascript 143.204.215.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.walla.co.il/public/985_8f9f43cb2d0d34144d8f_8f9f43cb2d0d34144d8f_walla.js
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/public/main_e61f3c364b4d932dfab9_e61f3c364b4d932dfab9_walla.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-15.fra53.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: c3e2c3a1252dbbb47647b91b7492bf3d6c3dc1d4a332ca14616bf8be075f0593

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 11:03:54 GMT
content-encoding: gzip
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
last-modified: Fri, 30 Dec 2022 10:48:56 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA53-C1
age: 80253
etag: W/"adb3-18562a62dc0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=2592000
x-amz-cf-id: lAALKt6-_4ZIHZ9oLoz_s9YKalwoGzN4h-BbajLJGxRqnx097tu38g==
x-cached: MISS

GET
H2 200 player.html Show response
www.walla.co.il/public/ Frame DD0E 3 KB
1 KB 10ms
10ms Document
text/html 143.204.215.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.walla.co.il/public/player.html?autoplay=true&imaAdUnit=43010785%2Fwallanews%2Fmain%2Fpre_desktop&imaKeyValues=%7B%22app_name%22%3Afalse%2C%22providerId%22%3A0%2C%22item_id%22%3A0%2C%22vertical_id%22%3A173%2C%22vertical_name%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94%22%2C%22category_id%22%3A0%2C%22item_type%22%3A%22%22%2C%22exclusive%22%3A%22not%22%2C%22login%22%3A%22no%22%2C%22isMobileApp%22%3Afalse%7D&muted=true&player=walla&stream=https%3A%2F%2Famg01742-walla-wallanews-ono-2eohr.amagi.tv%2Fplaylist.m3u8&url=https%3A%2F%2Fwww.walla.co.il%2F
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/public/462_98a2c9c9019c75bf0c50_98a2c9c9019c75bf0c50_walla.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-15.fra53.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: f42ec27f2c6d85ac310093af2b83337569831c813eda706f8aa1f481ce5d0573

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 80248
cache-control: public, max-age=2592000
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 30 Dec 2022 11:03:59 GMT
etag: W/"bd8-18562a62dc0"
last-modified: Fri, 30 Dec 2022 10:48:56 GMT
server: openresty/1.15.8.1
vary: Accept-Encoding
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
x-amz-cf-id: Wykey8bHlZ1El4MRg9Xf7fb1agIML__e46Y4wA6CZdrF6Tz5KhLCyw==
x-amz-cf-pop: FRA53-C1
x-cache: Hit from cloudfront
x-cached: MISS

GET
H2 200 626_0d28508a485b0f3e4d71_0d28508a485b0f3e4d71_walla.js Show response
www.walla.co.il/public/ 3 KB
2 KB 11ms
11ms Script
application/javascript 143.204.215.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.walla.co.il/public/626_0d28508a485b0f3e4d71_0d28508a485b0f3e4d71_walla.js
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/public/main_e61f3c364b4d932dfab9_e61f3c364b4d932dfab9_walla.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-15.fra53.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 45945e673e9facc8b3292790f069378dc73f3a7d2ee6729d773ae44ddde754ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 11:03:54 GMT
content-encoding: gzip
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
last-modified: Fri, 30 Dec 2022 10:48:56 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA53-C1
age: 80253
etag: W/"c3a-18562a62dc0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=2592000
x-amz-cf-id: QAlHQyE97DKoVSHhJBGWY7Zz9M8SHP4BfoA1EDpXYvdm2C9ah3rF4Q==
x-cached: MISS

GET
H2 200 close.png
www.walla.co.il/public/assets/ads/ 1 KB
1 KB 11ms
9ms Image
image/png 143.204.215.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/ads/close.png
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-15.fra53.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 526570790fb55c7376917efb0561bac7302c8946d3cfb0daf15e3669c6ee1ee5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 11:03:55 GMT
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
last-modified: Fri, 30 Dec 2022 10:46:16 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA53-C1
age: 80252
etag: W/"46c-18562a3bcc0"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 1132
x-cached: MISS
x-amz-cf-id: TOvVCdR43v1u01YwUP2_Nr9pSQQBVi2DYmgtfnltak_8KG9g0JVwRQ==

GET
H2 200 3421426-46.png
images.wcdn.co.il//3/4/2/1/ 6 KB
6 KB 16ms
14ms Image
image/png 143.204.215.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wcdn.co.il//3/4/2/1/3421426-46.png
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-94.fra53.r.cloudfront.net
Software: cloudinary /
Resource Hash: 738d90cda558286a59c2e9d00b43c7d2375b2e010863533804d0de180cfc5339

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 16:31:18 GMT
via: 1.1 varnish, 1.1 d01ad8df731d3f120823f9e20df55146.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 2652609
edge-cache-tag: 145767541500621925049705680995819893788,d2bce9e04f88d43dd8350e859c701704
cache-tag: 145767541500621925049705680995819893788,d2bce9e04f88d43dd8350e859c701704
x-cache: Hit from cloudfront
content-length: 5667
x-served-by: cache-lga21969-LGA
last-modified: Sun, 14 Aug 2022 10:29:39 GMT
server: cloudinary
x-timer: S1669825879.630391,VS0,VE1
etag: "a299b27a337fe5f8cd65385dbd30d509"
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: mjglignU8QQv4mpj0eeWRojJDZKVJY-56z5QrrG1t2LW3w51WPsNSg==
x-cache-hits: 1

GET
H2 200 3446763-46.png
images.wcdn.co.il/f_auto,q_auto,w_400/3/4/4/6/ 4 KB
5 KB 16ms
14ms Image
image/avif 143.204.215.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wcdn.co.il/f_auto,q_auto,w_400/3/4/4/6/3446763-46.png
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-94.fra53.r.cloudfront.net
Software: cloudinary /
Resource Hash: c5b8c33935eb54f665133731f389751b694cb221fd19e19bca18758034e86ce9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:00:42 GMT
via: 1.1 varnish, 1.1 d01ad8df731d3f120823f9e20df55146.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 152445
edge-cache-tag: 260123766931755275147947543974984546756,381913850593876579626476268632260101011,d2bce9e04f88d43dd8350e859c701704
cache-tag: 260123766931755275147947543974984546756,381913850593876579626476268632260101011,d2bce9e04f88d43dd8350e859c701704
x-cache: Hit from cloudfront
content-length: 3930
x-served-by: cache-lga21932-LGA
last-modified: Thu, 20 Oct 2022 15:10:53 GMT
server: cloudinary
x-timer: S1672326042.232589,VS0,VE1
etag: "1735ced6b0f3c485c9fc6c4d2a9a7939"
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: o-QoOvGljPA08wtQsvyIgnSPJp6wbb0mavJ8sjSxCrxF97XCwNMaFA==
x-cache-hits: 1

GET
H2 200 3476744-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_400,t_18/3/4/7/6/ 32 KB
32 KB 17ms
15ms Image
image/avif 143.204.215.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wcdn.co.il/f_auto,q_auto,w_400,t_18/3/4/7/6/3476744-46.jpg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-94.fra53.r.cloudfront.net
Software: cloudinary /
Resource Hash: 26e1058edb1382fd07a8e9c3c26e3516d30d295b735aa6df82d6a037e538b15f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 06:35:19 GMT
via: 1.1 varnish, 1.1 d01ad8df731d3f120823f9e20df55146.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 96368
edge-cache-tag: 165624117772677717715709774052168849901,381573010157131071558488767622808407530,d2bce9e04f88d43dd8350e859c701704
cache-tag: 165624117772677717715709774052168849901,381573010157131071558488767622808407530,d2bce9e04f88d43dd8350e859c701704
x-cache: Hit from cloudfront
content-length: 32484
x-served-by: cache-iad-kiad7000129-IAD
last-modified: Fri, 30 Dec 2022 06:35:08 GMT
server: cloudinary
x-timer: S1672382120.811866,VS0,VE14
etag: "286dbae536c6033713d67bb7ca08eb55"
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: ZNvR8RuV_JWD_2SxQo1wZd994QA957_kuBjneJAzeGVOgcKb-kZK1w==
x-cache-hits: 1

GET
H2 200 3476749-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_200,t_41/3/4/7/6/ 9 KB
10 KB 19ms
17ms Image
image/avif 143.204.215.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wcdn.co.il/f_auto,q_auto,w_200,t_41/3/4/7/6/3476749-46.jpg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-94.fra53.r.cloudfront.net
Software: cloudinary /
Resource Hash: 123a2566f1cc07d335b974a0c68b77d02874fc5dffa2121824cff0ec549970ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:00:07 GMT
via: 1.1 varnish, 1.1 d01ad8df731d3f120823f9e20df55146.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 152480
edge-cache-tag: 129478718861552608774178931863596098393,283430647936075344067903404271322648154,d2bce9e04f88d43dd8350e859c701704
cache-tag: 129478718861552608774178931863596098393,283430647936075344067903404271322648154,d2bce9e04f88d43dd8350e859c701704
status: 200 OK
x-cache: Hit from cloudfront
content-length: 9553
x-request-id: c45d422f3b84a7d4dcb4282797823c2b
x-served-by: cache-lga21922-LGA
last-modified: Thu, 29 Dec 2022 15:00:08 GMT
server: cloudinary
x-timer: S1672326007.144540,VS0,VE434
etag: "2b09181111c992eb38798488dda997ab"
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: UeJ8Fr4OGugVjVCKNzauGYzKNxmvPBkcI212-9GlAkClMgBvIbyU5Q==
x-cache-hits: 0

GET
H2 200 3476750-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_200,t_41/3/4/7/6/ 21 KB
22 KB 19ms
17ms Image
image/avif 143.204.215.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wcdn.co.il/f_auto,q_auto,w_200,t_41/3/4/7/6/3476750-46.jpg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-94.fra53.r.cloudfront.net
Software: cloudinary /
Resource Hash: 13d679001581a31d2a570f49c96cfceb487011ef418ea4c2f7165dd468004b5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 15:00:08 GMT
via: 1.1 varnish, 1.1 d01ad8df731d3f120823f9e20df55146.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 152479
edge-cache-tag: 299776980358120877185181002283300005441,283430647936075344067903404271322648154,d2bce9e04f88d43dd8350e859c701704
cache-tag: 299776980358120877185181002283300005441,283430647936075344067903404271322648154,d2bce9e04f88d43dd8350e859c701704
status: 200 OK
x-cache: Hit from cloudfront
content-length: 21779
x-request-id: 72f3959f6f966a1d260920f7c06bcc94
x-served-by: cache-lga21957-LGA
last-modified: Thu, 29 Dec 2022 15:00:09 GMT
server: cloudinary
x-timer: S1672326008.784584,VS0,VE675
etag: "aada03818fe4acb0d5e3f7053c86ead7"
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: yT5a15RJxPcXu5Ra_JEX9g5HYFbzAqTIpkHRqxswa1CkWz-rryqhGg==
x-cache-hits: 0

GET
H2 200 3476768-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_200,t_41/3/4/7/6/ 10 KB
11 KB 19ms
18ms Image
image/avif 143.204.215.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wcdn.co.il/f_auto,q_auto,w_200,t_41/3/4/7/6/3476768-46.jpg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-94.fra53.r.cloudfront.net
Software: cloudinary /
Resource Hash: cd1465a64ad22b6a0c2069541049857411da587cfd61f90108abc61fbff5c311

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 12:58:52 GMT
via: 1.1 varnish, 1.1 d01ad8df731d3f120823f9e20df55146.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 73355
edge-cache-tag: 365126261383510807307793219567809545808,283430647936075344067903404271322648154,d2bce9e04f88d43dd8350e859c701704
cache-tag: 365126261383510807307793219567809545808,283430647936075344067903404271322648154,d2bce9e04f88d43dd8350e859c701704
status: 200 OK
x-cache: Hit from cloudfront
content-length: 10382
x-request-id: 31d0c017ad4c79cf98880dc98b9a8b6d
x-served-by: cache-lga21964-LGA
last-modified: Fri, 30 Dec 2022 12:58:53 GMT
server: cloudinary
x-timer: S1672405132.437042,VS0,VE298
etag: "64c2b82a8680dd2ede1cb085f134215f"
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: sd212bKP50Yzwk1y53I5L8Kwoc_sd0cDfo6R-kXq5KlwvX5gy-WLEQ==
x-cache-hits: 1

GET
H2 200 3476758-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_200,t_41/3/4/7/6/ 5 KB
6 KB 20ms
18ms Image
image/avif 143.204.215.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wcdn.co.il/f_auto,q_auto,w_200,t_41/3/4/7/6/3476758-46.jpg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-94.fra53.r.cloudfront.net
Software: cloudinary /
Resource Hash: b2c6673ff1b554c425bcc6976e9510ca44acc444aafe305cb5ce86e6bf02da1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 22:53:12 GMT
via: 1.1 varnish, 1.1 d01ad8df731d3f120823f9e20df55146.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 124095
edge-cache-tag: 112589444717849967477167105948797594487,283430647936075344067903404271322648154,d2bce9e04f88d43dd8350e859c701704
cache-tag: 112589444717849967477167105948797594487,283430647936075344067903404271322648154,d2bce9e04f88d43dd8350e859c701704
status: 200 OK
x-cache: Hit from cloudfront
content-length: 5097
x-request-id: 98046430337d7ea87a9fa0776491db4d
x-served-by: cache-iad-kjyo7100108-IAD
last-modified: Thu, 29 Dec 2022 22:53:13 GMT
server: cloudinary
x-timer: S1672354392.971250,VS0,VE496
etag: "08a670ae37382906c99aa8d4e8411c53"
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: c46vW5egNx-seNexj3jYEwkP4zMBV5owA2zxPL6M_FV0fPqrqrSr7g==
x-cache-hits: 0

GET
H2 200 3449032-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/4/4/9/ 15 KB
16 KB 21ms
19ms Image
image/avif 143.204.215.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/4/4/9/3449032-46.jpg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-94.fra53.r.cloudfront.net
Software: cloudinary /
Resource Hash: 50060ad7b72b3cd970c9f03a701c633e5e8460569c68d6590dcdb9e0c364259e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:15:40 GMT
via: 1.1 varnish, 1.1 d01ad8df731d3f120823f9e20df55146.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 347
edge-cache-tag: 241661844952401606835960534853769604901,284918326951630284351529302470151995623,d2bce9e04f88d43dd8350e859c701704
cache-tag: 241661844952401606835960534853769604901,284918326951630284351529302470151995623,d2bce9e04f88d43dd8350e859c701704
status: 200 OK
x-cache: Hit from cloudfront
content-length: 15430
x-request-id: 61208e93f4d0df1088b8dc58ed02be0e
x-served-by: cache-lga21951-LGA
last-modified: Sat, 31 Dec 2022 09:15:37 GMT
server: cloudinary
x-timer: S1672478140.075272,VS0,VE1
etag: "c1abc1a10cd7e30ce813ef8e24837909"
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: tY2KN24KWsNrKSm77a3NQ1wWkIFrlbE-mZdeAOvVJoEDtFQ3npINqQ==
x-cache-hits: 1

GET
H2 200 3436670-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/4/3/6/ 10 KB
11 KB 22ms
21ms Image
image/avif 143.204.215.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/4/3/6/3436670-46.jpg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-94.fra53.r.cloudfront.net
Software: cloudinary /
Resource Hash: 78196bff7fd7be4e477b880ed402e37cd9c08ebe91f95a69fc341e31297a6091

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 08:09:26 GMT
via: 1.1 varnish, 1.1 d01ad8df731d3f120823f9e20df55146.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 4321
edge-cache-tag: 203143127903966882171118620125331092107,284918326951630284351529302470151995623,d2bce9e04f88d43dd8350e859c701704
cache-tag: 203143127903966882171118620125331092107,284918326951630284351529302470151995623,d2bce9e04f88d43dd8350e859c701704
status: 200 OK
x-cache: Hit from cloudfront
content-length: 10437
x-request-id: e5f8f07e988c10a75b8abf01ef214ade
x-served-by: cache-lga21982-LGA
last-modified: Sat, 31 Dec 2022 08:09:27 GMT
server: cloudinary
x-timer: S1672474162.043446,VS0,VE4649
etag: "ce6d63a15ee33385442dcc66e456fd38"
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: 9IRRx8N-d7W9JrT3KsG9L52C1Ko7plhsL1jvLDou-TfJiW9jnZfTVg==
x-cache-hits: 0

GET
H2 200 3477082-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/4/7/7/ 18 KB
18 KB 21ms
20ms Image
image/avif 143.204.215.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/4/7/7/3477082-46.jpg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-94.fra53.r.cloudfront.net
Software: cloudinary /
Resource Hash: 648147a2595fe85ae6e0cf5e70d0703d1deb18c60c966e47c3a2e0f61fe9e8b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 07:54:22 GMT
via: 1.1 varnish, 1.1 d01ad8df731d3f120823f9e20df55146.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 5225
edge-cache-tag: 287209873648270859724322451963451019562,284918326951630284351529302470151995623,d2bce9e04f88d43dd8350e859c701704
cache-tag: 287209873648270859724322451963451019562,284918326951630284351529302470151995623,d2bce9e04f88d43dd8350e859c701704
status: 200 OK
x-cache: Hit from cloudfront
content-length: 17942
x-request-id: 0135d64cc425c20aeef2f359152ee9b7
x-served-by: cache-iad-kjyo7100135-IAD
last-modified: Sat, 31 Dec 2022 07:54:23 GMT
server: cloudinary
x-timer: S1672473259.445931,VS0,VE3175
etag: "1eef55eda3f7cf188d9629fa2c2d23dc"
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: 1GASN0umvZF4c5vAD_jhknvI2XiKUWgf_1PLrKxsqy79bYNtaE58tw==
x-cache-hits: 0

GET
H2 200 3179120-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_100,t_53/3/1/7/9/ 3 KB
4 KB 22ms
21ms Image
image/avif 143.204.215.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wcdn.co.il/f_auto,q_auto,w_100,t_53/3/1/7/9/3179120-46.jpg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-94.fra53.r.cloudfront.net
Software: cloudinary /
Resource Hash: d942218f1bf6e2ffaac8c63bc3e3d729fa187fe22836102fa1c6c4887c3a5e44

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 14:00:28 GMT
via: 1.1 varnish, 1.1 d01ad8df731d3f120823f9e20df55146.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 69659
edge-cache-tag: 164532849367902147806800334309226438561,126791851644153346182560705225699570347,d2bce9e04f88d43dd8350e859c701704
cache-tag: 164532849367902147806800334309226438561,126791851644153346182560705225699570347,d2bce9e04f88d43dd8350e859c701704
x-cache: Hit from cloudfront
content-length: 2944
x-served-by: cache-iad-kiad7000105-IAD
last-modified: Fri, 31 Dec 2021 14:00:26 GMT
server: cloudinary
x-timer: S1672408829.944698,VS0,VE1
etag: "c4e036d4b72455ef4ec38802163866db"
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: toDCNlHmDG14v1mtUR-GtD1b9BlCr_QX6Ol0pK-0M2lpO391YcAUfg==
x-cache-hits: 1

GET
H2 200 3257856-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_100,t_53/3/2/5/7/ 1 KB
2 KB 22ms
21ms Image
image/avif 143.204.215.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wcdn.co.il/f_auto,q_auto,w_100,t_53/3/2/5/7/3257856-46.jpg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-94.fra53.r.cloudfront.net
Software: cloudinary /
Resource Hash: ac3ec5feaadff6b9971d045b79a2bf36d5a7afd78c0c39a6a340a8cd5175f5e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 17:01:33 GMT
via: 1.1 varnish, 1.1 d01ad8df731d3f120823f9e20df55146.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 10685994
edge-cache-tag: 181324815173015367470310301508200870431,126791851644153346182560705225699570347,d2bce9e04f88d43dd8350e859c701704
cache-tag: 181324815173015367470310301508200870431,126791851644153346182560705225699570347,d2bce9e04f88d43dd8350e859c701704
x-cache: Hit from cloudfront
content-length: 1434
x-served-by: cache-iad-kiad7000029-IAD
last-modified: Tue, 28 Dec 2021 18:00:53 GMT
server: cloudinary
x-timer: S1661792494.700302,VS0,VE1
etag: "3f5e873602e4a3235e31ae90cabe2dea"
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: r0XAQnYohtpgE1GqXeSsD_h6JgHJx0YxRTVtT15tR3gifvgIaX4Ebw==
x-cache-hits: 1

GET
H2 200 mab
mabping.chartbeat.net/ping/ 43 B
200 B 300ms
99ms Image
image/gif 3.214.69.6
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=OrbSsDPS6tuHtYWq&c=0.01&V=139&x=3rIF6M8vg190A&v=B&ml=m&sl=DAUSmv&e=-1
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.214.69.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-214-69-6.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 31 Dec 2022 09:21:28 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H2 200 mab
mabping.chartbeat.net/ping/ 43 B
201 B 292ms
91ms Image
image/gif 3.214.69.6
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=OrbSsDPS6tuHtYWq&c=0.01&V=139&x=muiIa2JehMYYw&v=B&ml=m&sl=BS6ZMJ&e=-1
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.214.69.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-214-69-6.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 31 Dec 2022 09:21:28 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H3 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame DD0E 372 KB
124 KB 32ms
16ms Script
text/javascript 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/public/player.html?autoplay=true&imaAdUnit=43010785%2Fwallanews%2Fmain%2Fpre_desktop&imaKeyValues=%7B%22app_name%22%3Afalse%2C%22providerId%22%3A0%2C%22item_id%22%3A0%2C%22vertical_id%22%3A173%2C%22vertical_name%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94%22%2C%22category_id%22%3A0%2C%22item_type%22%3A%22%22%2C%22exclusive%22%3A%22not%22%2C%22login%22%3A%22no%22%2C%22isMobileApp%22%3Afalse%7D&muted=true&player=walla&stream=https%3A%2F%2Famg01742-walla-wallanews-ono-2eohr.amagi.tv%2Fplaylist.m3u8&url=https%3A%2F%2Fwww.walla.co.il%2F

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b0e18d026f801cfbb4fdf886e99a811a4befbeb289daf315a8d30c963242943

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126857
x-xss-protection: 0
expires: Sat, 31 Dec 2022 09:21:27 GMT

GET
H2 200 446_1865aef0cf6839db2ebc_1865aef0cf6839db2ebc_walla.js Show response
www.walla.co.il/public/ Frame DD0E 11 KB
4 KB 8ms
7ms Script
application/javascript 143.204.215.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.walla.co.il/public/446_1865aef0cf6839db2ebc_1865aef0cf6839db2ebc_walla.js
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/public/player.html?autoplay=true&imaAdUnit=43010785%2Fwallanews%2Fmain%2Fpre_desktop&imaKeyValues=%7B%22app_name%22%3Afalse%2C%22providerId%22%3A0%2C%22item_id%22%3A0%2C%22vertical_id%22%3A173%2C%22vertical_name%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94%22%2C%22category_id%22%3A0%2C%22item_type%22%3A%22%22%2C%22exclusive%22%3A%22not%22%2C%22login%22%3A%22no%22%2C%22isMobileApp%22%3Afalse%7D&muted=true&player=walla&stream=https%3A%2F%2Famg01742-walla-wallanews-ono-2eohr.amagi.tv%2Fplaylist.m3u8&url=https%3A%2F%2Fwww.walla.co.il%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-15.fra53.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: e18c7f470c660da0fbb80b92916bd2f6d3b5c5c761d5dfa9008ab8fa3db1abc1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/public/player.html?autoplay=true&imaAdUnit=43010785%2Fwallanews%2Fmain%2Fpre_desktop&imaKeyValues=%7B%22app_name%22%3Afalse%2C%22providerId%22%3A0%2C%22item_id%22%3A0%2C%22vertical_id%22%3A173%2C%22vertical_name%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94%22%2C%22category_id%22%3A0%2C%22item_type%22%3A%22%22%2C%22exclusive%22%3A%22not%22%2C%22login%22%3A%22no%22%2C%22isMobileApp%22%3Afalse%7D&muted=true&player=walla&stream=https%3A%2F%2Famg01742-walla-wallanews-ono-2eohr.amagi.tv%2Fplaylist.m3u8&url=https%3A%2F%2Fwww.walla.co.il%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 11:03:54 GMT
content-encoding: gzip
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
last-modified: Fri, 30 Dec 2022 10:48:56 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA53-C1
age: 80253
etag: W/"2d69-18562a62dc0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=2592000
x-amz-cf-id: Qa5FhNCpN1znSPfnKEouayBPEU5Ot8Mi9rge2SDAWuKnBUPzUa6vug==
x-cached: MISS

GET
H2 200 330_953ff1f1c06d4fe6a383_953ff1f1c06d4fe6a383_walla.js Show response
www.walla.co.il/public/ Frame DD0E 698 KB
188 KB 9ms
8ms Script
application/javascript 143.204.215.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.walla.co.il/public/330_953ff1f1c06d4fe6a383_953ff1f1c06d4fe6a383_walla.js
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/public/player.html?autoplay=true&imaAdUnit=43010785%2Fwallanews%2Fmain%2Fpre_desktop&imaKeyValues=%7B%22app_name%22%3Afalse%2C%22providerId%22%3A0%2C%22item_id%22%3A0%2C%22vertical_id%22%3A173%2C%22vertical_name%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94%22%2C%22category_id%22%3A0%2C%22item_type%22%3A%22%22%2C%22exclusive%22%3A%22not%22%2C%22login%22%3A%22no%22%2C%22isMobileApp%22%3Afalse%7D&muted=true&player=walla&stream=https%3A%2F%2Famg01742-walla-wallanews-ono-2eohr.amagi.tv%2Fplaylist.m3u8&url=https%3A%2F%2Fwww.walla.co.il%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-15.fra53.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: e738c53ef449838876fe4764541af72c41a7a77123674f2df73d11872b8e2c87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/public/player.html?autoplay=true&imaAdUnit=43010785%2Fwallanews%2Fmain%2Fpre_desktop&imaKeyValues=%7B%22app_name%22%3Afalse%2C%22providerId%22%3A0%2C%22item_id%22%3A0%2C%22vertical_id%22%3A173%2C%22vertical_name%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94%22%2C%22category_id%22%3A0%2C%22item_type%22%3A%22%22%2C%22exclusive%22%3A%22not%22%2C%22login%22%3A%22no%22%2C%22isMobileApp%22%3Afalse%7D&muted=true&player=walla&stream=https%3A%2F%2Famg01742-walla-wallanews-ono-2eohr.amagi.tv%2Fplaylist.m3u8&url=https%3A%2F%2Fwww.walla.co.il%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 11:03:54 GMT
content-encoding: gzip
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
last-modified: Fri, 30 Dec 2022 10:48:56 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA53-C1
age: 80253
etag: W/"ae7fe-18562a62dc0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=2592000
x-amz-cf-id: ehQ9vRtvO8X3bv_MMwC-RrPUq0o8wjnlwM3HwI5C4dD9hNK8a6SvgQ==
x-cached: MISS

GET
H2 200 player_dedd31ca649d0d1e7e30_dedd31ca649d0d1e7e30_walla.js Show response
www.walla.co.il/public/ Frame DD0E 30 KB
10 KB 8ms
8ms Script
application/javascript 143.204.215.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.walla.co.il/public/player_dedd31ca649d0d1e7e30_dedd31ca649d0d1e7e30_walla.js
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/public/player.html?autoplay=true&imaAdUnit=43010785%2Fwallanews%2Fmain%2Fpre_desktop&imaKeyValues=%7B%22app_name%22%3Afalse%2C%22providerId%22%3A0%2C%22item_id%22%3A0%2C%22vertical_id%22%3A173%2C%22vertical_name%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94%22%2C%22category_id%22%3A0%2C%22item_type%22%3A%22%22%2C%22exclusive%22%3A%22not%22%2C%22login%22%3A%22no%22%2C%22isMobileApp%22%3Afalse%7D&muted=true&player=walla&stream=https%3A%2F%2Famg01742-walla-wallanews-ono-2eohr.amagi.tv%2Fplaylist.m3u8&url=https%3A%2F%2Fwww.walla.co.il%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-15.fra53.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: e88d0252b17c67a7272d2ef1c8b13481cd964a903996d7100e019b7dcf2117c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/public/player.html?autoplay=true&imaAdUnit=43010785%2Fwallanews%2Fmain%2Fpre_desktop&imaKeyValues=%7B%22app_name%22%3Afalse%2C%22providerId%22%3A0%2C%22item_id%22%3A0%2C%22vertical_id%22%3A173%2C%22vertical_name%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94%22%2C%22category_id%22%3A0%2C%22item_type%22%3A%22%22%2C%22exclusive%22%3A%22not%22%2C%22login%22%3A%22no%22%2C%22isMobileApp%22%3Afalse%7D&muted=true&player=walla&stream=https%3A%2F%2Famg01742-walla-wallanews-ono-2eohr.amagi.tv%2Fplaylist.m3u8&url=https%3A%2F%2Fwww.walla.co.il%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 11:03:54 GMT
content-encoding: gzip
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
last-modified: Fri, 30 Dec 2022 10:48:56 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA53-C1
age: 80253
etag: W/"768e-18562a62dc0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=2592000
x-amz-cf-id: Uvt_NzP2xXMQaQyhvOWL1YqtjekZM3Rr2feRXhvOZZiFUnEHtH6VOw==
x-cached: MISS

GET
H2 200 init.7171b9a4c8e511f032f0.js Show response
web-sdk.smartlook.com/es6/ 54 KB
16 KB 22ms
7ms Script
application/javascript 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://web-sdk.smartlook.com/es6/init.7171b9a4c8e511f032f0.js

Requested by

Host: web-sdk.smartlook.com
URL: https://web-sdk.smartlook.com/recorder.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

f000048e202ba3ed2a2d49bc09f11e77faa217ac28d71dd8b435f2ef6009cf5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.walla.co.il/
Origin: https://www.walla.co.il
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 31 Dec 2022 09:21:27 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
x-cache: HIT
x-77-cache: HIT
cross-origin-resource-policy: cross-origin
x-age: 850429
x-77-nzt: AcO1rgVtjgH//fkMAA
x-accel-expires: @1703164058
last-modified: Wed, 21 Dec 2022 12:31:30 GMT
server: CDN77-Turbo
etag: W/"63a2fca2-d8e6"
x-77-nzt-ray: 25b021312e10182517ffaf63ec2eee34
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable

GET
H2 403 bdbae668-c577-4545-8fc2-4ad4eab52b2c-web.js
cdn.permutive.com/ 0
0 76ms
22ms Script
text/html 104.19.149.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.permutive.com/bdbae668-c577-4545-8fc2-4ad4eab52b2c-web.js?d=2022-12-31
Requested by: Host: cf.dxmcdn.com
URL: https://cf.dxmcdn.com/dta/wallawb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.149.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H2 200 kahoona-idx-live.js Show response
d2r08ja41ypc0t.cloudfront.net/WALLA/ 18 KB
7 KB 46ms
7ms Script
application/javascript 2600:9000:2057:9400:4:1c73:c740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2r08ja41ypc0t.cloudfront.net/WALLA/kahoona-idx-live.js
Requested by: Host: cf.dxmcdn.com
URL: https://cf.dxmcdn.com/dta/wallawb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:9400:4:1c73:c740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ab0aa272129b8414307f03545286a8afb10195cdd7e095ab1bd686f5044894ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: XUMYA8aafEZUII4bjvNLB4prrBgXRwRQ
content-encoding: gzip
via: 1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
date: Fri, 30 Dec 2022 13:31:37 GMT
last-modified: Wed, 28 Dec 2022 13:25:53 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 71393
etag: W/"0901f4e054bf0ffdba40b1ae9c2e08b2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: fT60Ilp-wOOLpUxsUfWjrNFygzIRUw7d9ZW_AoYCprmGeiE1riuvMg==

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 83ms
40ms XHR
text/plain 2a00:1450:400d:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.walla.co.il
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 62ms
20ms Script
text/javascript 2a00:1450:400d:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KL6PRJM

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 31 Dec 2022 08:27:20 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 3247
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Sat, 31 Dec 2022 10:27:20 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 224 KB
77 KB 107ms
66ms Script
application/javascript 2a00:1450:400d:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-L30GH6X3WK&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KL6PRJM

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

649eb0b21b190156a56c2d13a58fe6ba823512b8cdb2650ae83d55ff66bc3153

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78987
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 31 Dec 2022 09:21:27 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 67ms
41ms XHR
text/plain 2a00:1450:400d:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1540366654&t=pageview&_s=1&dl=https%3A%2F%2Fwww.walla.co.il%2F&ul=en-us&de=UTF-8&dt=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20-%20%D7%94%D7%90%D7%AA%D7%A8%20%D7%94%D7%9E%D7%95%D7%91%D7%99%D7%9C%20%D7%91%D7%99%D7%A9%D7%A8%D7%90%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%9E%D7%A1%D7%91%D7%99%D7%91%20%D7%9C%D7%A9%D7%A2%D7%95%D7%9F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEABEAAAACAAI~&jid=1976422475&gjid=230273670&cid=1379669123.1672478488&tid=UA-4780630-1&_gid=382441059.1672478488&_r=1&gtm=2wgbu0T728TH&cd1=1379669123.1672478488&cd2=173&cd3=&cd4=&cd6=&cd7=&cd8=&cd10=0&cd20=no&cd22=0&cd23=0&cd24=0&cd26=&cd27=&cd28=&cd29=&cd30=&cd31=&cd32=%D7%95%D7%95%D7%90%D7%9C%D7%94&cd33=not&cd34=&cd51=&cd53=&cd54=&cd55=&cd56=&cd59=&cd62=&cd63=&cd65=no&cd69=1&cd76=&cd98=&cd107=&cd108=no&cd109=no&cd110=&cd113=1&cd115=&cd116=0&z=1344331156

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.walla.co.il
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 45 KB
17 KB 136ms
59ms Script
text/javascript 142.250.201.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T728TH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.201.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s35-in-f2.1e100.net

Software

cafe /

Resource Hash

ebcd43274f956ef6d5c0f690695cc56c35a3a77180c9d1b80791febe4e27f601

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16823
x-xss-protection: 0
server: cafe
etag: 6351308751113588399
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 31 Dec 2022 09:21:28 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 103 KB
28 KB 35ms
10ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 31 Dec 2022 09:21:27 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27298
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: aaru6UhXMODtfGSG3t/DDbtHVdNxOU+SIll2SjWc/Y5fNwPi7Gs2Jzx8dHo8ku4h/gCLYneLXxlnuOpD+hLpYA==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 224 KB
77 KB 70ms
50ms Script
application/javascript 2a00:1450:400d:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-RYD7X7E8VN&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T728TH

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ef956008c9c38c79681223fa4da81d9b69805c5bdc3b19fab47206d1eaefa71b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78982
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 31 Dec 2022 09:21:27 GMT

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1245572/ 58 KB
18 KB 43ms
7ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1245572/tfa.js
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 719cf83680e234cf16ce5c725840d858f8eb36cc755a442c9e9e27edc966e606

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: 0CIkgJAN0K5zUaMu1XzFI1PZkny8VEl8
content-encoding: gzip
via: 1.1 varnish
date: Sat, 31 Dec 2022 09:21:27 GMT
x-amz-request-id: 0KQ3FC7C0J3NP3Q7
age: 91
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 18204
x-amz-id-2: tMq9aoP1xqZNscgSg5p3GtvqET8QQi++MdsaO3XOziClijGwA31gFPQnrnIZcAK9kB3goSGwql0=
x-served-by: cache-hhn-etou8220044-HHN
last-modified: Wed, 28 Dec 2022 12:21:58 GMT
server: AmazonS3
x-timer: S1672478488.978848,VS0,VE0
etag: "308db2d931837849393908c8a0ce5fd6"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 87
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 5

GET
H/1.1 200
OK widget_iframe.644279d1635fd969e87af94a98bd232b.html Show response
platform.twitter.com/widgets/ Frame 6F66 320 KB
104 KB 7ms
7ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fwww.walla.co.il
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6762) /
Resource Hash: 8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3000
Age: 812302
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105445
Content-Type: text/html; charset=utf-8
Date: Sat, 31 Dec 2022 09:21:27 GMT
Etag: "50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
Last-Modified: Wed, 02 Nov 2022 19:36:59 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6762)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

GET
H2 200 px.gif
widget-pixels.outbrain.com/widget/detect/ 43 B
341 B 78ms
8ms Image
image/gif 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:28 GMT
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 43
expires: Mon, 30 Jan 2023 09:21:28 GMT

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9869.VtbY8pnlcSMisqAmEgngTgCATidh1mcwDanEV0zVGq3ub74P0mi_Ag-_XXbIJQDM.QvOWegSncH_z_AZ0Soro18sTUKM%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9869.By8klIMXXUGuc28sVbD1XmswMoas9lBKoiwy8QyqwsKPytf99QVvpqM_ZzYNvIy82AQAqhXeQ_YfezsIYqRK5TiG74JXe3hwrMUHw7NCLBE%2C.RnDrIAL-yYTWs24p7anPAUac9AU%2C

75 B
75 B

54ms
54ms

Image
text/html

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9869.By8klIMXXUGuc28sVbD1XmswMoas9lBKoiwy8QyqwsKPytf99QVvpqM_ZzYNvIy82AQAqhXeQ_YfezsIYqRK5TiG74JXe3hwrMUHw7NCLBE%2C.RnDrIAL-yYTWs24p7anPAUac9AU%2C

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:28 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9869.By8klIMXXUGuc28sVbD1XmswMoas9lBKoiwy8QyqwsKPytf99QVvpqM_ZzYNvIy82AQAqhXeQ_YfezsIYqRK5TiG74JXe3hwrMUHw7NCLBE%2C.RnDrIAL-yYTWs24p7anPAUac9AU%2C
date: Sat, 31 Dec 2022 09:21:28 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2

400

sync_cookie_image_decide
mc.yandex.co.il/
Redirect Chain

https://mc.yandex.co.il/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.co.il&token=9869.ZERWQ12-ms3frFOD9ZUgC_0QhN_joySZ4ck6kkejXxWo3JXsejpinGnffVPk0W_5.k8FFqPXtcDIqKr9hYDgi5JsUhwY%2C
https://mc.yandex.co.il/sync_cookie_image_decide?token=9869.paMZ_BkgdTtvl3NOrrwWfSd0u4nL7Dwl-ww91vV1RrlApaib3jtPk9Hv4G2inUTR4z8wYHRyEo7HoiDY7mCN3S8JteOCQZ7sODnYFlFKciE%2C.fc3sJMrLs7B3ISmknNvQ3VzL1N...

75 B
75 B

52ms
52ms

Image
text/html

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.co.il/sync_cookie_image_decide?token=9869.paMZ_BkgdTtvl3NOrrwWfSd0u4nL7Dwl-ww91vV1RrlApaib3jtPk9Hv4G2inUTR4z8wYHRyEo7HoiDY7mCN3S8JteOCQZ7sODnYFlFKciE%2C.fc3sJMrLs7B3ISmknNvQ3VzL1NQ%2C

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:28 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.co.il/sync_cookie_image_decide?token=9869.paMZ_BkgdTtvl3NOrrwWfSd0u4nL7Dwl-ww91vV1RrlApaib3jtPk9Hv4G2inUTR4z8wYHRyEo7HoiDY7mCN3S8JteOCQZ7sODnYFlFKciE%2C.fc3sJMrLs7B3ISmknNvQ3VzL1NQ%2C
date: Sat, 31 Dec 2022 09:21:28 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 3474627-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_200/3/4/7/4/ 3 KB
4 KB 10ms
9ms Image
image/avif 143.204.215.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wcdn.co.il/f_auto,q_auto,w_200/3/4/7/4/3474627-46.jpg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-94.fra53.r.cloudfront.net
Software: cloudinary /
Resource Hash: 956577cb1cd8ce2329b277b94b84245534c629dfc97e13082c19a6df18a99fe0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 07:49:43 GMT
via: 1.1 varnish, 1.1 d01ad8df731d3f120823f9e20df55146.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 178304
edge-cache-tag: 189731625322406006394598963561302440622,385029475625341910144138938533186147889,d2bce9e04f88d43dd8350e859c701704
cache-tag: 189731625322406006394598963561302440622,385029475625341910144138938533186147889,d2bce9e04f88d43dd8350e859c701704
status: 200 OK
x-cache: Hit from cloudfront
content-length: 3517
x-request-id: 80f95207563836c0c6adab37cb4858f0
x-served-by: cache-iad-kjyo7100132-IAD
last-modified: Thu, 29 Dec 2022 07:49:44 GMT
server: cloudinary
x-timer: S1672300183.932805,VS0,VE389
etag: "8f3deabb514ace1d408f3015ac78faac"
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: RKigFI8LDPwz9xpdUNJJMzENNugIGiyAKNeVyFEgDdlp4nYNmjcqpg==
x-cache-hits: 0

GET
H2 200 3474251-46.jpeg
images.wcdn.co.il/f_auto,q_auto,w_200/3/4/7/4/ 4 KB
5 KB 10ms
10ms Image
image/avif 143.204.215.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wcdn.co.il/f_auto,q_auto,w_200/3/4/7/4/3474251-46.jpeg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-94.fra53.r.cloudfront.net
Software: cloudinary /
Resource Hash: 261212f0afe198339163c027bbff7713059a4f0b781870a45f76bb233f16f8d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 07:49:43 GMT
via: 1.1 varnish, 1.1 d01ad8df731d3f120823f9e20df55146.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 178304
edge-cache-tag: 333299483654075933853144967700810213658,294469140922281122699657686388755206154,d2bce9e04f88d43dd8350e859c701704
cache-tag: 333299483654075933853144967700810213658,294469140922281122699657686388755206154,d2bce9e04f88d43dd8350e859c701704
status: 200 OK
x-cache: Hit from cloudfront
content-length: 3871
x-request-id: 8093af5676fed036ef50ee116fbc2482
x-served-by: cache-lga21924-LGA
last-modified: Thu, 29 Dec 2022 07:49:44 GMT
server: cloudinary
x-timer: S1672300183.749603,VS0,VE489
etag: "189f2b09df0983251939e7d46bce3dd3"
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: 06OyXvg-haWjIczdP-_A61biYtZ-0xYIjvrpZRZis9zpQsdlH6AZOQ==
x-cache-hits: 0

GET
H2 200 play.svg
www.walla.co.il/public/assets/icons/ 359 B
717 B 8ms
8ms Image
image/svg+xml 143.204.215.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/icons/play.svg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-15.fra53.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: daa21d896f1bb4d044779b10b38fd7793654c8b214908be7ae812dbff9f083d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 11:03:55 GMT
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
last-modified: Fri, 30 Dec 2022 10:46:16 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA53-C1
age: 80253
etag: W/"167-18562a3bcc0"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 359
x-cached: MISS
x-amz-cf-id: 8IJle2dgn2wPmKZjmW0j9by6oWEA_2tSVKd-UdNGbyi_xErtj3nvTg==

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
135 B 51ms
51ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:28 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 30 Dec 2022 07:53:53 GMT
etag: "63ae6ee1-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Sat, 31 Dec 2022 10:21:28 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
442 B 65ms
19ms XHR
text/plain 2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-4780630-1&cid=1379669123.1672478488&jid=1976422475&gjid=230273670&_gid=382441059.1672478488&_u=aEDAAEABEAAAACAAI~&z=969991663

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 31 Dec 2022 09:21:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.walla.co.il
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 6F66 1 KB
734 B 152ms
118ms Fetch
application/json 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=694866fa2ea9feb2e4af2087dce09a56e39ed6bf

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fwww.walla.co.il

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

10fc98318d2b1839f0d1783b5dc616cc96954174df0fd185f49a5a51d6b5e361

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-response-time: 110
date: Sat, 31 Dec 2022 09:21:27 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Sat, 31 Dec 2022 09:21:28 GMT
server: tsa_o
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: 361ea012825c077c
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: caa1435a57a62b5bb36d4d6873be0f3aadf3c9075aff0dd2f6e64b7376caf311
content-length: 413

GET
H2 200 logo.png
www.walla.co.il/public/assets/pikud/ 21 KB
22 KB 8ms
8ms Image
image/png 143.204.215.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/pikud/logo.png
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-15.fra53.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 76d0d144cab37ceb245da2686fc8b5188508a91aee42773c8caba340dd7e4309

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 11:03:54 GMT
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
last-modified: Fri, 30 Dec 2022 10:46:16 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA53-C1
age: 80254
etag: W/"558e-18562a3bcc0"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 21902
x-cached: MISS
x-amz-cf-id: DvKFZZ3iHeGIgtLYoNLSPfH3ZaDHfQTz6ucMDR7YiWc4qbLt0T2E6w==

GET
H2

200

map-id
ledger.crowdad.io/
Redirect Chain

https://ib.adnxs.com/getuid?https://ledger.crowdad.io/map-id?publisherId=WALLA&publisherUserId=&kaUserId=a0e6259b-cc9b-43de-8a0a-18c200cd7064&adnxsUserId=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fledger.crowdad.io%2Fmap-id%3FpublisherId%3DWALLA%26publisherUserId%3D%26kaUserId%3Da0e6259b-cc9b-43de-8a0a-18c200cd7064%26adnxsUserId%3D%24UID
https://ledger.crowdad.io/map-id?publisherId=WALLA&publisherUserId=&kaUserId=a0e6259b-cc9b-43de-8a0a-18c200cd7064&adnxsUserId=6142884088923626129

0
38 B

185ms
32ms

Image
text/plain

54.194.227.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ledger.crowdad.io/map-id?publisherId=WALLA&publisherUserId=&kaUserId=a0e6259b-cc9b-43de-8a0a-18c200cd7064&adnxsUserId=6142884088923626129
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Server: 54.194.227.63 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-227-63.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:28 GMT
content-length: 0

Redirect headers

Date: Sat, 31 Dec 2022 09:21:28 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 81.95.5.35; 81.95.5.35; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 73270eaf-1b05-4ec9-97e7-c68618afe9de
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://ledger.crowdad.io/map-id?publisherId=WALLA&publisherUserId=&kaUserId=a0e6259b-cc9b-43de-8a0a-18c200cd7064&adnxsUserId=6142884088923626129
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 handshakes Show response
khn.crowdad.io/ 0
105 B 105ms
34ms XHR
text/plain 54.220.80.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://khn.crowdad.io/handshakes
Requested by: Host: d2r08ja41ypc0t.cloudfront.net
URL: https://d2r08ja41ypc0t.cloudfront.net/WALLA/kahoona-idx-live.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.220.80.235 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-220-80-235.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.walla.co.il
date: Sat, 31 Dec 2022 09:21:28 GMT
access-control-allow-credentials: true
content-length: 0

OPTIONS
H2 200 handshakes
khn.crowdad.io/ Frame 0
0 151ms
30ms Preflight 54.220.80.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://khn.crowdad.io/handshakes
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.220.80.235 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-220-80-235.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.walla.co.il
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://www.walla.co.il
content-length: 0
date: Sat, 31 Dec 2022 09:21:28 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 112ms
49ms Image
image/gif 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-4780630-1&cid=1379669123.1672478488&jid=1976422475&_u=aEDAAEABEAAAACAAI~&z=1119127143

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 128ms
65ms Image
image/gif 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-4780630-1&cid=1379669123.1672478488&jid=1976422475&_u=aEDAAEABEAAAACAAI~&z=1119127143

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 get Show response
mv.outbrain.com/Multivac/api/ 2 KB
1 KB 189ms
135ms Script
text/javascript 199.232.18.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fwww.walla.co.il%2F&idx=0&rand=67410&key=NANOWDGT01&widgetJSId=AR_57&va=true&et=true&format=html&adblck=false&abwl=false&px=0&py=0&vpd=0&cw=1600&activeTab=true&darkMode=false&ab=0&wl=0&umv=1&settings=true&recs=true&version=201010&sig=gBsVzksV&apv=false&&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fwww.walla.co.il%2F
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.18.132 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 1c069976a292c5fb4f7c6632272d5d02e22a12b450dde1f4f38748c5b1552663

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-cache-hits: 0, 0
date: Sat, 31 Dec 2022 09:21:28 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, VIE, Europe1
x-timer: S1672478488.242062,VS0,VE120
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-served-by: cache-lga21944-LGA, cache-vie6379-VIE
x-traceid: edcaaed8f1c9a1122f8cee9756f5a225
accept-ranges: bytes
content-length: 1139
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 walla.json Show response
www.walla.co.il/public/player-config/ Frame DD0E 111 B
481 B 8ms
8ms Fetch
application/json 143.204.215.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.walla.co.il/public/player-config/walla.json?cache=1
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/public/player_dedd31ca649d0d1e7e30_dedd31ca649d0d1e7e30_walla.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-15.fra53.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 51f3359dfda7f7e3bb7ca5440eba096f6b170c38da65853d53fc56bdd65f396a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/public/player.html?autoplay=true&imaAdUnit=43010785%2Fwallanews%2Fmain%2Fpre_desktop&imaKeyValues=%7B%22app_name%22%3Afalse%2C%22providerId%22%3A0%2C%22item_id%22%3A0%2C%22vertical_id%22%3A173%2C%22vertical_name%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94%22%2C%22category_id%22%3A0%2C%22item_type%22%3A%22%22%2C%22exclusive%22%3A%22not%22%2C%22login%22%3A%22no%22%2C%22isMobileApp%22%3Afalse%7D&muted=true&player=walla&stream=https%3A%2F%2Famg01742-walla-wallanews-ono-2eohr.amagi.tv%2Fplaylist.m3u8&url=https%3A%2F%2Fwww.walla.co.il%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 11:03:53 GMT
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
last-modified: Fri, 30 Dec 2022 10:46:16 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA53-C1
age: 80255
etag: W/"6f-18562a3bcc0"
x-cache: Hit from cloudfront
content-type: application/json; charset=UTF-8
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 111
x-cached: MISS
x-amz-cf-id: 7SIio9bKJKk9ER07uIJdgUBhhKhy4iLsQ_rz77SrOxOTuVqiU2_wLg==

POST
H2 204 collect
region1.google-analytics.com/g/ 0
347 B 42ms
17ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-RYD7X7E8VN&gtm=2oebu0&_p=1540366654&cid=1379669123.1672478488&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1672478488&sct=1&seg=0&dl=https%3A%2F%2Fwww.walla.co.il%2F&dt=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20-%20%D7%94%D7%90%D7%AA%D7%A8%20%D7%94%D7%9E%D7%95%D7%91%D7%99%D7%9C%20%D7%91%D7%99%D7%A9%D7%A8%D7%90%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%9E%D7%A1%D7%91%D7%99%D7%91%20%D7%9C%D7%A9%D7%A2%D7%95%D7%9F&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RYD7X7E8VN&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.walla.co.il
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 16ms
16ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-L30GH6X3WK&gtm=2oebu0&_p=1540366654&cid=1379669123.1672478488&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1672478488&sct=1&seg=0&dl=https%3A%2F%2Fwww.walla.co.il%2F&dt=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20-%20%D7%94%D7%90%D7%AA%D7%A8%20%D7%94%D7%9E%D7%95%D7%91%D7%99%D7%9C%20%D7%91%D7%99%D7%A9%D7%A8%D7%90%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%9E%D7%A1%D7%91%D7%99%D7%91%20%D7%9C%D7%A9%D7%A2%D7%95%D7%9F&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L30GH6X3WK&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.walla.co.il
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 json Show response
trc.taboola.com/1245572/trc/3/ 2 KB
1 KB 38ms
22ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1245572/trc/3/json?tim=1672478488272&data=%7B%22id%22%3A871%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1672478488266%2C%22cv%22%3A%2220221227-23-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.walla.co.il%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Drtbee-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1672478488271%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fwww.walla.co.il%2F%22%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A9%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1245572/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 02fab48cc88567b1aab6efa461c22dc4790581a147965d6f4727cdfc565ac707

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms: 16
date: Sat, 31 Dec 2022 09:21:28 GMT
content-encoding: gzip
via: 1.1 varnish
x-served-by: cache-hhn-etou8220044-HHN
server: nginx
x-timer: S1672478488.289736,VS0,VE16
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
content-type: application/javascript; charset=utf-8
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H3 200 1616785908557850 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 21ms
9ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1616785908557850?v=2.9.90&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8e42a10b214aa2c7f4bd656c7adcefd0bc37ca264d205c40e5a0537aa90d3149

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 31 Dec 2022 09:21:28 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86270
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: RBdiFTwZ9zoTtD9YGPfj93rR4edgF5gcQuBf47vsnOk0zitz1QxZOaVmECRWmAC+BjaxaryBxTQLcWVb25r72w==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/964224610/ 2 KB
2 KB 46ms
20ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/964224610/?random=1672478488316&cv=9&fst=1672478488316&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.walla.co.il%2F&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20-%20%D7%94%D7%90%D7%AA%D7%A8%20%D7%94%D7%9E%D7%95%D7%91%D7%99%D7%9C%20%D7%91%D7%99%D7%A9%D7%A8%D7%90%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%9E%D7%A1%D7%91%D7%99%D7%91%20%D7%9C%D7%A9%D7%A2%D7%95%D7%9F&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec4ca76f86a024e5534a970e51f2d9786248d7437f049e6548616721a76e5a34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 981
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame DD0E 4 KB
4 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Referer
Origin: https://www.walla.co.il
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
BLOB 206
Partial Content 9f40707d-c7df-44c9-9574-9ef87f9d6ead
https://www.walla.co.il/ Frame DD0E 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.walla.co.il/9f40707d-c7df-44c9-9574-9ef87f9d6ead
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H2 200 playlist.m3u8 Show response
amg01742-walla-wallanews-ono-2eohr.amagi.tv/ Frame DD0E 732 B
1 KB 78ms
11ms XHR
application/vnd.apple.mpegurl 99.86.4.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://amg01742-walla-wallanews-ono-2eohr.amagi.tv/playlist.m3u8
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/public/330_953ff1f1c06d4fe6a383_953ff1f1c06d4fe6a383_walla.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-83.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2da824787b226f8860272dc44169ce7ec8708e7737ed663a211c7a7ce64c426f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:28 GMT
via: 1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 1
x-cache: Hit from cloudfront
content-length: 732
last-modified: Mon, 14 Nov 2022 11:38:03 GMT
server: AmazonS3
etag: "77ff7239dd2ac86596114ebb9b3d04e0"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
cache-control: max-age=3
accept-ranges: bytes
x-amz-cf-id: ELmvYNHaDHQlLTycVqv5tB3mNqkNtqDF2VH8PGw4FoIabrSsMbIUsw==

GET
H3 200 bridge3.549.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 743A 693 KB
222 KB 9ms
9ms Document
text/html 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

95b968e13d205a7842b355f9bd82f9f64f6f272ff0810734c49d2bb89d64a336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 490105
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 227324
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Sun, 25 Dec 2022 17:13:03 GMT
expires: Mon, 25 Dec 2023 17:13:03 GMT
last-modified: Fri, 09 Dec 2022 15:29:50 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame DD0E 44 KB
17 KB 163ms
64ms Script
text/javascript 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 31 Dec 2022 09:21:28 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame DD0E 107 B
549 B 45ms
17ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.walla.co.il

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 170717926997655 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 13ms
11ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/170717926997655?v=2.9.90&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

92d830ba3e0fbea801ca68df5a2591abf9e2956b81335c040361aa493efdd5c1

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 31 Dec 2022 09:21:28 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86210
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 7IbOaggDMX2zm7lI9+pIuTJsWbjVXzu+pC0GuA9Cg3tZwQ+7C6eZcYKJQa1nyYmlIsM6bEpbPr98KUyED0L5UA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 43ms
9ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1616785908557850&ev=PageView&dl=https%3A%2F%2Fwww.walla.co.il%2F&rl=&if=false&ts=1672478488406&sw=1600&sh=1200&v=2.9.90&r=stable&ec=0&o=30&fbp=fb.2.1672478488405.1939708103&it=1672478488279&coo=false&rqm=GET

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 31 Dec 2022 09:21:28 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

OPTIONS
H2 200 init
hb-dot-valuad.appspot.com/ Frame 0
0 235ms
139ms Preflight
text/html 2a00:1450:400d:804::2014
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://hb-dot-valuad.appspot.com/init?d=pubsub
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400d:804::2014 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-request-id,x-vad-version
Access-Control-Request-Method: POST
Origin: https://www.walla.co.il
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-request-id,x-vad-version
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin: https://www.walla.co.il
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Sat, 31 Dec 2022 09:21:28 GMT
server: Google Frontend
x-cloud-trace-context: cfbfd1d439d7a8ce18a211196be4baaf
x-request-id: undefined

POST
H3 200 init Show response
hb-dot-valuad.appspot.com/ 38 B
87 B 692ms
650ms Fetch
application/json 2a00:1450:400d:804::2014
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://hb-dot-valuad.appspot.com/init?d=pubsub
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672444800000
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:804::2014 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 4fd404a3dd41ba5796289aa477fbab1ca6d8417713f348dc46088f0f304a4c86

Request headers

Content-Type: application/json
Accept: application/json
Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
x-request-id: 38ddeb62-8261-4837-9560-b7568a8598bc
x-vad-version: 0.9.13

Response headers

date: Sat, 31 Dec 2022 09:21:29 GMT
content-encoding: gzip
server: Google Frontend
etag: W/"26-mVNvu0agnvYcPb+7WMdjUD1kmNU"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.walla.co.il
x-cloud-trace-context: a695f8fd9db6f825439619f55bf36f39
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64
x-request-id: undefined

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
2 KB 43ms
16ms XHR
application/json 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20221231

Requested by

Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672444800000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2748364a1e1b0431dc18922af57c9e8c517869f522aff14de893b7fcc8328ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 31 Dec 2022 09:21:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 19240
x-jsd-version: 1.0.1572
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230021-FRA, cache-yyz4571-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"66b-bfk4lOFUJbbjbBtsrLjlmYp0ljE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=edegAfUTq%2Ft2Bn0QQnz68jU%2FmyR3JQztnzVu44kdwzgvFHBbtUhTFf0wR5tTbe3vIXQ2qTpjEq4yoWI9V4gCRnGp6aZwduXoGH5sUaB63y2Iy30fX2gpM1G1PoHJu7yCbpcabnM8nzRvkvqF1iY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 7821f1f8e96c9030-FRA

GET
H/1.1 200
OK localstore.js Show response
script.4dex.io/ 483 B
1 KB 50ms
18ms Script
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672444800000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sat, 31 Dec 2022 09:21:28 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Last-Modified: Wed, 23 Nov 2022 15:43:18 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 579016
ETag: W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J%2B3Yxe36EaKGCVughshajvI55d8n9T78dbZdiSo7o1x6h1n1q6BnNAQ%2B77FAlpZwrTGpH7o7vbT1R%2FsW%2FXZWLCbD6z6L3bHdfIJFlgxWdhNe9n%2F%2Fwx0gZ6jx3GbMteQ32NVw3X%2FcZTxC803%2B"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Connection: keep-alive
CF-RAY: 7821f1f8e9eebbad-FRA

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
507 B 291ms
240ms XHR
application/json 35.158.173.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=6.29.3&referrer=https%3A%2F%2Fwww.walla.co.il%2F&tmax=3000

Requested by

Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672444800000

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.158.173.74 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:28 GMT
accept-ch: sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.walla.co.il
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 416 B
750 B 221ms
123ms XHR
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=9&alt_size_ids=8&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.ref=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.page=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.domain=walla.co.il&tg_i.pbadslot=43010785%2Fwallanews%2Fmain%2Fskyscraper_desktop&tk_flint=pbjs_lite_v6.29.3&x_source.tid=a722a2cc-ae6d-425d-a9f4-335f2fa18ec1&l_pb_bid_id=894565a1e1e8bf&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Fmain%2Fskyscraper_desktop&slots=1&rand=0.6721505997716579
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672444800000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 9c22f16411371476f6865eee4d0a90a1d0a5737ceb7a88ebb2ba1cc421ce2620

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:28 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.walla.co.il
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 416
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 402 B
961 B 158ms
60ms XHR
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=15&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.ref=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.page=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.domain=walla.co.il&tg_i.pbadslot=43010785%2Fwallanews%2Fmain%2Fyad2_rectangle_desktop&tk_flint=pbjs_lite_v6.29.3&x_source.tid=cd67f7f6-f65e-43b5-872d-445276f6396f&l_pb_bid_id=9a5f03177d961c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Fmain%2Fyad2_rectangle_desktop&slots=1&rand=0.45763159358490846
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672444800000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 4a0320989a133f1fd6498afd814b432025f333114c751d6c8c64220fc7efb0a5

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:28 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.walla.co.il
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 402
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 398 B
732 B 182ms
85ms XHR
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=15&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.ref=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.page=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.domain=walla.co.il&tg_i.pbadslot=43010785%2Fwallanews%2Fmain%2Fshopping_rectangle&tk_flint=pbjs_lite_v6.29.3&x_source.tid=5f7047c3-f58a-48f8-8b3d-e3e7de526ea8&l_pb_bid_id=1013fbe444bb2fa&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Fmain%2Fshopping_rectangle&slots=1&rand=0.5637760504152691
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672444800000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: f1c33dfbaf65affca98e7bce878ec2e3d2e702be206ef6fdc801d504d1efd4ab

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:28 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.walla.co.il
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 398
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 409 B
742 B 193ms
96ms XHR
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=15&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.ref=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.page=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.domain=walla.co.il&tg_i.pbadslot=43010785%2Fwallanews%2Fmain%2Fsport_small_rectangle_desktop&tk_flint=pbjs_lite_v6.29.3&x_source.tid=a6f3185c-b5d5-42ad-bc6e-469ab990fc1d&l_pb_bid_id=113afe5919ebae5&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Fmain%2Fsport_small_rectangle_desktop&slots=1&rand=0.7088090553880355
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672444800000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 7ff61c25d8800b0bcbbb9cc6e18d9d6fa553e4e30692f8fceb3e0f68db75d4e9

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:28 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.walla.co.il
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 409
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
116 B 126ms
44ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672444800000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.walla.co.il
date: Sat, 31 Dec 2022 09:21:28 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 204
No Content / Show response
b1h-euc1.zemanta.com/api/bidder/prebid/bid/ 0
145 B 75ms
14ms XHR
text/plain 213.227.153.221
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://b1h-euc1.zemanta.com/api/bidder/prebid/bid/
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672444800000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.227.153.221 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: v182.ce14.ams-01.nl.leaseweb.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Connection: keep-alive
Access-Control-Allow-Origin: https://www.walla.co.il
Access-Control-Allow-Credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 15 KB
8 KB 203ms
202ms XHR
application/json 185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672444800000

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

9dddfaf9b598ff555f8915da7687bdb80c60a8e45f8713dea75a7363bb4d1860

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sat, 31 Dec 2022 09:21:28 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 81.95.5.35; 81.95.5.35; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: b42fa403-745f-4722-8298-c27a63531b9b
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.walla.co.il
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
562 B 350ms
91ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672444800000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:28 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.walla.co.il
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
557 B 354ms
95ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672444800000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:28 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.walla.co.il
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
557 B 398ms
139ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672444800000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:28 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.walla.co.il
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
557 B 353ms
95ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672444800000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:27 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.walla.co.il
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

GET
H2 200 arj Show response
u.openx.net/w/1.0/ 73 B
378 B 43ms
19ms XHR
application/json 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.walla.co.il%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=a722a2cc-ae6d-425d-a9f4-335f2fa18ec1%2Ccd67f7f6-f65e-43b5-872d-445276f6396f%2C5f7047c3-f58a-48f8-8b3d-e3e7de526ea8%2Ca6f3185c-b5d5-42ad-bc6e-469ab990fc1d&nocache=1672478488465&ph=699eab9c-3b10-4094-afdb-80584fcca830&schain=1.0%2C1!valuad.io%2C15113%2C1%2C%2C%2C&aus=120x600%2C160x600%7C300x250%7C300x250%7C300x250&divids=adSlot-2%2CadSlot-4%2CadSlot-5%2CadSlot-6&aucs=43010785%252Fwallanews%252Fmain%252Fskyscraper_desktop%2C43010785%252Fwallanews%252Fmain%252Fyad2_rectangle_desktop%2C43010785%252Fwallanews%252Fmain%252Fshopping_rectangle%2C43010785%252Fwallanews%252Fmain%252Fsport_small_rectangle_desktop&auid=544104782%2C544104782%2C544104782%2C544104782
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672444800000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 6a8f81b62b6202e7f386d17bc7261dbb816dcd238d735e18b9a60b0d78616cd8

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:28 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: application/json
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.walla.co.il
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
309 B 66ms
33ms XHR
text/plain 104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672444800000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 31 Dec 2022 09:21:28 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://www.walla.co.il
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 7821f1f9191f927d-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
36 B 71ms
38ms XHR
text/plain 104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672444800000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 31 Dec 2022 09:21:28 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://www.walla.co.il
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 7821f1f91922927d-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
35 B 66ms
33ms XHR
text/plain 104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672444800000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 31 Dec 2022 09:21:28 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://www.walla.co.il
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 7821f1f91925927d-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
36 B 74ms
42ms XHR
text/plain 104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672444800000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 31 Dec 2022 09:21:28 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://www.walla.co.il
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 7821f1f91926927d-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 200 v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ 892 B
1 KB 92ms
41ms XHR
application/json 185.255.84.150
IGUANE-

General

Check archive.org

Show headers Download Go to

Full URL

https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.walla.co.il%2F&CanonicalUrl=https%3A%2F%2Fwww.walla.co.il%2F&PublisherDomain=walla.co.il

Requested by

Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672444800000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.150 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

69f0d5cd348f22cdca75b7620891b9d574f37ae00ddd81c95ead46944c795ab5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:28 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.walla.co.il
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 25
vary: Accept-Encoding
access-control-allow-headers: Accept-Encoding, Content-Type
content-length: 892
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 471 B
1 KB 48ms
18ms XHR
application/json 185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672444800000

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

7d190ebafe0d7aad3d40a2c1688200be9a662ba0ab93c5100f75540be0d6e814

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 31 Dec 2022 09:21:28 GMT
AN-X-Request-Uuid: 0da4c138-3543-497b-9403-ae57319c45eb
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.walla.co.il
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 81.95.5.35; 81.95.5.35; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 471
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ 18 B
313 B 55ms
24ms XHR
application/json 2a02:2638:1::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.29.3&cb=44886879240

Requested by

Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672444800000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 31 Dec 2022 09:21:28 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.walla.co.il
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
363 B 39ms
8ms XHR
application/json 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672444800000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://www.walla.co.il
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 200 prebid Show response
mp.4dex.io/ 114 B
513 B 64ms
30ms XHR
application/json 2606:4700::6812:272
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672444800000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d15aa6c9eddff45637c86819bd74f95ef49ffb18e844c7afb7bc348563102507

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

x-version: 3.0.0-gcp-ams
date: Sat, 31 Dec 2022 09:21:28 GMT
x-err: Shapings: no adunits with size and seat and mapping
via: 1.1 google
cf-cache-status: DYNAMIC
content-encoding: gzip
x-warn: Process Seats Booster. unable to get the seat booster engine for organization: 1241
pragma: no-cache
server: cloudflare
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.walla.co.il
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 7821f1f92ed79174-FRA
expires: 0

POST
H2 200 hb-mm-multi Show response
hb.minutemedia-prebid.com/ 105 B
406 B 359ms
95ms XHR
application/json 3.224.73.247
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672444800000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.224.73.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-224-73-247.compute-1.amazonaws.com
Software: /
Resource Hash: 3a174f1ffeeae9a0f5385dc69704cd77397fd7f5675e932cca35483b149a5855

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 31 Dec 2022 09:21:28 GMT
x-reason: maxmind anonymous
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.walla.co.il
content-type: application/json
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length: 105

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 67ms
17ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.walla.co.il

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071257

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 33ms
15ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.walla.co.il

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071257

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 68 KB
23 KB 475ms
475ms XHR
text/plain 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3720060284199408&correlator=4148444170399496&eid=31070872%2C31071257%2C44777900%2C44780197&output=ldjh&gdfp_req=1&vrg=2022120701&ptt=17&impl=fifs&iu_parts=43010785%2Cwallanews%2Cmain%2Cnickbar_desktop%2Ctop_desktop%2Cpremium_rectangle1_desktop%2Cdontmiss_strip_desktop%2Crm1_desktop%2Crm2_desktop%2Crm3_desktop%2Crm4_desktop%2Crm5_desktop%2Crm6_desktop%2Crm7_desktop%2Crm8_desktop%2Crm9_desktop%2Crm10_desktop%2Crm11_desktop%2Crm12_desktop&enc_prev_ius=0%2F1%2F2%2F3%2C0%2F1%2F2%2F4%2C0%2F1%2F2%2F5%2C0%2F1%2F2%2F6%2C0%2F1%2F2%2F7%2C0%2F1%2F2%2F8%2C0%2F1%2F2%2F9%2C0%2F1%2F2%2F10%2C0%2F1%2F2%2F11%2C0%2F1%2F2%2F12%2C0%2F1%2F2%2F13%2C0%2F1%2F2%2F14%2C0%2F1%2F2%2F15%2C0%2F1%2F2%2F16%2C0%2F1%2F2%2F17%2C0%2F1%2F2%2F18&prev_iu_szs=1200x40%2C1x1%7C480x1%7C480x270%7C640x753%7C640x1%7C770x430%7C728x90%7C720x300%7C970x2%7C970x1%7C970x90%7C970x130%7C970x180%7C970x250%7C970x330%7C970x350%7C970x550%7C990x160%7C1200x1%7C1200x90%7C1200x250%7C1200x330%7C1200x350%7C1200x550%2C300x200%2C320x50%7C865x190%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1&fluid=0%2C0%2C0%2Cheight%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ifi=1&adks=1750305995%2C885339185%2C2822717126%2C3185403616%2C581680297%2C3350566118%2C627877340%2C4035892786%2C2413266993%2C3423946703%2C941261747%2C3384287594%2C2655517678%2C199863102%2C41169729%2C2603141497&didk=1193244743~1193244742~1193245112~1193245116~1193245119~1193245118~2997460807~2997460804~2997460805~2997460802~2997460803~2997460800~2997460801~2997460814~2997460815~2997460812&sfv=1-0-40&ists=4095&prev_scp=slot_name%3Dnickbar_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Dtop_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Dpremium_rectangle1_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Ddontmiss_strip_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm1_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm2_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm3_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm4_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm5_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm6_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm7_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm8_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm9_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm10_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm11_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm12_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1&eri=1&cust_params=permutive%3D&sc=1&cookie_enabled=1&abxe=1&dt=1672478488493&lmt=1672478488&dlt=1672478486886&idt=219&adxs=200%2C920%2C200%2C535%2C800%2C800%2C800%2C800%2C800%2C800%2C800%2C800%2C800%2C800%2C800%2C800&adys=1200%2C20%2C1232%2C3578%2C12088%2C12088%2C12088%2C12088%2C12088%2C12088%2C12088%2C12088%2C12088%2C12088%2C12088%2C12088&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1%7C0%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7C10%7C11%7C12%7C13%7C14%7C15&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf%7Cg&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.walla.co.il%2F&frm=20&vis=1&psz=0x-1%7C1200x0%7C300x0%7C864x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0&msz=1200x-1%7C480x0%7C300x0%7C865x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0&fws=644%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132&ohw=0%2C1200%2C300%2C864%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600&ga_vid=1379669123.1672478488&ga_sid=1672478489&ga_hid=1540366654&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071257

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4aa47030e8f8c01138c4a32375f694e2aa43a58a23598c4c928bfb13db436c26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:28 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23151
x-xss-protection: 0
google-lineitem-id: -2,-1,-1,-2,38340105,38284305,38363625,-2,-2,-2,-2,-2,-2,-2,38240625,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-1,-1,-2,68907848985,68907848985,68907848985,-2,-2,-2,-2,-2,-2,-2,68907848985,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.walla.co.il
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2EDB 6 KB
3 KB 102ms
16ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071257

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 31 Dec 2022 09:21:28 GMT
expires: Sun, 31 Dec 2023 09:21:28 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
BLOB 200
OK 0b9884d5-2a47-45ce-a437-d541dd3dded9
https://www.walla.co.il/ Frame DD0E 6 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.walla.co.il/0b9884d5-2a47-45ce-a437-d541dd3dded9
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 443343d25e80e7e80b0ed2f16bb6aeab2fa933b1ec58470234ef3505eb56e73e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length: 5872
Content-Type: application/javascript

GET
BLOB 200
OK 0a0f41c0-294c-4143-8702-e0a4a2cf3b7f
https://www.walla.co.il/ Frame DD0E 78 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.walla.co.il/0a0f41c0-294c-4143-8702-e0a4a2cf3b7f
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 35dc98d4d5d230542ea1fbbef4e1632155545e01ffbe261346e0254a8620100c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length: 80351
Content-Type: application/javascript

GET
BLOB 200
OK a382bd90-6549-40e8-8b1f-5328cbd38acd
https://www.walla.co.il/ Frame DD0E 78 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.walla.co.il/a382bd90-6549-40e8-8b1f-5328cbd38acd
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 35dc98d4d5d230542ea1fbbef4e1632155545e01ffbe261346e0254a8620100c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length: 80351
Content-Type: application/javascript

GET
H2 200 playlist360p.m3u8 Show response
amg01742-walla-wallanews-ono-2eohr.amagi.tv/ Frame DD0E 528 B
991 B 8ms
8ms XHR
application/vnd.apple.mpegurl 99.86.4.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://amg01742-walla-wallanews-ono-2eohr.amagi.tv/playlist360p.m3u8
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/public/330_953ff1f1c06d4fe6a383_953ff1f1c06d4fe6a383_walla.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-83.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9c8aac621b352fd127a70c8516cfd8c38b185718e3ca64c20fc7984f02d1ff87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:28 GMT
via: 1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 1
x-cache: Hit from cloudfront
content-length: 528
last-modified: Sat, 31 Dec 2022 09:21:27 GMT
server: AmazonS3
etag: "1a0883f0b680ba7942d6885425899bb0"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
cache-control: max-age=3
accept-ranges: bytes
x-amz-cf-id: VzeceinfdgTa95YV1OYaWP7LMliByK0jCp4sT-6AGwcPXUPy0sJlZg==

GET
H3 200 /
www.google.com/pagead/1p-user-list/964224610/ 42 B
64 B 91ms
48ms Image
image/gif 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/964224610/?random=1672478488316&cv=9&fst=1672477200000&num=1&guid=ON&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.walla.co.il%2F&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20-%20%D7%94%D7%90%D7%AA%D7%A8%20%D7%94%D7%9E%D7%95%D7%91%D7%99%D7%9C%20%D7%91%D7%99%D7%A9%D7%A8%D7%90%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%9E%D7%A1%D7%91%D7%99%D7%91%20%D7%9C%D7%A9%D7%A2%D7%95%D7%9F&fmt=3&is_vtc=1&random=4287840466&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:28 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/964224610/ 42 B
64 B 94ms
49ms Image
image/gif 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/964224610/?random=1672478488316&cv=9&fst=1672477200000&num=1&guid=ON&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.walla.co.il%2F&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20-%20%D7%94%D7%90%D7%AA%D7%A8%20%D7%94%D7%9E%D7%95%D7%91%D7%99%D7%9C%20%D7%91%D7%99%D7%A9%D7%A8%D7%90%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%9E%D7%A1%D7%91%D7%99%D7%91%20%D7%9C%D7%A9%D7%A2%D7%95%D7%9F&fmt=3&is_vtc=1&random=4287840466&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:28 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 4 B
332 B 388ms
88ms Fetch
text/plain 70.42.32.191
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=c35db5c3006ebd0c4c07b1dc46f41a13_1769_1672478488312&tm=691&eT=6&wRV=201010&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&cheq=0&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.191 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 31 Dec 2022 09:21:28 GMT
Access-Control-Expose-Headers: content-range
X-TraceId: 7fd396f3e8c819d6941b73c342263aa9
Content-Length: 4
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: text/plain; charset=UTF-8

GET
H2 200 get Show response
mv.outbrain.com/Multivac/api/ 34 KB
11 KB 388ms
388ms Script
text/javascript 199.232.18.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fwww.walla.co.il%2F&idx=1&rand=68888&key=NANOWDGT01&widgetJSId=HPP&va=true&et=true&format=html&t=YzM1ZGI1YzMwMDZlYmQwYzRjMDdiMWRjNDZmNDFhMTM=&adblck=false&abwl=false&px=209&py=1247&vpd=47&cw=282&activeTab=true&darkMode=false&ab=0&wl=0&umv=1&settings=true&recs=true&version=201010&sig=gBsVzksV&apv=false&&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fwww.walla.co.il%2F
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.18.132 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e5704167490527c280a472f67b7b666d1f89ba2207c948c8dc6c14ec8fe18d65

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-cache-hits: 0, 0
date: Sat, 31 Dec 2022 09:21:29 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, VIE, Europe1
x-timer: S1672478489.671081,VS0,VE369
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-served-by: cache-lga21974-LGA, cache-vie6379-VIE
x-traceid: ba05374cc2c6d3f91ecdd62689ce25be
accept-ranges: bytes
content-length: 10671
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 25ms
12ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=170717926997655&ev=PageView&dl=https%3A%2F%2Fwww.walla.co.il%2F&rl=&if=false&ts=1672478488694&sw=1600&sh=1200&v=2.9.90&r=stable&ec=0&o=30&fbp=fb.2.1672478488405.1939708103&it=1672478488279&coo=false&rqm=GET

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 31 Dec 2022 09:21:28 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2

200

1 Show response
mc.yandex.com/watch/91804681/
Redirect Chain

https://mc.yandex.com/watch/91804681?wmode=7&page-url=https%3A%2F%2Fwww.walla.co.il%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Awzrng0ylweo7u6lqi2r53%3Afp%3A321%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3...
https://mc.yandex.com/watch/91804681/1?wmode=7&page-url=https%3A%2F%2Fwww.walla.co.il%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Awzrng0ylweo7u6lqi2r53%3Afp%3A321%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US...

435 B
548 B

55ms
54ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/91804681/1?wmode=7&page-url=https%3A%2F%2Fwww.walla.co.il%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Awzrng0ylweo7u6lqi2r53%3Afp%3A321%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A943%3Acn%3A1%3Adp%3A0%3Als%3A249590984476%3Ahid%3A1062254245%3Az%3A0%3Ai%3A20221231092127%3Aet%3A1672478488%3Ac%3A1%3Arn%3A336045894%3Arqn%3A1%3Au%3A1672478488852330163%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C22%2C18%2C22%2C31%2C0%2C%2C329%2C0%2C%2C%2C%2C423%3Aco%3A0%3Acpf%3A1%3Ans%3A1672478486811%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1672478489%3At%3A%D7%95%D7%95%D7%90%D7%9C%D7%94%21%20-%20%D7%94%D7%90%D7%AA%D7%A8%20%D7%94%D7%9E%D7%95%D7%91%D7%99%D7%9C%20%D7%91%D7%99%D7%A9%D7%A8%D7%90%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%9E%D7%A1%D7%91%D7%99%D7%91%20%D7%9C%D7%A9%D7%A2%D7%95%D7%9F&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

57ad9a8bd69d449617264082a1148dd0e3b2075a52682db9c81b552eae75dec2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:28 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Sat, 31-Dec-2022 09:21:28 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.walla.co.il
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 435
x-xss-protection: 1; mode=block
expires: Sat, 31-Dec-2022 09:21:28 GMT

Redirect headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:28 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 31-Dec-2022 09:21:28 GMT
location: /watch/91804681/1?wmode=7&page-url=https%3A%2F%2Fwww.walla.co.il%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Awzrng0ylweo7u6lqi2r53%3Afp%3A321%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A943%3Acn%3A1%3Adp%3A0%3Als%3A249590984476%3Ahid%3A1062254245%3Az%3A0%3Ai%3A20221231092127%3Aet%3A1672478488%3Ac%3A1%3Arn%3A336045894%3Arqn%3A1%3Au%3A1672478488852330163%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C22%2C18%2C22%2C31%2C0%2C%2C329%2C0%2C%2C%2C%2C423%3Aco%3A0%3Acpf%3A1%3Ans%3A1672478486811%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1672478489%3At%3A%D7%95%D7%95%D7%90%D7%9C%D7%94%21%20-%20%D7%94%D7%90%D7%AA%D7%A8%20%D7%94%D7%9E%D7%95%D7%91%D7%99%D7%9C%20%D7%91%D7%99%D7%A9%D7%A8%D7%90%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%9E%D7%A1%D7%91%D7%99%D7%91%20%D7%9C%D7%A9%D7%A2%D7%95%D7%9F&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin: https://www.walla.co.il
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Sat, 31-Dec-2022 09:21:28 GMT

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/ 74 KB
24 KB 37ms
20ms Fetch
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sat, 31 Dec 2022 09:21:28 GMT
Content-Encoding: br
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: JBHWPR81NHF9BXZ1
Age: 689551
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-id-2: DI0KBwd4u2M+75QTE3RwFbepRUb8bJekC1QEmTpo8MwNIJJsrwKsWQ6JQYsqJErGq+zigCFoQAQ=
Last-Modified: Tue, 22 Nov 2022 09:44:15 GMT
Server: cloudflare
ETag: W/"c56b6332dacf72f135afcd153ae22448"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O9OAUhDIxq58NHS1hF3m7ENwb8pfNxNLb3bhLInSCJDwzm7Q31A%2BCoXcNGbhfuRoxwQO9dxevdDQVWR39s8H7mAsxw4gc%2FZomv74dMrE2qldT%2BdONn8ANd6h0IvsEGGadNZvQggbShTQbah4"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
CF-RAY: 7821f1fa99b4bbc8-FRA

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 743A 50 KB
10 KB 311ms
284ms XHR
text/xml 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=43010785%2Fwallanews%2Fmain%2Fpre_desktop&sz=635x360%7C640x480%7C640x480%7C640x360%7C635x360&url=https%3A%2F%2Fwww.walla.co.il%2F&description_url=https%3A%2F%2Fwww.walla.co.il%2F&cust_params=app_name%3Dfalse%26providerId%3D0%26item_id%3D0%26vertical_id%3D173%26vertical_name%3D%D7%95%D7%95%D7%90%D7%9C%D7%94%26category_id%3D0%26item_type%3D%26exclusive%3Dnot%26login%3Dno%26isMobileApp%3Dfalse&output=xml_vmap1&vpi=1&gdfp_req=1&env=vp&unviewed_position_start=1&vpa=click&vpmute=1&sdkv=h.3.549.0&osd=2&frm=1&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=3763514115&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.549.0&media_url=blob%3Ahttps%253a%2F%2Fwww.walla.co.il%2Fbbed3621-9067-421d-9445-5f71b3d890f9&sid=B9380A8A-8149-4337-9CC2-F9DB07B62756&nel=0&eid=44748969%2C44750822%2C44752711%2C44765701%2C44777647&ref=https%3A%2F%2Fwww.walla.co.il%2F&top=https%3A%2F%2Fwww.walla.co.il%2F&loc=https%3A%2F%2Fwww.walla.co.il%2Fpublic%2Fplayer.html%3Fautoplay%3Dtrue%26imaAdUnit%3D43010785%252Fwallanews%252Fmain%252Fpre_desktop%26imaKeyValues%3D%257B%2522app_name%2522%253Afalse%252C%2522providerId%2522%253A0%252C%2522item_id%2522%253A0%252C%2522vertical_id%2522%253A173%252C%2522vertical_name%2522%253A%2522%25D7%2595%25D7%2595%25D7%2590%25D7%259C%25D7%2594%2522%252C%2522category_id%2522%253A0%252C%2522item_type%2522%253A%2522%2522%252C%2522exclusive%2522%253A%2522not%2522%252C%2522login%2522%253A%2522no%2522%252C%2522isMobileApp%2522%253Afalse%257D%26muted%3Dtrue%26player%3Dwalla%26stream%3Dhttps%253A%252F%252Famg01742-walla-wallanews-ono-2eohr.amagi.tv%252Fplaylist.m3u8%26url%3Dhttps%253A%252F%252Fwww.walla.co.il%252F&dlt=1672478487861&idt=825&dt=1672478488747&cookie_enabled=1&correlator=2027109132474516&scor=275437435891599&ged=ve4_td1_tt0_pd1_la1000_er2821.790.2821.790_vi0.0.1200.1600_vp0_eb16619

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

088553e6953d6b09ea7ce2fdec75301b2c1bbd4561c149e79802a1246794a83b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10088
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sync_cookie_image_decide_secondary
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check_secondary
https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=9869.eeK0sOc_XRJnXDZqwBEclPOAktTj5ITKhIQyAcgcqzlR8u899xIGsgBRwepsr78z.xnKxP-ZKYtOkEV9fhnM7oW9k5h8%2C
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9869.SLRrHowRDzz71lJ0Cih1fI8dD95HEqAl3sFXK8Ql2KUuMofg5X1-wjyWCyXasZGvRLlvEnnIB5wW9XzJKz4Z9wmouq_yYp0vbJudOlM-1M8%2C.D_AZou9pEAgHWx9KiJ...

43 B
103 B

89ms
87ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9869.SLRrHowRDzz71lJ0Cih1fI8dD95HEqAl3sFXK8Ql2KUuMofg5X1-wjyWCyXasZGvRLlvEnnIB5wW9XzJKz4Z9wmouq_yYp0vbJudOlM-1M8%2C.D_AZou9pEAgHWx9KiJ7HQ5WIVR4%2C

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:29 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9869.SLRrHowRDzz71lJ0Cih1fI8dD95HEqAl3sFXK8Ql2KUuMofg5X1-wjyWCyXasZGvRLlvEnnIB5wW9XzJKz4Z9wmouq_yYp0vbJudOlM-1M8%2C.D_AZou9pEAgHWx9KiJ7HQ5WIVR4%2C
date: Sat, 31 Dec 2022 09:21:28 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2

200

sync_cookie_image_decide_secondary
mc.yandex.co.il/
Redirect Chain

https://mc.yandex.co.il/sync_cookie_image_check_secondary
https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.co.il&token=9869.IRrglyGDRAGgtOuOzR9mRCUa8M14dswKo3Q8Ow_FdPocrHUBV69RLJVEICHWkFyU.mIk-yN3k6wBf_OJDv97c0kQmI8w%2C
https://mc.yandex.co.il/sync_cookie_image_decide_secondary?token=9869.KsU6v8M3_JssKwoOu5sseQCnomZ0JCSD3iS2DEoUYttdRTbFZ5ORu8VdonamE7Lj6-mx4DkVtvHYISZBEJd5w7IQ7Q7y6HS-ZkUGHzLlXmo%2C.lB1l9c9CwuFmkqzP...

43 B
103 B

50ms
49ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.co.il/sync_cookie_image_decide_secondary?token=9869.KsU6v8M3_JssKwoOu5sseQCnomZ0JCSD3iS2DEoUYttdRTbFZ5ORu8VdonamE7Lj6-mx4DkVtvHYISZBEJd5w7IQ7Q7y6HS-ZkUGHzLlXmo%2C.lB1l9c9CwuFmkqzPRvN4qH8eKXs%2C

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:29 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.co.il/sync_cookie_image_decide_secondary?token=9869.KsU6v8M3_JssKwoOu5sseQCnomZ0JCSD3iS2DEoUYttdRTbFZ5ORu8VdonamE7Lj6-mx4DkVtvHYISZBEJd5w7IQ7Q7y6HS-ZkUGHzLlXmo%2C.lB1l9c9CwuFmkqzPRvN4qH8eKXs%2C
date: Sat, 31 Dec 2022 09:21:28 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

OPTIONS
H3 200 analytics
hb-dot-valuad.appspot.com/ Frame 0
0 182ms
139ms Preflight
text/html 2a00:1450:400d:804::2014
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://hb-dot-valuad.appspot.com/analytics?d=pubsub
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:804::2014 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-request-id,x-vad-version
Access-Control-Request-Method: POST
Origin: https://www.walla.co.il
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-request-id,x-vad-version
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin: https://www.walla.co.il
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Sat, 31 Dec 2022 09:21:28 GMT
server: Google Frontend
x-cloud-trace-context: f2feef4ca9222b9ca7caca9cfabd7ae2
x-request-id: undefined

POST
H3 200 analytics Show response
hb-dot-valuad.appspot.com/ 16 B
35 B 177ms
176ms Fetch
application/json 2a00:1450:400d:804::2014
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://hb-dot-valuad.appspot.com/analytics?d=pubsub
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672444800000
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:804::2014 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Content-Type: application/json
Accept: application/json
Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
x-request-id: abf37d60-972b-4ff4-9959-74642b3d9d7d
x-vad-version: 0.9.13

Response headers

date: Sat, 31 Dec 2022 09:21:29 GMT
server: Google Frontend
etag: W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.walla.co.il
x-cloud-trace-context: 43f4b0c55e4ace8ae636081d5639715b
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16
x-request-id: undefined

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 36ms
17ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.walla.co.il

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071257

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 19ms
18ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.walla.co.il

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071257

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 191 KB
60 KB 533ms
531ms XHR
text/plain 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3720060284199408&correlator=733766577671624&eid=31070872%2C31071257%2C44777900%2C44780197&output=ldjh&gdfp_req=1&vrg=2022120701&ptt=17&impl=fifs&iu_parts=43010785%2Cwallanews%2Cmain%2Cskyscraper_desktop%2Cyad2_rectangle_desktop%2Cshopping_rectangle%2Csport_small_rectangle_desktop&enc_prev_ius=0%2F1%2F2%2F3%2C0%2F1%2F2%2F4%2C0%2F1%2F2%2F5%2C0%2F1%2F2%2F6&prev_iu_szs=120x600%7C160x600%2C320x50%7C300x400%2C320x50%7C300x250%7C300x260%2C320x50%7C300x250&fluid=0%2Cheight%2Cheight%2Cheight&ifi=17&adks=2273020712%2C1194681899%2C1073900268%2C2033830820&didk=1193245113~1193245115~1193245114~1193245117&sfv=1-0-40&prev_scp=slot_name%3Dskyscraper_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Dyad2_rectangle_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%26vad_status%3Dtrue%26vad_pb%3D0.12%26vad_adid%3D749fa6c2ee9ec2c%7Cslot_name%3Dshopping_rectangle%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Dsport_small_rectangle_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1&eri=1&cust_params=permutive%3D&sc=1&cookie_enabled=1&abxe=1&dt=1672478488889&lmt=1672478488&dlt=1672478486886&idt=219&adxs=1480%2C200%2C200%2C200&adys=290%2C1272%2C1292%2C1312&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C16%7C17%7C18&ucis=h%7Ci%7Cj%7Ck&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.walla.co.il%2F&frm=20&vis=1&psz=0x0%7C300x0%7C300x0%7C300x0&msz=120x0%7C300x0%7C300x0%7C300x0&fws=132%2C132%2C132%2C132&ohw=0%2C300%2C300%2C300&ga_vid=1379669123.1672478488&ga_sid=1672478489&ga_hid=1540366654&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071257

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

63708a7e4441c1c274af41bf405e4f4b75400ea144fad5454422e4123d3e7177

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CL2a6_HDo_wCFULP3godXUQGwQ&gqi=&layout=/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CL2a6_HDo_wCFULP3godXUQGwQ&gqi=&layout=/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html
date: Sat, 31 Dec 2022 09:21:29 GMT
x-content-type-options: nosniff
content-encoding: br
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61242
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.walla.co.il
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame ACC0 0
15 B 29ms
29ms Document
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.walla.co.il
Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.walla.co.il
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Sat, 31 Dec 2022 09:21:28 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H3 200 container.html Show response
f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F74A 6 KB
3 KB 26ms
9ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071257

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 31 Dec 2022 09:21:28 GMT
expires: Sun, 31 Dec 2023 09:21:28 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 436B 6 KB
3 KB 8ms
8ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071257

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 31 Dec 2022 09:21:28 GMT
expires: Sun, 31 Dec 2023 09:21:28 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DE31 6 KB
3 KB 9ms
9ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071257

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 31 Dec 2022 09:21:28 GMT
expires: Sun, 31 Dec 2023 09:21:28 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8D25 6 KB
3 KB 10ms
7ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071257

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 31 Dec 2022 09:21:28 GMT
expires: Sun, 31 Dec 2023 09:21:28 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 58B3 6 KB
3 KB 10ms
7ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071257

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 31 Dec 2022 09:21:28 GMT
expires: Sun, 31 Dec 2023 09:21:28 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E1F6 6 KB
3 KB 8ms
8ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071257

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 31 Dec 2022 09:21:28 GMT
expires: Sun, 31 Dec 2023 09:21:28 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 5068 624 B
242 B 65ms
47ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNr43YsDEIDoto0DGOrslN0BMAE&v=APEucNWfOf0dYgHvwE2DkrKdi4abGJKGUz8SCXhHmDlpULc0fIMdnsD4GYfxJvnopcZiuumzWPyTYmQCPri0YKeE6zO0BE2MyjAikiejosnC538vYl9W8r4pxM4LAKgLN6KESou4-7OgLX9Zo5aiUruBZZCe423HRv7LuVtbNaPvU3JKNCA_vPc

Requested by

Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 31 Dec 2022 09:21:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame F74A 79 KB
33 KB 56ms
39ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AYwD7v8da5PhXtcft3myjAOkkk-s0chpoNb1PxOsSrD3fSBZ_toCdwoZY63wZ7t5yYl3XaZDLaN2Nd555atifuye9PXg&cry=1&dbm_d=AKAmf-Cv4otOOlvNzvIwjdByqq5pFc1cfyZd7pOQ2JdmVhocZoVCF3lyi3NZwG56CJpdUMQhhckP2aD9_v4fwQhRpeAtsqtzfcLQrrbASlUWuuyy4zTQYVb2JkqFR2ObuyzgfZft49wEN1veAi6Au-swED7sR3r_cUuqCRBF_IGSbq9Q2YWLvOVwtduiy3fF2d9QZP-I__GkC567iCmOgJBpcYEyzO7mpDI4aApC8ab7zEWFEcyne3symc4QzBGZ3da5rnFIC9_QIdokvojYH8IAop5qV6Gjp0LR7cAofnxW-9vfGGkZT9sBHfVpbyPvtYAMmVtbVcaE4mFF4ZGi1l2PmSELvgEcp37qFDPO_1ZYzBh6s3zPg953LNRngnkca5SqnuaJPIG6Xw5XV5PjsYwIvMDZVAtnnCCYruNpcDtBEkV20baXMqK_wIh0In4dIggb7s8Vxi78z4Wst4gHtBvPbRHcLve6JKrSRaDtMpByjrvIj4tmnrm_qXIU_3j-cPME6qlGjj0cugEF-7Q4Uc5-LX6ZsDFNjpH2GeoF-dNFPlCSGFPnxSqxAdNrVAC264n4abKGKaIw4PbwhjH8BuOCS8gzqH-x6Hm66FUIyFrDhCJ7wQUIM7qk5_gFZqm4Cjjyx1fAQsVRWHGtss1oyAOLr1of77rCsmqSA3pFuuCVps_S5DvmjSD_3VftI59DPwikjxMg_6K5B1Bn-b7YdNMlKtqAPHp4l9a9ueJBJQFqEFx-bLj8nstNHvbLWEjQUb2JD_k0FvRLbEEKpsTbFzuOcmzR3Fmln8rN4zA250gVwRVVDQUntOCFqmSJYqvuhnZtHS2z0a7QZvkopOHOiR0QlKHCn2zCOl604j1JsBwcGUQugvnDFzyRh2nAY3SFY3SXidgdgVXumRuwmsYhHunVDUP6nBFigaEamghUQsEuRcJViQomd78XycmX9HJEbkq5HsDqqnelISgSei7GmQdlamdSxTHfNpNhshORI8MFp6swp0hvVonx-Py7yRmyeGx58cTV9OtIcHXcbDt-Ng_9XsX5RsCuFVQ9FLhcsRi1GOgjOfV3qzfUW0P3YDc2LC29hSNs1bOJ7IZjvezYXSmULYt3cQICb5vPXuwr9DyPB_QiAEvMjRXlDmZS8TFbfw74tSpK0dAaI0xgsYWXPHSrGbAHSbHyQcAlZQrbIUFuN-Qx9GOjZNpZnco3mEbGEUh_vTJnV0VuzWoy0DXzdybVLqMl5e0d72m9Nu37znU7smhHjA7lFwf1UMya7U_P3qTi9fCWPI-tgtCI3U8XbaPnPw-wI0tevQo4DZMIjeHFwCpEkGX4M2JvIxCdm2d55IDcmpLYVidM3kYYuipAXNN2brRhSHELEM2oZrRTw3rRQSNg4LKHqu0OQzFuS0LKUGcx3T_WPpHcQb5emIBSu4ScZsFyHuxWJyrytMYe3lYHhUCdW0AHMA7e1-ghOM7iWreOKQogKs1aH4K7ZZWW9FSZXpYhI7SMJhy3qk5pBVvNJcql_Y3GGrz4iJiG0lzkcQeY-NncFb0BSL62JUb5FfFrS1NyqhVjO3OoTfs4n97QZTHj2k0M5_gn1KCgmcVCn8-p0OEu2VVeXYGsm0RPICK7UOPzeda6KNJlUvynJJOY9DQcMcZbA0Nn9y2oONGJ8LJAzPLBG4x5TrBTiFRk3RM4PXvUje1R88DFmAz3XJA7EveVgOU3RCG3L5EEVN0StqlLy40owJa2eq1y0ojv-ZZKoo7hbDHDsb4YckppSQtLudwiQp3ugljeZZsrSdxgFHhUiW2bHntk7LyZOo637M_PO4f51cU8fsS6F8qyy7hUo2jNKl07wrvkDNYWKeDQpjClfn12gTUQ_Lpyz6Rv44eio6QibFqTdO-SD-baSnFbbReGqE5zOnkT0cTDel73LzGq50cpLVdqzdonr5h4CWX_kGSdj2avwp8_ELJrC1kFOq56iJPWtmlfkSR_xbcilpMttKlqpfg1CN2odT5ZfCMkqyDGayuViX9Of09vWVBNApTlFqxSdIOeGsK5cm6jB0sSSSriJkoCFINz8u19-ts-sof_PFBVoKcYIi2SoGgvqC1yljSVq3W1I48mzQ_slbVFYudXRyjPGdZaWljFBb_NPjaTFTI4dKklB3hHlQbgpuRiUjxZdeaUBZgPTh_4_HHJIkH-SidYDdM3TuHuBG7Ql5LMFibSJqeY_lW-cKfLhNcBCVdIBko4KOwUIb6PKmImYGCRpx_ep9XZJmUdkWoKqx01wMAj1fYLW0qtgtcK3U_-A6oYyQCLAcpRWMaLFc77kKA5Jth46_CqOpRb9X89e95KKz5Wb49hnW2RuaNTI1wHTYWc8psP88djwcqXAiRJQusjSIISNl2Tfpx_1ZKu5iMBqdJBsFLBeBkS4uJ-O0ec6EBDpjn7z0Qe64rEbibIxA3zCDo_-cmDCjxaK5VibkwescLNyz-fuKkhnAdcs9--JLwTOR4lOtMIWXpwqPG2-Ckgeyn-ZcTQ2vpqkuM3mE6YsIpNJ5qMs0UXMSg4Z0Dnm1aFHNYVPoXVN1rAxZtneN9x6BfJ8IqkmXElqnM2-dzeKUoBlyAPvInXEzqkpPoFlxCvFRbJEhwjPbJUJCwcceTsv1kVLdbdjXQIZgbR54Qv4qwl_-7ADxruRjxLw_Wue6VHCQw9i1HEYzxde0Jo9WkauizZhca3eVBy1WE4A6Q4h7a0whqnhomhHN9KRnqge3PNKUgMlRu1cy-cV3CsDaDK9VBhoZvqH2294Xvvc0Ox7JvlCWN-VMIUwzOBurRMNMTDlyXwwprxiies6-hI4J9WtvqjKmC-52FWsYkjDFe9GkLFhwc3QrfdHoJIe1oDR6swblhj6A9klAlH8ddObF7SjuwG7Pyjwh6Nv37YXgO-mRPk7O-O5FpjFdKxErqYlS8ZdHdGisYUE4mKaX3wT0ixi8rFTQ2JZifvqCFY5cju32rL_Obk7Es2-kpDAsmY86Rtp1oGe2BI9iPPhuoBzZKR1xP_c4l17915UFwmf2yWRC3P-3vXM2UjxsyyKBhNhAZzKBrfILaE28NxqyHi88HPg88LsY7W4RmpA85kdM-nx5Vv_dZE6SaLEA9vHE3ZFTH9YvUn9G4XOkb3J6ad4V3O5pMgO8IiwSKXXr-Kq_-qyQNd9PQCVC9inVzJY8U87gq1BRhDOgQ7-NK9BD2s6kU_Up1ZeomXmdm7sigrQjepHilIzJSIRkw54HVDNNMj_mBlRrP4lzZM4-txzuqLVQ3PzCnfl-DV4Vyye4yRgoZYHqsaS9MhJaLy3OFcqjFsTkI1QJR5ERK0rvZwBwxDwPKegEaDFg6T0oZR0mw_AjnxGuIhFPz3NQmOgpEC4nTQS2lRge0&cid=CAQSPADq26N94g0XqHU-yu5B0gCS9WHy4aekD5nsV-huSsLAMM6p7NdBs3QdDZsnhUSzGKr9ZlBrf-ILEinQBxgBIBM&rfl=1%2Chttps%253A%252F%252Fwww.walla.co.il%252F%240

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8cd702258657d3bc78b5f982262a5c39a63d325788f2b939c36da87866f77fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34234
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame F74A 42 B
173 B 113ms
51ms Image
image/gif 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D3ElxSS0-OLuRrySn3xKmWvimnk6weQ1HSbZ-p-4bZ2QHwDXWEz-7I1Og-MvxkBQjvxuMTEg_JCN5Dw8ElLWiiAqpQIo4ip9oinre2mWUi57yC9CA

Requested by

Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame F74A 3 KB
1 KB 46ms
18ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 19:29:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49892
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 Jan 2023 19:29:57 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame F74A 18 KB
8 KB 34ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 11:30:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78630
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 Jan 2023 11:30:59 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame F74A 0
0 47ms
46ms Image
text/html 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTt9C0geNI2i7whceFLv6sjIdvtXlI-FV9oPaRHaKtBFsShke2h9Jn6f89AFgwubdVKv583_L8Rj-zflxLFyKXDro6jtQ
Requested by: Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F74A 153 KB
47 KB 145ms
98ms Script
text/javascript 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 31 Dec 2022 09:21:29 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 436B 0
0 52ms
51ms Fetch
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CjvvWGP-vY8OEJo3LzQaH4qTYAcme0rFc1Z2R93DAjbcBEAEgAGCVkpaCqAeCARdjYS1wdWItNDQ5MTY1OTQ5NjM3MjE3MsgBCakCKqzPSPn1sT7gAgCoAwGqBP4BT9CpxX4frNsXYRFbGAg48uyAnupXR-IdnaqvEb__i-hjOCG8mEey8qOU9bwtI32D_nZeTg8Wb_4nbtJHIKyaX7nsXOeobNaVlAMzZVhudIdIan6gW1RGWznD3qCy8sElRexmO94MG1CD7BAL2FVJWtB9QXKcd08CGs4qFflgi_0ZTKbkmQph5kHtM7DzHr-SIn-fvMAQvEGzkl3c3CYmzAvpDn6YrgCukbUZnTcRbfT52_aF2s-NhSwzU7_uYV6KNs1-uE4Y8GAexdTXVrIqsRDDOqhNDfqAYNVfC8C_vohW6R_BN3o4zi0TjmA7Z_OLyCRlaT14COdQEDgWQNHgBAGABrCan5zrkfS3swGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTQ0OTE2NTk0OTYzNzIxNzIY8eYT&sigh=U-NhIXcNhQ4&uach_m=[UACH]&cid=CAQSPADq26N94g0XqHU-yu5B0gCS9WHy4aekD5nsV-huSsLAMM6p7NdBs3QdDZsnhUSzGKr9ZlBrf-ILEinQBxgBIBM
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame 436B 0
0 61ms
14ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=k7KVEJPxG6wCyAGdg2ICAgAAAI9v_qchM8M6UwfGnGMh-yoQGP-vY6wolDn8RTe9FD2tABIAAA&wp=Y6__GAAJgkMK02WNAAkxB1521MYQZsMdxVyk6Q

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:28 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 231760
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 6D5A 172 KB
54 KB 147ms
103ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6__GAAJgkMK02WNAAkxB1521MYQZsMdxVyk6Q&u=%7Czq69SIPlfah7zUbtgUTU44CFld6jl7fr02lPrfQWQc0%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANV6NnNUZrls0OYiCgQ1A9RVz9ZNiORTuXPRuFrnTMg_uaqqpVaKMNsOLQbJyfvgNuVhQ7C7gvk_qhrqQhPY9aiuZxUmCuUdimosCewBaDyIYDtGZCQ5dpaluP4ddW4raGqJffrZLwTyLTlnl_LRIIKVDm5jQIzh412LMl3-PJly3XKCOL0z-qEgb0YskswPlFgoIqg-PTtnWr9gPpGlagLIKO0L9qjdt9T1w5k7_VIPmO1tncIZEulPcmhhbby4DEmzFz47C4bkwwKUogqp0uG-TDUhKqJ-s_N5KGSvNaDjRN_NuiJPXnH53d6fHG61wvwR0Hvc0ZKExLkat5tZ0ggd6VR0cRnMMSd0iVYdgs_HYrgxU0wtU0GjHc_VfgFPO-bL5K1ODMTHtkQcY1tLToJcWcrKJanQf6H7S1DxsBrpScQUlfZISt9-aKhXzK0eHZgOImdu7JvEtxJupBjVmriF7yMPj-n-lYYJIKSefBDjVrac1YyNzdgvCDvaIAzE6ygWVfnua-mHJz_QO5KVFgy8E6LOafIzEywWIkOdZrPM3&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKy34GP-vY8OEJo3LzQaH4qTYAcme0rFc1Z2R93DAjbcBEAEgAGCVkpaCqAeCARdjYS1wdWItNDQ5MTY1OTQ5NjM3MjE3MsgBCakCKqzPSPn1sT7gAgCoAwGqBIECT9CpxX4frNsXYRFbGAg48uyAnupXR-IdnaqvEb__i-hjOCG8mEey8qOU9bwtI32D_nZeTg8Wb_4nbtJHIKyaX7nsXOeobNaVlAMzZVhudIdIan6gW1RGWznD3qCy8sElRexmO94MG1CD7BAL2FVJWtB9QXKcd08CGs4qFflgi_0ZTKbkmQph5kHtM7DzHr-SIn-fvMAQvEGzkl3c3CYmzAvpDn6YrgCukbUZnTcRbfT52_aF2s-NhSwzU7_uYV6KNs1-uE4Y8GAexdTXVrIqsRDDOqhNDfqAItd-mUcwIpvpdQti50eeNiQHhNYxSesJfOxYz8_HFstIlZKSU25hZI7gBAGABrCan5zrkfS3swGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_08hpzhhH94om3bp2qkbKXYgN6JMg%26client%3Dca-pub-4491659496372172%26adurl%3D

Requested by

Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

2a5c589c99bc86252b7f177d63cf2375c794938ce2cdeec15ae08edce5b460ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sat, 31 Dec 2022 09:21:28 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=dlT2ZVtLgdakW4f9NPx-eCkxmRILeAC5_ENavHspU-z5xd1B8N9mgFqjxlF2VvBW8m61_jRAOpRyLZ9FUS7FcysrVkGWpBNwvLpvL438zrlBnv1ffc_75HAA4UFRGLdiH3HwmLNp94y5bjPGAnp4ZSHmaN8XEzh2qf89jg-MStmTvA-EO71mQeKyxGUSqOL4tTo5w9sXNJ9AnCU3emUfWHZ1WP5ZYy56n1AU8PpN4NCu1DmWx03QXqiBAsm1FG6mY7BHvQ"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 91210126
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 436B 3 KB
1 KB 43ms
17ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 19:29:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49892
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 Jan 2023 19:29:57 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 6F7F 1 KB
1 KB 75ms
20ms Document
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 6806
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 31 Dec 2022 07:28:03 GMT
etag: 48472445140208031
expires: Sun, 01 Jan 2023 07:28:03 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 436B 18 KB
7 KB 32ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 11:30:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78630
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 Jan 2023 11:30:59 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 436B 0
0 45ms
41ms Image
text/html 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSpcd7aRXpU9ZBoSMXWzYV_l9BWf4gOXhD2_wkvnY2USTiMlTzrFCBCvRnIKocjH1467wzz_sqBYVkBKKpO2_SdrY1YIw
Requested by: Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 436B 24 KB
7 KB 33ms
9ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 24 Dec 2022 15:15:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 583575
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 24 Dec 2023 15:15:14 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 436B 153 KB
47 KB 228ms
186ms Script
text/javascript 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 31 Dec 2022 09:21:29 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame DE31 24 KB
6 KB 38ms
15ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 24 Dec 2022 15:15:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 583575
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 24 Dec 2023 15:15:14 GMT

GET
H3

200

3664297453309006094
tpc.googlesyndication.com/simgad/ Frame DE31
Redirect Chain

https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjstzeXgsi3bGc-n6K4-Le3xONIlxDNsqoxQFZhhc12WWsVsAPM96gz26i3wyx1pjRVHs2z7dBGWTKG-ihYY5vT6SG8zDoUZb-FtTQNWRok1VhZ0fmcZOEDI1kq0qFTt-uMxw1XduR...
https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDLh7jr_AEQARgBMghMyp1u-ZMMNg
https://tpc.googlesyndication.com/simgad/3664297453309006094

924 B
951 B

8ms
8ms

Image
image/png

2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3664297453309006094

Requested by

Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7af3f3112479efd6da96c8e2ba21953abb8a8d9274be90096533f754750fd121

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 19:58:36 GMT
x-content-type-options: nosniff
age: 134573
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 924
x-xss-protection: 0
last-modified: Sat, 15 Apr 2017 10:38:22 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 29 Dec 2023 19:58:36 GMT

Redirect headers

date: Fri, 30 Dec 2022 19:12:04 GMT
x-content-type-options: nosniff
server: cafe
age: 50965
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/3664297453309006094
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 29 Jan 2023 19:12:04 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 8D25 24 KB
6 KB 38ms
16ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 24 Dec 2022 15:15:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 583575
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 24 Dec 2023 15:15:14 GMT

GET
H3

200

3664297453309006094
tpc.googlesyndication.com/simgad/ Frame 8D25
Redirect Chain

https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjsvbuwUjTHreCBkJnVsF2sHlcbPByhf6T87g9v8llLonKhdd-LDcgHeDR1xrz7NBwtFT8j2oGcdpmMqyv2rDVyqvPrd6P5NSifpOKzqDbED0CZqsI7U7JeJRMnP7Lh-B6CfDtIg2A...
https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDLh7jr_AEQARgBMghMyp1u-ZMMNg
https://tpc.googlesyndication.com/simgad/3664297453309006094

924 B
951 B

9ms
9ms

Image
image/png

2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3664297453309006094

Requested by

Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7af3f3112479efd6da96c8e2ba21953abb8a8d9274be90096533f754750fd121

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 19:58:36 GMT
x-content-type-options: nosniff
age: 134573
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 924
x-xss-protection: 0
last-modified: Sat, 15 Apr 2017 10:38:22 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 29 Dec 2023 19:58:36 GMT

Redirect headers

date: Fri, 30 Dec 2022 19:12:04 GMT
x-content-type-options: nosniff
server: cafe
age: 50965
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/3664297453309006094
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 29 Jan 2023 19:12:04 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 58B3 24 KB
6 KB 35ms
13ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 24 Dec 2022 15:15:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 583575
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 24 Dec 2023 15:15:14 GMT

GET
H3

200

3664297453309006094
tpc.googlesyndication.com/simgad/ Frame 58B3
Redirect Chain

https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjst8UVmZ00jfDaZZCgshPGx7eEpCocPvDzTHBT7uX5buTVLSQLrQj3OBwlScP8eN4OUeN8Iy2dahiNHQyRlR5pefKJDkeHSAwEhopsyP4vqOzx1rntWg1XLAtaPJxd3fCi2iFEMYf...
https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDLh7jr_AEQARgBMghMyp1u-ZMMNg
https://tpc.googlesyndication.com/simgad/3664297453309006094

924 B
951 B

10ms
10ms

Image
image/png

2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3664297453309006094

Requested by

Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7af3f3112479efd6da96c8e2ba21953abb8a8d9274be90096533f754750fd121

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 19:58:36 GMT
x-content-type-options: nosniff
age: 134573
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 924
x-xss-protection: 0
last-modified: Sat, 15 Apr 2017 10:38:22 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 29 Dec 2023 19:58:36 GMT

Redirect headers

date: Fri, 30 Dec 2022 19:12:04 GMT
x-content-type-options: nosniff
server: cafe
age: 50965
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/3664297453309006094
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 29 Jan 2023 19:12:04 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame E1F6 24 KB
6 KB 31ms
14ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 24 Dec 2022 15:15:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 583575
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 24 Dec 2023 15:15:14 GMT

GET
H3

200

3664297453309006094
tpc.googlesyndication.com/simgad/ Frame E1F6
Redirect Chain

https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjsvqK_VYp9KXthHHwsLHQi0wGshL_9IyU0g8VvuVboylX5gpOrImdgOgzizM6J_BeSQp5hN6nbFafxvzzt1DWRBz9gUi0uhE_MXyAe7pe9dRWugGY5yImjjjXXrzrlUQC2FmNxAzd...
https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDLh7jr_AEQARgBMghMyp1u-ZMMNg
https://tpc.googlesyndication.com/simgad/3664297453309006094

924 B
951 B

10ms
9ms

Image
image/png

2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3664297453309006094

Requested by

Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7af3f3112479efd6da96c8e2ba21953abb8a8d9274be90096533f754750fd121

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 19:58:36 GMT
x-content-type-options: nosniff
age: 134573
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 924
x-xss-protection: 0
last-modified: Sat, 15 Apr 2017 10:38:22 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 29 Dec 2023 19:58:36 GMT

Redirect headers

date: Fri, 30 Dec 2022 19:12:04 GMT
x-content-type-options: nosniff
server: cafe
age: 50965
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/3664297453309006094
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 29 Jan 2023 19:12:04 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F74A 0
58 B 98ms
54ms Ping
image/gif 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=jca&jc=75&version=r20221207&sample=0.01

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ 3 KB
3 KB 9ms
8ms Image
image/svg+xml 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:29 GMT
last-modified: Mon, 12 Sep 2022 07:37:47 GMT
server: AkamaiNetStorage
etag: "9d26fa4e7238ed94f1d0d92afb453b3e:1662969032.874716"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2735
expires: Mon, 30 Jan 2023 09:21:29 GMT

GET
H2 200 ob_logo_16x16.svg
widgets.outbrain.com/images/widgetIcons/ 13 KB
14 KB 8ms
7ms Image
image/svg+xml 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/ob_logo_16x16.svg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: c3c89d5295be3c6415416b83a9e4c0fc67a790e55713ddc3f2d0c07185779acf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:29 GMT
last-modified: Mon, 12 Sep 2022 07:37:47 GMT
server: AkamaiNetStorage
etag: "af7be0711fb1cf2f41bb793256c8f148:1662969048.571231"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 13687
expires: Mon, 30 Jan 2023 09:21:29 GMT

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 4 B
332 B 98ms
95ms Fetch
text/plain 70.42.32.191
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=2b17766b333ea3783fe8a5ec7fdce739_1769_1672478488729&tm=1164&eT=0&widgetWidth=282&widgetHeight=36&widgetX=209&widgetY=1458&wRV=201010&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&rtt=467&oo=true&lo=568&odbreq=1852&odbres=2319&mvreq=1852&mvres=2319&cet=4g&to=1672478486811&umv=1&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.191 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 31 Dec 2022 09:21:29 GMT
Access-Control-Expose-Headers: content-range
X-TraceId: e86f0c7f9ffda980c3f946d964ddc8ce
Content-Length: 4
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: text/plain; charset=UTF-8

GET
H2 200 streamFeed.js Show response
widgets.outbrain.com/nanoWidget/201010/module/ 36 KB
13 KB 13ms
10ms Script
application/x-javascript 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/201010/module/streamFeed.js?e=1
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: c24bad101be9ecf42509350febb31dbe8667ba81748ca4bbe715eb14c62bceab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:29 GMT
content-encoding: gzip
last-modified: Sun, 25 Dec 2022 11:25:44 GMT
server: AkamaiNetStorage
etag: "22a52c965abe861f656e4e34ed511cc7:1672135170.195784"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 13299
expires: Sat, 07 Jan 2023 09:21:29 GMT

GET
H2 200 get Show response
mv.outbrain.com/Multivac/api/ 32 KB
11 KB 309ms
307ms Script
text/javascript 199.232.18.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fwww.walla.co.il%2F&idx=2&rand=85010&key=NANOWDGT01&widgetJSId=HPC_2&va=true&et=true&format=html&t=YzM1ZGI1YzMwMDZlYmQwYzRjMDdiMWRjNDZmNDFhMTM=&adblck=false&abwl=false&px=536&py=5269&vpd=4069&cw=864&activeTab=true&darkMode=false&ab=0&wl=0&umv=1&settings=true&recs=true&version=201010&sig=gBsVzksV&apv=false&&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fwww.walla.co.il%2F
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.18.132 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: bdec36ccaf3452c384db882732b9268830ff48eae38c73da6eea1c807b7f8786

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-cache-hits: 0, 0
date: Sat, 31 Dec 2022 09:21:29 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, VIE, Europe1
x-timer: S1672478489.167693,VS0,VE289
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-served-by: cache-lga13624-LGA, cache-vie6379-VIE
x-traceid: 7f7f1560f00090ec595569bfd0984de3
accept-ranges: bytes
content-length: 11412
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 20ms
20ms Image
image/gif 2a00:1450:400d:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1540366654&t=event&_s=1&dl=https%3A%2F%2Fwww.walla.co.il%2F&ul=en-us&de=UTF-8&dt=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20-%20%D7%94%D7%90%D7%AA%D7%A8%20%D7%94%D7%9E%D7%95%D7%91%D7%99%D7%9C%20%D7%91%D7%99%D7%A9%D7%A8%D7%90%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%9E%D7%A1%D7%91%D7%99%D7%91%20%D7%9C%D7%A9%D7%A2%D7%95%D7%9F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Video&ea=IMAPluginLoaded&el=&_u=aEDAAEABEAAAACAAI~&jid=&gjid=&cid=1379669123.1672478488&tid=UA-4780630-1&_gid=382441059.1672478488&gtm=2wgbu0T728TH&cd1=1379669123.1672478488&cd2=173&cd3=&cd4=&cd6=&cd7=&cd8=&cd10=0&cd20=no&cd22=0&cd23=0&cd24=0&cd26=&cd27=&cd28=&cd29=&cd30=&cd31=&cd32=%D7%95%D7%95%D7%90%D7%9C%D7%94&cd33=not&cd34=&cd51=&cd53=&cd54=&cd55=&cd56=&cd59=&cd62=&cd63=&cd65=no&cd69=1&cd76=&cd98=&cd107=&cd108=no&cd109=no&cd110=&cd113=1&cd115=&cd116=0&cd35=editorial&cd38=Live&cd39=Live&cd44=true&cd47=Live&cd49=&cd50=Live&cd72=true&z=1567114477

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Dec 2022 16:42:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 59924
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 5068
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELoDf9C0sYFg9_qI5o22JUU&google_cver=1

43 B
766 B

10ms
9ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELoDf9C0sYFg9_qI5o22JUU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNr43YsDEIDoto0DGOrslN0BMAE&v=APEucNWfOf0dYgHvwE2DkrKdi4abGJKGUz8SCXhHmDlpULc0fIMdnsD4GYfxJvnopcZiuumzWPyTYmQCPri0YKeE6zO0BE2MyjAikiejosnC538vYl9W8r4pxM4LAKgLN6KESou4-7OgLX9Zo5aiUruBZZCe423HRv7LuVtbNaPvU3JKNCA_vPc
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 31 Dec 2022 09:21:29 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:29 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELoDf9C0sYFg9_qI5o22JUU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 5068
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y6--GX4k0RL85DpHIYUDBgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELoDf9C0sYFg9_qI5o22JUU&google_cver=1

43 B
766 B

8ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELoDf9C0sYFg9_qI5o22JUU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNr43YsDEIDoto0DGOrslN0BMAE&v=APEucNWfOf0dYgHvwE2DkrKdi4abGJKGUz8SCXhHmDlpULc0fIMdnsD4GYfxJvnopcZiuumzWPyTYmQCPri0YKeE6zO0BE2MyjAikiejosnC538vYl9W8r4pxM4LAKgLN6KESou4-7OgLX9Zo5aiUruBZZCe423HRv7LuVtbNaPvU3JKNCA_vPc
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 31 Dec 2022 09:21:29 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:29 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELoDf9C0sYFg9_qI5o22JUU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 5068
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEKwtco2V9QVF5lEZ2uUFTuk&google_cver=1

43 B
1 KB

15ms
14ms

Image
image/gif

185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEKwtco2V9QVF5lEZ2uUFTuk&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNr43YsDEIDoto0DGOrslN0BMAE&v=APEucNWfOf0dYgHvwE2DkrKdi4abGJKGUz8SCXhHmDlpULc0fIMdnsD4GYfxJvnopcZiuumzWPyTYmQCPri0YKeE6zO0BE2MyjAikiejosnC538vYl9W8r4pxM4LAKgLN6KESou4-7OgLX9Zo5aiUruBZZCe423HRv7LuVtbNaPvU3JKNCA_vPc

Protocol

HTTP/1.1

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 31 Dec 2022 09:21:29 GMT
AN-X-Request-Uuid: 8e4c7930-d7c9-49de-a14f-778a0ff5fbe4
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 81.95.5.35; 81.95.5.35; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:29 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEKwtco2V9QVF5lEZ2uUFTuk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5068
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjE0Mjg4NDA4ODkyMzYyNjEyOQ%3D%3D

170 B
188 B

86ms
46ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjE0Mjg4NDA4ODkyMzYyNjEyOQ%3D%3D

Requested by

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sat, 31 Dec 2022 09:21:29 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 81.95.5.35; 81.95.5.35; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: d6f2d3ea-2dcd-438f-a891-ad70e87658f9
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjE0Mjg4NDA4ODkyMzYyNjEyOQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame F74A 106 KB
37 KB 65ms
21ms Script
text/javascript 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/
Origin: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 21:33:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42473
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 31 Dec 2022 21:33:36 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/ Frame F74A 8 KB
3 KB 65ms
20ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AYwD7v8da5PhXtcft3myjAOkkk-s0chpoNb1PxOsSrD3fSBZ_toCdwoZY63wZ7t5yYl3XaZDLaN2Nd555atifuye9PXg&cry=1&dbm_d=AKAmf-Cv4otOOlvNzvIwjdByqq5pFc1cfyZd7pOQ2JdmVhocZoVCF3lyi3NZwG56CJpdUMQhhckP2aD9_v4fwQhRpeAtsqtzfcLQrrbASlUWuuyy4zTQYVb2JkqFR2ObuyzgfZft49wEN1veAi6Au-swED7sR3r_cUuqCRBF_IGSbq9Q2YWLvOVwtduiy3fF2d9QZP-I__GkC567iCmOgJBpcYEyzO7mpDI4aApC8ab7zEWFEcyne3symc4QzBGZ3da5rnFIC9_QIdokvojYH8IAop5qV6Gjp0LR7cAofnxW-9vfGGkZT9sBHfVpbyPvtYAMmVtbVcaE4mFF4ZGi1l2PmSELvgEcp37qFDPO_1ZYzBh6s3zPg953LNRngnkca5SqnuaJPIG6Xw5XV5PjsYwIvMDZVAtnnCCYruNpcDtBEkV20baXMqK_wIh0In4dIggb7s8Vxi78z4Wst4gHtBvPbRHcLve6JKrSRaDtMpByjrvIj4tmnrm_qXIU_3j-cPME6qlGjj0cugEF-7Q4Uc5-LX6ZsDFNjpH2GeoF-dNFPlCSGFPnxSqxAdNrVAC264n4abKGKaIw4PbwhjH8BuOCS8gzqH-x6Hm66FUIyFrDhCJ7wQUIM7qk5_gFZqm4Cjjyx1fAQsVRWHGtss1oyAOLr1of77rCsmqSA3pFuuCVps_S5DvmjSD_3VftI59DPwikjxMg_6K5B1Bn-b7YdNMlKtqAPHp4l9a9ueJBJQFqEFx-bLj8nstNHvbLWEjQUb2JD_k0FvRLbEEKpsTbFzuOcmzR3Fmln8rN4zA250gVwRVVDQUntOCFqmSJYqvuhnZtHS2z0a7QZvkopOHOiR0QlKHCn2zCOl604j1JsBwcGUQugvnDFzyRh2nAY3SFY3SXidgdgVXumRuwmsYhHunVDUP6nBFigaEamghUQsEuRcJViQomd78XycmX9HJEbkq5HsDqqnelISgSei7GmQdlamdSxTHfNpNhshORI8MFp6swp0hvVonx-Py7yRmyeGx58cTV9OtIcHXcbDt-Ng_9XsX5RsCuFVQ9FLhcsRi1GOgjOfV3qzfUW0P3YDc2LC29hSNs1bOJ7IZjvezYXSmULYt3cQICb5vPXuwr9DyPB_QiAEvMjRXlDmZS8TFbfw74tSpK0dAaI0xgsYWXPHSrGbAHSbHyQcAlZQrbIUFuN-Qx9GOjZNpZnco3mEbGEUh_vTJnV0VuzWoy0DXzdybVLqMl5e0d72m9Nu37znU7smhHjA7lFwf1UMya7U_P3qTi9fCWPI-tgtCI3U8XbaPnPw-wI0tevQo4DZMIjeHFwCpEkGX4M2JvIxCdm2d55IDcmpLYVidM3kYYuipAXNN2brRhSHELEM2oZrRTw3rRQSNg4LKHqu0OQzFuS0LKUGcx3T_WPpHcQb5emIBSu4ScZsFyHuxWJyrytMYe3lYHhUCdW0AHMA7e1-ghOM7iWreOKQogKs1aH4K7ZZWW9FSZXpYhI7SMJhy3qk5pBVvNJcql_Y3GGrz4iJiG0lzkcQeY-NncFb0BSL62JUb5FfFrS1NyqhVjO3OoTfs4n97QZTHj2k0M5_gn1KCgmcVCn8-p0OEu2VVeXYGsm0RPICK7UOPzeda6KNJlUvynJJOY9DQcMcZbA0Nn9y2oONGJ8LJAzPLBG4x5TrBTiFRk3RM4PXvUje1R88DFmAz3XJA7EveVgOU3RCG3L5EEVN0StqlLy40owJa2eq1y0ojv-ZZKoo7hbDHDsb4YckppSQtLudwiQp3ugljeZZsrSdxgFHhUiW2bHntk7LyZOo637M_PO4f51cU8fsS6F8qyy7hUo2jNKl07wrvkDNYWKeDQpjClfn12gTUQ_Lpyz6Rv44eio6QibFqTdO-SD-baSnFbbReGqE5zOnkT0cTDel73LzGq50cpLVdqzdonr5h4CWX_kGSdj2avwp8_ELJrC1kFOq56iJPWtmlfkSR_xbcilpMttKlqpfg1CN2odT5ZfCMkqyDGayuViX9Of09vWVBNApTlFqxSdIOeGsK5cm6jB0sSSSriJkoCFINz8u19-ts-sof_PFBVoKcYIi2SoGgvqC1yljSVq3W1I48mzQ_slbVFYudXRyjPGdZaWljFBb_NPjaTFTI4dKklB3hHlQbgpuRiUjxZdeaUBZgPTh_4_HHJIkH-SidYDdM3TuHuBG7Ql5LMFibSJqeY_lW-cKfLhNcBCVdIBko4KOwUIb6PKmImYGCRpx_ep9XZJmUdkWoKqx01wMAj1fYLW0qtgtcK3U_-A6oYyQCLAcpRWMaLFc77kKA5Jth46_CqOpRb9X89e95KKz5Wb49hnW2RuaNTI1wHTYWc8psP88djwcqXAiRJQusjSIISNl2Tfpx_1ZKu5iMBqdJBsFLBeBkS4uJ-O0ec6EBDpjn7z0Qe64rEbibIxA3zCDo_-cmDCjxaK5VibkwescLNyz-fuKkhnAdcs9--JLwTOR4lOtMIWXpwqPG2-Ckgeyn-ZcTQ2vpqkuM3mE6YsIpNJ5qMs0UXMSg4Z0Dnm1aFHNYVPoXVN1rAxZtneN9x6BfJ8IqkmXElqnM2-dzeKUoBlyAPvInXEzqkpPoFlxCvFRbJEhwjPbJUJCwcceTsv1kVLdbdjXQIZgbR54Qv4qwl_-7ADxruRjxLw_Wue6VHCQw9i1HEYzxde0Jo9WkauizZhca3eVBy1WE4A6Q4h7a0whqnhomhHN9KRnqge3PNKUgMlRu1cy-cV3CsDaDK9VBhoZvqH2294Xvvc0Ox7JvlCWN-VMIUwzOBurRMNMTDlyXwwprxiies6-hI4J9WtvqjKmC-52FWsYkjDFe9GkLFhwc3QrfdHoJIe1oDR6swblhj6A9klAlH8ddObF7SjuwG7Pyjwh6Nv37YXgO-mRPk7O-O5FpjFdKxErqYlS8ZdHdGisYUE4mKaX3wT0ixi8rFTQ2JZifvqCFY5cju32rL_Obk7Es2-kpDAsmY86Rtp1oGe2BI9iPPhuoBzZKR1xP_c4l17915UFwmf2yWRC3P-3vXM2UjxsyyKBhNhAZzKBrfILaE28NxqyHi88HPg88LsY7W4RmpA85kdM-nx5Vv_dZE6SaLEA9vHE3ZFTH9YvUn9G4XOkb3J6ad4V3O5pMgO8IiwSKXXr-Kq_-qyQNd9PQCVC9inVzJY8U87gq1BRhDOgQ7-NK9BD2s6kU_Up1ZeomXmdm7sigrQjepHilIzJSIRkw54HVDNNMj_mBlRrP4lzZM4-txzuqLVQ3PzCnfl-DV4Vyye4yRgoZYHqsaS9MhJaLy3OFcqjFsTkI1QJR5ERK0rvZwBwxDwPKegEaDFg6T0oZR0mw_AjnxGuIhFPz3NQmOgpEC4nTQS2lRge0&cid=CAQSPADq26N94g0XqHU-yu5B0gCS9WHy4aekD5nsV-huSsLAMM6p7NdBs3QdDZsnhUSzGKr9ZlBrf-ILEinQBxgBIBM&rfl=1%2Chttps%253A%252F%252Fwww.walla.co.il%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 21:33:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42473
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2986
x-xss-protection: 0
server: cafe
etag: 3296546412363819624
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 Jan 2023 21:33:36 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame F74A 30 KB
11 KB 62ms
20ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4d60e53476012ab254ca2f3f479903a6be9ead3cb39a9ea353c51ec75c618c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 21:33:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42473
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11387
x-xss-protection: 0
server: cafe
etag: 8197878782792770439
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 Jan 2023 21:33:36 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 743A 29 KB
16 KB 103ms
44ms XHR
text/xml 66.102.1.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-ABha7OpiT9M1LwHM_aPk0VK2IlR6nBUTYHgOrl-C1cUnnOjfo0ZceO4wAh2UK2r3iMx817vCNLbhaHxE1jwIjANPQtGA&cry=1&dbm_d=AKAmf-Arv4xqVXcK6Uh5W8ZJXDjG3UF1ZDgoxp1r2sptj74Ui1nQyL1M0CdsxVOh3jIvx5oviP8OOOTkjdQyonK7KuxEEtJ_F_iYPQ_CmsXhP4ObSwb7gxsgCqrAB4bD9OWeRJ_CIDr8MUrnQ8cWU8772Dt7oqeC7sW4ok14wZ-6xgFis0mWkvnmf_at47dQLXegCbkPUaX4AFS_lXU2PXa65lPJOdhDBxUhtUBuXYy2S-keqL_qMKlFM3L3M05hC68lN9Zv3NA7RQEEIWHCGFHIbnmCXnI0ghvdJYQbeVqvAKQy5pYMmTjuoQ0buly-fP48hsa1L_hu8PErZrYhFwJqovForHI1EaS7wn5i-0qq7ckIW07HDl4OJbPLKKBKlaSZ7Z8suOK94b-B0dpx0dJYtXxl5Y3X-wNnetJ361-7F6g7gXNIvpfdVGhlb96t7I4hvtbSpBhvIJWPnqjuQmXQd_JNEKGi01B6BY7L9GwjzLF6y0ULrIaK5ub-ZU_JUZSojNYUt-mVWZOpG0szydw3D62ZfST2W1NSD_K2me8no9ghCigJY1iy9gBQ6PReqv-Q2_vCW6LmbBaX8rllZQ-APiWY30cBcfWJAWQDKrG6AhfsagMUCAz305JFhnvVwIKl781LE-mhYByfDJYbzvqJxzgmp_hA8j2zs5mBLMd4zCm6u6ZUUTrYFMcZuOIhm_eUCG8DEWV4GWpgm7oxyING2-j0XL4tBL6YJm18YJ4MoaZgcBihx_XYWJomOpUF_hKvHvWGa4Y7SkA6s3a77B6L5dYTOraMxiFcl3ltR2ox_CL76f0Gn9-8E843Lrs3XuXsNvwd3x5yMh52zIow207tt__ZOiTWi5KP-7C7iRmL3oGkHUVLqVWcZ3bMNHmY5XMDTMT_BcpzH6y9voRLBGDFRAnGs_drs7T1d7OPbuEt1sHTYRm1lXoY-ev0GNXeIavN567bnjQzFc1uIdYoYyN5BNcFVrJRYC0qGUmpxyWw2qTZxG6KcRs7FRepAmF6BCY4jwYche_aYz5jHnnf43HBaHzb_Xn-tfQ8P-C0GfDiR9oP9VSnH8G2e3X81N5ZJLuc8JMDQk4rg6AXEsK9OoOmd6EzFFeEwOm_A_wpXPM8YAIjSEFe_TwwZLwzt2CqogWZwlZnvv8vbKA__5m8FusZWA-o2dBWdjmnuN2oPD_AaCh8UC6UNRUIOxp47vYYl3ZT07cZ4Q-pi7BKTde9nNhy-ridT_CC4TSpbUmECJrh8FzJ3L9OhDWM6NsqdRSJwXDL3Vo2Mvl7i-DEl6kZc9gx90beOGVQLsdmScoUdUU-lq1u7rw5WCK6l5rdRgaaKfBRHFYlFZwTi93Xp3ypFDWDDGtxXuJk8IWBX2WFuG3xZEz00Lle9fA9722KAZ7cljrQNMbrF9fHsIlC0PyErv3KU1btnmgSrlWwyWPUcGbGHyNzuyx7IfljHOim799ga2p5y33acRq4B31ObJApCROEv0Thhj-sLwIKrqbXTjw2u8YJ9mUILwJZxNCI_C5nL69iPE82G7Ba120zX94YGH7AHc4PpNDpIUWENBF8h-lBvYpP7BpXii5N9l2GbylJBgWYIKWwyg36pAK44XA1CbNGImr4Y6NdEBYL7VsUZ-_coX1ErNBfnwm5rGPvRWsDNmHOYO_P280dfTThRtel6hLIsC3umzW7fFSiCzQKUjSYaiFkNbpEKbFqYhOZsytkiacHEJMdc4qi0IHOxbjuvwmDhMhqCbHv94DayRVzvCTfqRaayoO8ciS-I98klFWNsvaNWmjliUII2aadmTxGed0d6Hh1pJf2JbkcWDDM7zduKUzf_cKJoWL-Fs-OWgTTx6XC8E2uMnkjKLcxTFAtVcU-NNI3PDNAmXLuDRFDsppdMl3FfgBOULLPWpN1wY1pTBYUZK6oxCpQUvnT2k3m7J_m76h_C-r0cyxRLc25NWaVxQvws0IIs4Ont-xGfS8CXyRR-xVSzQZwWiElguXfzmqZepok1XSBt_dsigx4Q7_z9w5uyxPcF7FBNHMo8KEw62hlG0ic78qOU8Mxwzyca30KPRG9fLaiVEsg_1MC5RNX256HqGrNttttpBfjbW7a5n_ot9ygbeM__nS7VL0m4q6IdqpbMHLm_BRwoWftEL2Ywy1E2tIMgGg0i4rAy90gPclr_o1SjB-qdKxz7KBZ5Hm6IS0HmH-GFet8WcALH5pJMvvMIlUR1DTe3rjQ3hmmOVLaiHSx3K3QfLL9zssba9Gi_4URJzRlvmUY_pZPPnqRuAHMNYSrHswJG4rGCjucOwZmoYS7hdN1LeUP1hUUp0aI-ukng6yn9S-GnWmnaMKZwQMw7BXipNtearIuRFCQF9ReiOkFexL6O5JqabWejAfxjKifK4rIBtKHaNwZ5wf3z21A3ShXhY-vHhru3rQrkK1GgTuY08ZSDZkMpOUSMUkt1xDUJD-oomllfPW-DHA15jYsONsacmCsy0jNKwsb4vL49aJqEKk8R3B4cGMgifXy_Okng1dGwqGCPyvFDSyhbA4wp_SAMhJ4x1mMJR4V8W2NfytsbyVDUYN5KWouye6vWMP5tOOp0-INMzzXzygDr8C_hDd8s5U0JDtNLWazG4Gsy662_MM7KuGeqgBnU6_iqar6hYnzkkqu9e7FuDGiMQ9MSlNWavOczaZiZzLz5j6QiHFVd-O3RXkankY3ahMfgVnYqEfC4tYYOPoa9JdQF6Ceastpk6iuSCWoflhBErFrNkemnArADRHU-28nBEqUAcBcaNWipatWrLpG9VVaK6RowzOczLd7h1vrU2jUjrBGRKFolXKay5ExQvMUutHp5BRDbXUxJ7je11gxhEY7hmh0qphVFwciv6r07Xo2Mrh4D3DYQx5iSwl2Vaba1-JpmeU12caf1S2DQOihupEZc7E5tsy7iDYEEgXNNmj9zM_n49E4bsS6fISM17Nm8M3wk5Rgw-WprWJ2nBfYHxDgT-0chGlzt9SrIrQC0xO8ojMNTfg0Y97pLkvB2vhKVuQ5S0dRATgohrjuAtAQHWxfJQ2RIntFwzKDGrbZbO7Ri0XQJWVp9PJYzvHklmJOS1hXse-l_qem-veXb4HAJlIaZorX_NSMsZpb2zOG1oeuzY0xNzBf09c6ckhxSDUq4gc3hP09Tv2-MxOPfcywAJXprHV_dKQ6ENV8AHy95fr8bQkLc0rxBLJHPEbBvyz_iEaxdiedAr0o56hXgxDlLm7zZkipqcP0lO2i7oZSvfRefwnRO00z4QfcRf3vn5elWKfuvZcXchC0MFWb8AghEa9xlRgiord1STrtKnffUQoY2ReeAW58BaWcCs285Oir_Mef9oMdxCjm5HHA3FpWA-6l4Oupicpntt3hck_3tPJKn2WKUjv5Et5WWh5h6-HWGzMxm_fNf0yU0cX4JHatz6NSmV3qfMimNFVqHbnF90HRXdCBEdBUKQ6v-u9HJ5zACsvJC1mGdwvAvnLlc1T-_5_k-A1Wn3kD7HOZaFGkrtiGQnFnJpzf5Nv2eFZRaCe4hZx7qgj_MbYSLA&cid=CAQSOwDq26N9tH_u_2QAHD9Rs17yGxFJ64W8nHTP-cYUH4itCZNhdvLcP_V5Yt0W-OSdrefe837wzOGrhQFNGAEgEw&vpa=click&vpmute=1&sdkv=h.3.549.0&osd=2&frm=1&vis=1&sdr=1&unviewed_position_start=1&is_amp=0&hl=en&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=3763514115&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.549.0&media_url=blob%3Ahttps%253a%2F%2Fwww.walla.co.il%2Fbbed3621-9067-421d-9445-5f71b3d890f9&sid=B9380A8A-8149-4337-9CC2-F9DB07B62756&nel=0&eid=44748969%2C44750822%2C44752711%2C44765701%2C44777647&afvsz=200x200%2C250x250%2C300x250%2C450x50%2C468x60%2C480x70&ref=https%3A%2F%2Fwww.walla.co.il%2F&url=https%3A%2F%2Fwww.walla.co.il%2F&dlt=1672478487861&idt=825&dt=1672478489267&ged=ve4_td1_tt0_pd1_la1000_er2821.790.3151.1377_vi0.0.1200.1600_vp0_ts0_eb16619

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.102.1.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wb-in-f155.1e100.net

Software

cafe /

Resource Hash

7812b0db37ea8d5a0cb8f6aef6b172c4a9eed72ace949f51966ae92912055bb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16257
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 1BAA 0
15 B 11ms
8ms Document
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.walla.co.il
Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.walla.co.il
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Sat, 31 Dec 2022 09:21:29 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 6D5A 2 KB
1 KB 50ms
17ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6__GAAJgkMK02WNAAkxB1521MYQZsMdxVyk6Q&u=%7Czq69SIPlfah7zUbtgUTU44CFld6jl7fr02lPrfQWQc0%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANV6NnNUZrls0OYiCgQ1A9RVz9ZNiORTuXPRuFrnTMg_uaqqpVaKMNsOLQbJyfvgNuVhQ7C7gvk_qhrqQhPY9aiuZxUmCuUdimosCewBaDyIYDtGZCQ5dpaluP4ddW4raGqJffrZLwTyLTlnl_LRIIKVDm5jQIzh412LMl3-PJly3XKCOL0z-qEgb0YskswPlFgoIqg-PTtnWr9gPpGlagLIKO0L9qjdt9T1w5k7_VIPmO1tncIZEulPcmhhbby4DEmzFz47C4bkwwKUogqp0uG-TDUhKqJ-s_N5KGSvNaDjRN_NuiJPXnH53d6fHG61wvwR0Hvc0ZKExLkat5tZ0ggd6VR0cRnMMSd0iVYdgs_HYrgxU0wtU0GjHc_VfgFPO-bL5K1ODMTHtkQcY1tLToJcWcrKJanQf6H7S1DxsBrpScQUlfZISt9-aKhXzK0eHZgOImdu7JvEtxJupBjVmriF7yMPj-n-lYYJIKSefBDjVrac1YyNzdgvCDvaIAzE6ygWVfnua-mHJz_QO5KVFgy8E6LOafIzEywWIkOdZrPM3&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKy34GP-vY8OEJo3LzQaH4qTYAcme0rFc1Z2R93DAjbcBEAEgAGCVkpaCqAeCARdjYS1wdWItNDQ5MTY1OTQ5NjM3MjE3MsgBCakCKqzPSPn1sT7gAgCoAwGqBIECT9CpxX4frNsXYRFbGAg48uyAnupXR-IdnaqvEb__i-hjOCG8mEey8qOU9bwtI32D_nZeTg8Wb_4nbtJHIKyaX7nsXOeobNaVlAMzZVhudIdIan6gW1RGWznD3qCy8sElRexmO94MG1CD7BAL2FVJWtB9QXKcd08CGs4qFflgi_0ZTKbkmQph5kHtM7DzHr-SIn-fvMAQvEGzkl3c3CYmzAvpDn6YrgCukbUZnTcRbfT52_aF2s-NhSwzU7_uYV6KNs1-uE4Y8GAexdTXVrIqsRDDOqhNDfqAItd-mUcwIpvpdQti50eeNiQHhNYxSesJfOxYz8_HFstIlZKSU25hZI7gBAGABrCan5zrkfS3swGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_08hpzhhH94om3bp2qkbKXYgN6JMg%26client%3Dca-pub-4491659496372172%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:29 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 26 Dec 2023 09:21:29 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 6D5A 2 KB
1 KB 49ms
16ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:29 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 26 Dec 2023 09:21:29 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 6D5A 308 B
636 B 18ms
16ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:29 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Tue, 26 Dec 2023 09:21:29 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 6D5A 293 B
621 B 21ms
19ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:29 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Tue, 26 Dec 2023 09:21:29 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame 6D5A 43 B
348 B 65ms
20ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=GIlrhz5X5idjt3507XjCSJEG6IXEZiBQAfq95BSauIzkwpxNWC_7XrhpjJ9SQUuud4--eADbAx0qu69ZMMYXpJ6aOo-KuWW0DzF8h5PnksB7O5yi4H8vPgMGaIa9W6Cd-w0kKGF4DysXiHndBapCXDby0ImSw1Pygiw5UeTgqUCYB6fsy4CF7UuvPknMIpSOfWXfYqx5Md85TgQdM0lNEGJo23s-cx0AId51tVferDou1vVCBFOukOIY8ajv3AA5iGGIMFzYecNtzykistnAKH7xCpjPH8d5gZP6RE1ZH_npLQZR8art_b9telueTUMaKC8vO7cRvCMZJZRrUhW-Ad8bZr6YFkW7YHkYeTRzegXebBBhsWOBLovpu_BSwfCNuB-XS3NJ1VMgLWd9IUyS4Vr_kogk7oX8C6rNwzLVvsvmyXV3

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:28 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3168950
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame 6D5A 60 B
60 B 168ms
28ms Image
image/gif 213.202.235.10
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvId=15&extPu=13929-criteo&extLi=264882&consent_string=&iab=1&rnd=63afff19887ea69523e6c61b681473d1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.202.235.10 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sat, 31 Dec 2022 09:21:29 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy: cross-origin
Connection: close
X-ET-Monitoring: 1
X-Xss-Protection: 0
Pragma: no-cache
Last-Modified: Sa, 31 Dez 2022 09:21:29 GMT
X-ET-Code: 0
Content-Type: image/gif
Cache-Control: max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-ET-Camp: 1051
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 6F7F
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEAWeuTem0gSDTumcaxvsVA4&google_cver=1&google_push=AavPq0OEpHDogAITlKi-Pbd6JEvW1jJsSp4mQ-vZcoBdMuyDGQvA_AFI5_PesWGyGLFlhVLrpjpQFQ-8jE8SUZLU2tvYOkLcSzHeB...
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjcwODA0MzEzMzIxODU4MDc1Mw==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEOw1FjtaC3UOM6ufysdi8Kg&google_cver=1

43 B
398 B

84ms
21ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEOw1FjtaC3UOM6ufysdi8Kg&google_cver=1
Requested by: Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 31 Dec 2022 09:21:29 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:29 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEOw1FjtaC3UOM6ufysdi8Kg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 6F7F
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESELKiBcQ7aKttvLApdYGbTno&google_cver=1&google_push=AavPq0OXGhcZaT941qpE9eNdtDOYDpHNALnxoFvuOf4lOjOMMgPgcyKXGYZc-DdZn3-zHPc8DBbRKOR_R7B_wiiqxB3xkvZjUp1B3...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELKiBcQ7aKttvLApdYGbTno&google_cver=1&google_push=AavPq0OXGhcZaT941qpE9eNdtDOYDpHNALnxoFvuOf4lOjOMMgPgcyKXGYZc-DdZn3-zHPc8DBbRKOR_R7B_wiiqxB3xkvZjUp1...

43 B
414 B

210ms
196ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELKiBcQ7aKttvLApdYGbTno&google_cver=1&google_push=AavPq0OXGhcZaT941qpE9eNdtDOYDpHNALnxoFvuOf4lOjOMMgPgcyKXGYZc-DdZn3-zHPc8DBbRKOR_R7B_wiiqxB3xkvZjUp1B3NRH7JEuAA9OedSCkZllFa7_hBLf-nvnaE6DYMUf9w4&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0OXGhcZaT941qpE9eNdtDOYDpHNALnxoFvuOf4lOjOMMgPgcyKXGYZc-DdZn3-zHPc8DBbRKOR_R7B_wiiqxB3xkvZjUp1B3NRH7JEuAA9OedSCkZllFa7_hBLf-nvnaE6DYMUf9w4%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:29 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7821f20058189944-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:29 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 1159
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELKiBcQ7aKttvLApdYGbTno&google_cver=1&google_push=AavPq0OXGhcZaT941qpE9eNdtDOYDpHNALnxoFvuOf4lOjOMMgPgcyKXGYZc-DdZn3-zHPc8DBbRKOR_R7B_wiiqxB3xkvZjUp1B3NRH7JEuAA9OedSCkZllFa7_hBLf-nvnaE6DYMUf9w4&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0OXGhcZaT941qpE9eNdtDOYDpHNALnxoFvuOf4lOjOMMgPgcyKXGYZc-DdZn3-zHPc8DBbRKOR_R7B_wiiqxB3xkvZjUp1B3NRH7JEuAA9OedSCkZllFa7_hBLf-nvnaE6DYMUf9w4%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7821f1fecd029944-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6F7F
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEP3nBiCxq76NvXDF7jtEehU&google_push=AavPq0N-xEmGWOeucfequuH5vXVqHcVFkw6Aku_T1kW_Tsvm2rjvD0d297...

170 B
188 B

45ms
44ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEP3nBiCxq76NvXDF7jtEehU&google_push=AavPq0N-xEmGWOeucfequuH5vXVqHcVFkw6Aku_T1kW_Tsvm2rjvD0d297UCDoxdMsK_FvodNJ4tF1nXwZb6GKlsowczkhkViJZpVTXZ2ToJZSuVspq55NoChg3Sv_dQyNB6n4djUkn7eu4

Requested by

Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-hhn-etou8220042-HHN
pragma: no-cache
date: Sat, 31 Dec 2022 09:21:29 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1672478489.493253,VS0,VE94
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEP3nBiCxq76NvXDF7jtEehU&google_push=AavPq0N-xEmGWOeucfequuH5vXVqHcVFkw6Aku_T1kW_Tsvm2rjvD0d297UCDoxdMsK_FvodNJ4tF1nXwZb6GKlsowczkhkViJZpVTXZ2ToJZSuVspq55NoChg3Sv_dQyNB6n4djUkn7eu4
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6F7F
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEHdgrhVOTlR12PRqNT5JIRw&google_cver=1&google_push=AavPq0NoUEhTkGVzgT-d3Bc0t-ktZV6PIllmkxWGvVwzdp1zmhzEIPDWOLR3_DauK5HFEcxeprCJkAHxh-vnl8EczBnYBpK...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0NoUEhTkGVzgT-d3Bc0t-ktZV6PIllmkxWGvVwzdp1zmhzEIPDWOLR3_DauK5HFEcxeprCJkAHxh-vnl8EczBnYBpKEtoI5DBiw8X25CvRZvaMKOWlx07GXogxqF6tD4...

170 B
188 B

48ms
47ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0NoUEhTkGVzgT-d3Bc0t-ktZV6PIllmkxWGvVwzdp1zmhzEIPDWOLR3_DauK5HFEcxeprCJkAHxh-vnl8EczBnYBpKEtoI5DBiw8X25CvRZvaMKOWlx07GXogxqF6tD4-4CiKyUAA&google_hm=eS1zN1NOTlVGRTJwSHlIOXZoblpzY1JpM2pOMmdCdndsVn5B

Requested by

Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 31 Dec 2022 09:21:29 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0NoUEhTkGVzgT-d3Bc0t-ktZV6PIllmkxWGvVwzdp1zmhzEIPDWOLR3_DauK5HFEcxeprCJkAHxh-vnl8EczBnYBpKEtoI5DBiw8X25CvRZvaMKOWlx07GXogxqF6tD4-4CiKyUAA&google_hm=eS1zN1NOTlVGRTJwSHlIOXZoblpzY1JpM2pOMmdCdndsVn5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6F7F
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHOV_y6wakBZm4zSogVorL8&google_cver=1&google_push=AavPq0Mujq8dijiPTsErI8Hk2CbwvO81jk4QM9VtwcC1n2GkR5CUiDmIpBbXFUi0WdJvdbGqJjPM9yxJ...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEHOV_y6wakBZm4zSogVorL8&google_cver=1&google_push=AavPq0Mujq8dijiPTsErI8Hk2CbwvO81jk4QM9VtwcC1n2GkR5CUiDmIpBbXFUi0WdJvdbGqJjP...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTE3NzMyMjIyMjU1NTkxNDY1NA&google_push=AavPq0Mujq8dijiPTsErI8Hk2CbwvO81jk4QM9VtwcC1n2GkR5CUiDmIpBbXFUi0WdJvdbGqJjPM9y...

170 B
188 B

44ms
43ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTE3NzMyMjIyMjU1NTkxNDY1NA&google_push=AavPq0Mujq8dijiPTsErI8Hk2CbwvO81jk4QM9VtwcC1n2GkR5CUiDmIpBbXFUi0WdJvdbGqJjPM9yxJOCrKP0JSA4c_0FSfq66GbMj6oeSVKaIqPdKX2bWiT2dP1-CiKXV3yddnjcsD-w

Requested by

Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTE3NzMyMjIyMjU1NTkxNDY1NA&google_push=AavPq0Mujq8dijiPTsErI8Hk2CbwvO81jk4QM9VtwcC1n2GkR5CUiDmIpBbXFUi0WdJvdbGqJjPM9yxJOCrKP0JSA4c_0FSfq66GbMj6oeSVKaIqPdKX2bWiT2dP1-CiKXV3yddnjcsD-w
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6F7F
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESEGkAWjIwaBkqFsFEOF7opvo&google_cver=1&google_push=AavPq0M_SZYacxTEU6QjrS2heL-aeJ9rskpnV-Ls75xSCLfWIWzD8r2LuSstECuCZBd_oEdqGuxhYVyXuE6qypkG-nlIux...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEGkAWjIwaBkqFsFEOF7opvo&google_cver=1&google_push=AavPq0M_SZYacxTEU6QjrS2heL-aeJ9rskpnV-Ls75xSCLfWIWzD8r2LuSstECuCZBd_oEdqGuxhYVyXuE6qypkG...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=_EJ-mpXKSgCEdbD7OpErmQ&google_push=AavPq0M_SZYacxTEU6QjrS2heL-aeJ9rskpnV-Ls75xSCLfWIWzD8r2LuSstECuCZBd_oEdqGuxhYVyXuE6qypk...

170 B
188 B

65ms
46ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=_EJ-mpXKSgCEdbD7OpErmQ&google_push=AavPq0M_SZYacxTEU6QjrS2heL-aeJ9rskpnV-Ls75xSCLfWIWzD8r2LuSstECuCZBd_oEdqGuxhYVyXuE6qypkG-nlIux3doOFClkyMFIa6dOy2WoseMGh6rSvwiHfdr-jOrzRiQ2gc0Q8

Requested by

Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=_EJ-mpXKSgCEdbD7OpErmQ&google_push=AavPq0M_SZYacxTEU6QjrS2heL-aeJ9rskpnV-Ls75xSCLfWIWzD8r2LuSstECuCZBd_oEdqGuxhYVyXuE6qypkG-nlIux3doOFClkyMFIa6dOy2WoseMGh6rSvwiHfdr-jOrzRiQ2gc0Q8
access-control-allow-origin: *
date: Sat, 31 Dec 2022 09:21:29 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6F7F
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEINppgz9A...
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEIN...
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=0f105afb-2092-42b4-a326-8c182e7c26d7&%%GOOGLE_PUSH_PAIR%%

170 B
188 B

44ms
44ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=0f105afb-2092-42b4-a326-8c182e7c26d7&%%GOOGLE_PUSH_PAIR%%

Requested by

Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=0f105afb-2092-42b4-a326-8c182e7c26d7&%%GOOGLE_PUSH_PAIR%%
date: Sat, 31 Dec 2022 09:21:29 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 6F7F 0
12 B 82ms
41ms Image
text/html 142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KLYMN0m4coNG24AUAHpxB6Sej49LqqXs2rYdpH0ykC_PMg6xT6VGungItYisehBLbuwnQRmg

Requested by

Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

a2-18-36-193.deploy.static.akamaitechnologies.com

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:29 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame E1F6 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 91b07df7853d5e87bd41d7c24797100ec462141de7e61f0ae22830564d5d7955

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 58B3 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 180a6aeb2ff77821ee4d2837a9bac0d6b254487891b1cc51c33d454b302af008

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 8D25 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3830ad8f74cdd0b3faffb5692ee3de51a2a5f4a4f86fd39798ff0a0a93c50f63

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame DE31 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6a3753632791fd283a1547591010872c77779e234f16e64badc772d1a3afab97

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 204 csi
csi.gstatic.com/ Frame 743A 0
327 B 86ms
28ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lcbqiczv&c=1201159005279&slotId=600579502639.5&qqid=CP625PHDo_wCFZP2EQgdANwMUg&fb=ima_html5-lima&sdkv=h.3.549.0&ppt=videojs-ima&ppv=1.11.0&mrd=4&aab=1&itv=1&eee=missing-element&bi=missing-id&vast_v=3.0&wta=1&vmfc=11&vhc=0&ghmsh_eids=44748969%2C44750822%2C44752711%2C44765701%2C44777647
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:29 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 743A 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 743A 42 B
64 B 48ms
46ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
pubads.g.doubleclick.net/pagead/ Frame 743A 0
0 61ms
59ms Image
text/html 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubads.g.doubleclick.net/pagead/adview?ai=CkPW8GP-vY_7KNJPtx_APgLizkAWz5Jz1bb-p1aSbEP_1kOPXAhABIJmjzypglZKWgqgHoAHIx7XyAsgBBagDAZgEAKoE_AFP0FANrkEU4Or40xRj24B4JxevcdJWo3xqd3UP0fCa6R7kjYC435SFjKOwuA4N3F6cTrWaXrCYjhOG4dYGdQJD1cJA6fhqRVurUbmbR041xfcL02hcjQNIwzVEruaaNsS_ea3Tg2GxUBEOvAWEemknUqC18GGRg5uANf3ROaWUlsl3tWlZG7nEO2fJhVRbdAgg08i8kAQi6gqkBIJ_ag6yY8V7KEasOaQRe7v82gJCeyCLD9RKA-IFFenucdwMsAneUULTtAVUlk5vITIPc-01s8et7HZggT1HSvPcs0RyNjd9mlgKNpltrRcuUT5ErTPc440aK3oxfu0JE3rABL7B08iNBOAEA4gFirmooUOSBQYIAxACGAGSBQYIGxABGAGSBQoIIhADGANIk5Z2kgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZOgAeguMqNAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcKEJTHaRjQsonRAdIIEQiA4YAQEAEYHTICqgI6AoBAgAoDyAsBsBOirNkRyBOSyKoJ0BMA2BMNiBQH2BQB0BUBgBcBshceChwIABIUcHViLTQ0OTE2NTk0OTYzNzIxNzIY8eYT&sigh=pkcjB8D8Q0g&cmd=Ch1jYS12aWRlby1wdWItNDQ5MTY1OTQ5NjM3MjE3MhAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&cid=CAQSOwDq26N9tH_u_2QAHD9Rs17yGxFJ64W8nHTP-cYUH4itCZNhdvLcP_V5Yt0W-OSdrefe837wzOGrhQFNGAEgEw&vt=10&sdkv=h.3.549.0&vci=CiEIAhoLQWRTZW5zZS9BZFggAyoMNjE1OTE5ODM5MDIyQAAKbQgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSADKgk1MzQ5NzU1NjMyCTE3NTk0Mjg2N0CFAVIyCOAGEA8lAADwQSgBOgd1bmtub3duQgd1bmtub3duUABaEFI3bGtuZmxiWVpHX0hBWkoYAQ..
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 436B 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7a92b374ea228c923b6845dd9df4671c449ae8da7ab741d0ca9f1292a88b0200

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 singleAnimationOnFeed.js Show response
widgets.outbrain.com/nanoWidget/201010/module/ 503 B
665 B 8ms
7ms Script
application/x-javascript 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/201010/module/singleAnimationOnFeed.js?e=1
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: ae7d078e18a6ce17c1810177f9573f029353e5f7c19fcb0de5343a5229394358

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:29 GMT
content-encoding: gzip
last-modified: Sun, 25 Dec 2022 11:25:44 GMT
server: AkamaiNetStorage
etag: "2be556c89dd9cd766f84d77439b2c183:1672135165.88675"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 337
expires: Sat, 07 Jan 2023 09:21:29 GMT

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 4 B
332 B 90ms
90ms Fetch
text/plain 70.42.32.191
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=f5145bee5bfa02c87a74a726789acd42_1769_1672478488979&tm=1467&eT=0&widgetWidth=282&widgetHeight=179&widgetX=209&widgetY=1499&wRV=201010&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&oo=true&lo=568&odbreq=1852&odbres=2319&mvreq=1852&mvres=2319&re=2623&cet=4g&cs=1&to=1672478486811&umv=1&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.191 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 31 Dec 2022 09:21:29 GMT
Access-Control-Expose-Headers: content-range
X-TraceId: 45730493944b9f8212a782acfd9f67de
Content-Length: 4
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: text/plain; charset=UTF-8

POST
H2 204 csi
csi.gstatic.com/ Frame DD0E 0
54 B 28ms
28ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lcbqickh&c=1201159005279&slotId=600579502639.5&eee=missing-element&bi=missing-id
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:29 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 743A 42 B
64 B 48ms
48ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/160447/3622/ 262 KB
81 KB 132ms
17ms Script
application/javascript 2.18.36.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.pubmatic.com/AdServer/js/pwt/160447/3622/pwt.js

Requested by

Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672444800000

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

5112533882ea77891976997afbeaf5416df1ac1a423c8177fdfce6d5e4e3bce9

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:29 GMT
content-encoding: gzip
last-modified: Wed, 14 Jul 2021 08:22:46 GMT
server: Apache
etag: "1481c32-41771-5c7110f340cdf"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: https://ci-va2qa-mgmt.pubmatic.com
content-type: application/javascript
cache-control: max-age=41825
accept-ranges: bytes
content-length: 82748
x-xss-protection: 1; mode=block
expires: Sat, 31 Dec 2022 20:58:34 GMT

GET
H2 200 / Show response
csync.smilewanted.com/ 6 KB
2 KB 45ms
30ms Script
application/javascript 104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672444800000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84da8714ed2dc7517b5f011504350ec999762f66d7a4bb7ea5f1a7aaa1226ccb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:29 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-credentials: true
cf-ray: 7821f1ff6cb6927d-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2 200 eyJpdSI6IjY5OGFiMjQxMjg0OTg5MTFmODI0ZWE4YTk5NjZmMGY3YzQwNDJmOTg2MjA3N2E3Yjk5NWNmYTJiNDgzOTBkNGMiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 15 KB
15 KB 166ms
18ms Image
image/webp 23.203.125.156
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjY5OGFiMjQxMjg0OTg5MTFmODI0ZWE4YTk5NjZmMGY3YzQwNDJmOTg2MjA3N2E3Yjk5NWNmYTJiNDgzOTBkNGMiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.203.125.156 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-125-156.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 75b18148f54ba541195c7292613bb2a228d482099ba946396d295a698c0c4c92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:29 GMT
last-modified: Sat, 17 Dec 2022 10:56:12 GMT
access-control-allow-methods: GET,POST
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2284639
access-control-allow-credentials: false
x-traceid: 47f6a6c3459b695c90bd32c53421070f
timing-allow-origin: *, *
content-length: 15014

GET
H2 200 eyJpdSI6IjEwOTI1M2ZjYTAxNGJmODcxYzgzYzc5YjU4OTRjYjVkMDRlOTRjMWRlYTNkNWQwZmY5MjBiZjBiNzk1NjQ1YTMiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 5 KB
5 KB 163ms
16ms Image
image/webp 23.203.125.156
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjEwOTI1M2ZjYTAxNGJmODcxYzgzYzc5YjU4OTRjYjVkMDRlOTRjMWRlYTNkNWQwZmY5MjBiZjBiNzk1NjQ1YTMiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.203.125.156 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-125-156.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1c73ba510f28c9dfed23ac8d43c5d57385efb038665ff782e0a68ce28cb0e378

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:29 GMT
last-modified: Fri, 16 Dec 2022 05:54:30 GMT
access-control-allow-methods: GET,POST
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2118801
access-control-allow-credentials: false
x-traceid: e1add784e8ae60ef131d0cde8b8ed5ec
timing-allow-origin: *, *
content-length: 5102

GET
H3 200 container.html Show response
f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 48C0 6 KB
3 KB 11ms
10ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071257

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 31 Dec 2022 09:21:28 GMT
expires: Sun, 31 Dec 2023 09:21:28 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 71B6 6 KB
3 KB 11ms
10ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071257

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 31 Dec 2022 09:21:28 GMT
expires: Sun, 31 Dec 2023 09:21:28 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2F1A 6 KB
3 KB 24ms
23ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071257

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 31 Dec 2022 09:21:28 GMT
expires: Sun, 31 Dec 2023 09:21:28 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7764 6 KB
3 KB 11ms
11ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071257

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 31 Dec 2022 09:21:28 GMT
expires: Sun, 31 Dec 2023 09:21:28 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/4278290951424718962/ Frame 83C1 7 KB
3 KB 63ms
20ms Document
text/html 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4278290951424718962/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db2beb62b3867decc33a111d4c78cbe1cf3ea8083c27df05005846b1c4250673

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 467002
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2596
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sun, 25 Dec 2022 23:38:07 GMT
expires: Mon, 25 Dec 2023 23:38:07 GMT
last-modified: Thu, 22 Dec 2022 12:57:36 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame F74A 0
0 146ms
66ms Fetch
image/gif 142.251.208.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss2YcxpDW75yo-oPlfhgEOD9FMh-2Si8p83lmpHH0qeDBpHcbZwd6sFTtAargb8UuLGe_LdoKXTH0kaFf9IVucOGAyjUiL44BF2UlTsLmvmHXLppE9YVAs35MGwjL4qXdlKGe9PuZ4bp9AgYJWqOXx1X4lKaScVpFTS9q0ys6NZ-UGdzdb9Mv6BIU-e6gwKSZbDOfigq2OFwdVZv_Cabr3m_72nFjQXGU42c9OLu5G-OoyjweRglEyKKYA-5VPh-JHszfrRjFc_B0Hp5qEY9qGwtoqyCZHGnezN99TlTQ2QgY739-kYKhWmdDaIqXV0Owmubsy9ykvc1aio_1gmzNV6gAKF58X1KPJIDUAFz3fXm22aKyine1OetEDqrN_aojjnXuCw31Xp2QmmT6eSCLW77B8rZ-yoI9ItnZhbsug5bObZYqPyC2tg84Kw6mWmP-RaPaUK-JDzgP72LFYjYpURWsbpISteXw_sOEX6SVbMopse0HV7OSmPQ87q5cvHC0SN03nsd7rNcPesXav-Su3_Wsm7lmtlOLjXOeBGWKsmCeuAJymc04xiP7IQi_k5lqqSojT0by9XeeIgfkMx_H1qfCoUoYliqThCO_9XAlm1yXPdRfszK0qRQWOqMOo_7sBlKIdgA96F4gfan47qe36OCjOeyKnHPdPJqnZefTiPk0XfDApIEYG6sGKXl_1TJ1JSQzjBLB-A7B_k6AkVZJR3jz7tVUxkMnQQAxPqpERR6QEWCjipFMhr0JA7d2mNhsfIUMb69trJaHX9HbvG1UJmhoYiLtJqfgXugwkforSDKzL1Pie0RcLY_uRUydRIWtyAgFWEcVi-LHS_hfU5RhoOhuto_jDWnX-MhccA9xwaXwLpWCb7mdTzvSu4_igRy6WGVilo3zjb6H5W0gtM9UM9vYr1mOpdBJCDThqgYPF1_JTqdr1PqQOeFcGgeNQV8CEflVwDzPUepjuc0mlSKcuzBBRqD5MhOguP7nAFjPvvnEE-LtMiWdEsOTziInpsi2l48CU-AUMM_Tl21I7qT6-DvQC_3j6MuYHofN602md-6vuHjIkPObYd6QB7MAlxMXaFyqF3OSf6Pb4UT44jx8bu2mZZzz4f2zoE1QXPofNw0_-jkG1K1gD8aKoeAF6_nWVUqmLXfMEh_IfMGpJ2zMQwpARyVj1CaGva2_vC0v93JuYJBjbMhwCtPxSGB0KTxCLd0fQCqniEoRWR&sai=AMfl-YRVLFqb7MwlfxSeR8oMY_dcd53h-og_XYyrJlqiNkXvwaE0dXNh-VkJc5oGe6_Cxmm9LAs9xgiIxvzBvbdCEUwQwggzppbVA0Sm1B2NBByyLf2mh_3JmpDGBjLHMj-afQq3aQd0plK8nUXkctGhtu9Kfkbl70Doi9FSLwIxA--rWNc2OVZf_vKcak9Da6JyOf22ncovyFsDupgQt9w8r8oUuy5DZ9rNEGj2YCE42BpRjDR6GybX_LjndIMggjXDtPn8xeyWedxVDg&sig=Cg0ArKJSzDZdAr6JyRH2EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=293&cbvp=1&cstd=288&cisv=r20221207.49466&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.208.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 31 Dec 2022 09:21:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 31 Dec 2022 09:21:29 GMT

GET
H/1.1

206
Partial Content

43
r4---sn-4g5ednds.c.2mdn.net/videoplayback/id/cf841da30618bb53/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3804568057/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame DD0E
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/cf841da30618bb53/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3804568057/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signa...
https://r4---sn-4g5ednds.c.2mdn.net/videoplayback/id/cf841da30618bb53/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3804568057/sparams/acao,ctier,expire,id,ip,ipbits,ita...

4 MB
0

105ms
9ms

Media
video/mp4

2a00:1450:4001:19::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r4---sn-4g5ednds.c.2mdn.net/videoplayback/id/cf841da30618bb53/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3804568057/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/6B47EFBA9FCEF920E3783AE78EA1744651658826.52E81623F810BB567F922A8A883824B76F3111EA/key/cms1/cms_redirect/yes/mh/FW/mip/2a01:4a0:2b::7/mm/42/mn/sn-4g5ednds/ms/onc/mt/1672478119/mv/u/mvi/4/pl/43?cpn=R7lknflbYZG_HAZJ&file=file.mp4

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

HTTP/1.1

Server

2a00:1450:4001:19::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sat, 31 Dec 2022 09:21:29 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 10 Aug 2022 08:21:41 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-3976059/3976060
Cache-Control: private, max-age=86400
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 3976060
Expires: Sat, 31 Dec 2022 09:21:29 GMT

Redirect headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:29 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r4---sn-4g5ednds.c.2mdn.net/videoplayback/id/cf841da30618bb53/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3804568057/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/6B47EFBA9FCEF920E3783AE78EA1744651658826.52E81623F810BB567F922A8A883824B76F3111EA/key/cms1/cms_redirect/yes/mh/FW/mip/2a01:4a0:2b::7/mm/42/mn/sn-4g5ednds/ms/onc/mt/1672478119/mv/u/mvi/4/pl/43?cpn=R7lknflbYZG_HAZJ&file=file.mp4
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 669
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame F74A 41 KB
15 KB 13ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 14:16:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 241474
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Dec 2023 14:16:55 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 0B5E 1 KB
643 B 28ms
22ms Document
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 6806
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 31 Dec 2022 07:28:03 GMT
etag: 48472445140208031
expires: Sun, 01 Jan 2023 07:28:03 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame F74A 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2e98624ef62f40274f2f655227d44d7a44ccbda4fc7d80f121bf977631c75b9c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 sourcesanspro-400.css
static.criteo.net/design/googlefont/sourcesanspro/ Frame 6D5A 2 KB
854 B 20ms
19ms Stylesheet
text/css 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/sourcesanspro/sourcesanspro-400.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

edb79682e63246515260549ce35ef25b28017be72a0f1f7701eff54b6cc54f1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:29 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:17:04 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f1e0-8a8"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 26 Dec 2023 09:21:29 GMT

GET
H2 200 sourcesanspro-700.css
static.criteo.net/design/googlefont/sourcesanspro/ Frame 6D5A 2 KB
854 B 19ms
18ms Stylesheet
text/css 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/sourcesanspro/sourcesanspro-700.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

50d455c07f26ae94481e9cb2dd5129a6d0127a650d4e3609370d247b53e4f814

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:29 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:17:06 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f1e2-8a8"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 26 Dec 2023 09:21:29 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 6D5A 12 KB
6 KB 29ms
29ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:29 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 26 Dec 2023 09:21:29 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 6D5A 16 KB
16 KB 99ms
34ms Image
image/png 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=96&m=0&partner=8721&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F8721%2F151110%2Fb36c36e292dd46478a893899a4e21a5f_breuninger_de_all.png&v=3&w=596&s=PL9PlgJSg6iS1PHrAtgaT3xn

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

edd8294cb985348dbc46899b965bd2b60cbe5f360c7e751f96503f6f83684960

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:29 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=30737055
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 16557
expires: Fri, 22 Dec 2023 03:25:44 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 6D5A 4 KB
4 KB 100ms
35ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F435x596%2Ftradebyte%2F02%2Fmedia%2F2549%2F167509-62ebefcdcb7e6.jpg&v=3&w=400&s=_EPxwKcHEoJJIVX1e18mMdW5&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

41ea67e6a6dc723f1f4d267aeb1ea9283bb4a18190e39c1f59b78ee9a36c4184

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:28 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=14332
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3852
expires: Sat, 31 Dec 2022 13:20:22 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 6D5A 11 KB
11 KB 121ms
56ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F435x596%2Fcpro%2Fmedia%2Fimages%2Fproduct%2F22%2F11%2F100131700315000_0_1668763041288.jpg&v=3&w=400&s=sMLlpPvCOsdv22JfV5rCXXA9&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

9e8043dbd1c9027be9c64becf4df031b074c1d771463d5c4dfe2886017d48c0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:28 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=7536308
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 11118
expires: Tue, 28 Mar 2023 14:46:38 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 6D5A 7 KB
7 KB 100ms
36ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F435x596%2Fcpro%2Fmedia%2Fimages%2Fproduct%2F22%2F12%2F100137485816000_0_1670858322088.jpg&v=3&w=400&s=KjPLkV0AqparozZWOYNyffC8&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

d9f379fcf6ad94736b47c786d09381386d7ac4b52bda2b5e10710ee2097e946d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:28 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=6178726
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 6850
expires: Sun, 12 Mar 2023 21:40:15 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 6D5A 5 KB
6 KB 100ms
36ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F435x596%2Fcpro%2Fmedia%2Fimages%2Fproduct%2F22%2F8%2F100135834613000_0_1660902425555.jpg&v=3&w=400&s=m8nVhk0inCjqe4LqKFdxz85O&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

016e581f41313187d93d34e8aa3f57f75692e5184c4770bea78e75fd0b8342c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:29 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=6652133
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 5440
expires: Sat, 18 Mar 2023 09:10:23 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 6D5A 5 KB
6 KB 79ms
16ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F435x596%2Fcpro%2Fmedia%2Fimages%2Fproduct%2F22%2F5%2F100136191715000_0_1653524557497.jpg&v=3&w=400&s=n7oT6hcv0I2ndHqX1LZqfeG_&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

146fd5371c16ec55c85e9053c6a0c38acc5effe5ee9cae931f12e256d9441cf8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:29 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=7251524
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 5576
expires: Sat, 25 Mar 2023 07:40:14 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 6D5A 4 KB
4 KB 41ms
40ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F435x596%2Fcpro%2Fmedia%2Fimages%2Fproduct%2F22%2F7%2F100132042413000_0_1657278912491.jpg&v=3&w=400&s=ucZyxbPvuCY2svM32eUw8HiA&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

4d32aaa1913f4676a682cfa7ae75662bb811af61b0af3dd09705301e2eac65e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:29 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=6160885
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3856
expires: Sun, 12 Mar 2023 16:42:55 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 6D5A 4 KB
5 KB 40ms
40ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F435x596%2Fcpro%2Fmedia%2Fimages%2Fproduct%2F22%2F5%2F100089936817003_0_1651491267189.jpg&v=3&w=400&s=cYw35yvvOqFR_2Jsiusruhju&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

d43721799c131d5eba0cc1fc3ef6ff3a904d789278bc91c3db4ee7ed3f3be1e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:29 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=5985566
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 4564
expires: Fri, 10 Mar 2023 16:00:56 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 6D5A 4 KB
4 KB 41ms
40ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F435x596%2Fcpro%2Fmedia%2Fimages%2Fproduct%2F22%2F2%2F100131958119000_0_1644246446553.jpg&v=3&w=400&s=N0qciwtf_4xdVxS-JGhSqUNL&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ea2a0a80b745b1872b2f7357d9f763c212e53f30edd6f73ea6047e2da573dea6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:29 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=5174092
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 4172
expires: Wed, 01 Mar 2023 06:36:22 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 6D5A 3 KB
4 KB 40ms
40ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F435x596%2Fcpro%2Fmedia%2Fimages%2Fproduct%2F22%2F10%2F100139658716000_0_1666087111030.jpg&v=3&w=400&s=9WlF68u9VwHOLpXE724f0xEc&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e85cb7317986158017b6b403246da71023585babda1f7d239e983bdb47ebe5ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:29 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=6640201
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3488
expires: Sat, 18 Mar 2023 05:51:31 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 6D5A 0
128 B 88ms
21ms Ping
text/plain 2a02:2638::21
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=dlT2ZVtLgdakW4f9NPx-eCkxmRILeAC5_ENavHspU-z5xd1B8N9mgFqjxlF2VvBW8m61_jRAOpRyLZ9FUS7FcysrVkGWpBNwvLpvL438zrlBnv1ffc_75HAA4UFRGLdiH3HwmLNp94y5bjPGAnp4ZSHmaN8XEzh2qf89jg-MStmTvA-EO71mQeKyxGUSqOL4tTo5w9sXNJ9AnCU3emUfWHZ1WP5ZYy56n1AU8PpN4NCu1DmWx03QXqiBAsm1FG6mY7BHvQ&sds=2&rev=84145&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 31 Dec 2022 09:21:28 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 6D5A 2 KB
1 KB 14ms
13ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:29 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 26 Dec 2023 09:21:29 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 6D5A 2 KB
1 KB 24ms
24ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:29 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 26 Dec 2023 09:21:29 GMT

GET
H3 200 Responsive_listing.html Show response
tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/ Frame E1B4 4 KB
1 KB 18ms
16ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0f380fdee43a0103d5cd9bee42e3822ac60512f918a7ed2f805cdaefc5beadc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 83724
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 1157
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 30 Dec 2022 10:06:05 GMT
etag: 11900953634711111692
expires: Sat, 31 Dec 2022 10:06:05 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 48C0 0
0 56ms
54ms Fetch
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CMYHzGP-vY72uO8Ke-wbdiJmIDPGPupRu3N6j8J0Rye3a98QpEAEg0ZPDKmCVkpaCqAegAZfHi9MDyAEJqQIqrM9I-fWxPuACAKgDAcgDywSqBOkBT9BJ5ctKjKeOux3Epizyb5hhORjiaZ-lYp0qFAN3e0O5thyrNmfCLrwro4KabNorrsIKrPGwT3nZ1uDlmhpontWed2Ogp6UNAxzvHY3X58V-7SNS_cpIfy4OgwIlUeXcSguTc5k-OasjUbDrirFr0hycFnWDFoNl8GzR-_GbDSxgMQ62Zd4iyXtg0o1ZXHkzgnp8pK8c6-uQ4-xIzrYoLXQEblBxSbqXvaWmsmFTVXVYu-lAQOELAmMYhjOfnGd1zqYrna2MCApwS1p4HQZXO1oaq-qjr1FYQpWDFk37DTabTkMgZuJV6gXABO30jJzZA-AEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAf17sw6qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEEIKnWtIIEQiA4YAQEAEYHTICqgI6AoBAgAoDyAsB2BMM0BUBgBcBshceChwIABIUcHViLTQ0OTE2NTk0OTYzNzIxNzIY8eYT&sigh=e-Blwj3K1Zo&uach_m=[UACH]&cid=CAQSPADq26N9q_MG4HbXAKHa33U84Vy569wJQ_AyPVB7joS1PlDZ0qEYqruK4ruAhJ52ves3sYgeghxyO-4IghgBIBM&template_id=494
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 48C0 23 KB
9 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 19:29:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49892
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 Jan 2023 19:29:57 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 71B6 0
0 52ms
52ms Fetch
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C5hJqGP-vY76uO8Ke-wbdiJmIDMme0rFcvfGU93DAjbcBEAEgAGCVkpaCqAeCARdjYS1wdWItNDQ5MTY1OTQ5NjM3MjE3MsgBCakCKqzPSPn1sT7gAgCoAwGqBPoBT9AHB4UnzmThPEfU1IZmNNuR9svt2rAuGNBnfuEenU0Z-EpgFUEdHFymyJY3PcvxdLU3EcL7H54dUaP0KAycAuxsp1FT25x3SaTRkPtUd7xWYkEWqCvqtUL2sKMYizJs70tN4A66C7Aip6r8BGoSnIFyYm8Dql3oteel0Pmkv0aV7NLY4wmM9LfJOJ7xCJJ1l9P8LaqNnUYT01MGKxXFxRoF1dju6cS6I6SN-8OrkhEOMaW7ctmsDK4Jv8qgI_1IZv1S8kzKxSsrkRcTxVbHZ7RCAuWq23m563ZGYQ60SoQ7_MSX6ZP1QZKk6EJbBSaMVL-iAokFAfsXueAEAYAGsJqfnOuR9LezAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNDQ5MTY1OTQ5NjM3MjE3Mhjx5hM&sigh=H4UKVIhfh0c&uach_m=[UACH]&cid=CAQSPADq26N9q_MG4HbXAKHa33U84Vy569wJQ_AyPVB7joS1PlDZ0qEYqruK4ruAhJ52ves3sYgeghxyO-4IghgBIBM
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame 71B6 0
0 17ms
17ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=k7KVELr5RKwCkAOdg2ICAgAAAI9v_qchM8M6UwfGnGMh-yoQGP-vY4Od56OYs3x0UWIUABIAAA&wp=Y6__GAAO1z4K3s9CAAZEXUg38HQs0OXY5DzqZg

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:29 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 264315
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame EF39 129 KB
44 KB 101ms
100ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6__GAAO1z4K3s9CAAZEXUg38HQs0OXY5DzqZg&u=%7C6CeYpfQDiXVaHm158a8CwTuND7XEvu7ApyPT2Akn0jI%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T1Hl_UF-u9tNjiMRvUnnoE2Ymoy5pUNBeUsi2ZDBwRAuwFDisSmqbEy7w3S9SOUjABiSA5fKQMRz6lapYVz9jfjD0mUwOQBtsFJ3weSjHfPV1_NRwjrPuT5S7GziPGqbgitBOkc7-ZSPFGZcdDpMwZMBgXgaDsyJh5u9kIMLssrl6zHdehR_d0vsCM3LmosLk7L0J6FQJm4rX13SObm3mvpNCyDQ3rk3-hA3whxLyYPFSKK6nHQXxv9MQMX_8ip9YEktfl3nkF_e9IHNi5DVqbkmtdkff6ThaGSYwIOFk6sZGY75Xsroi7TblucdaF3slpHIUk89aAY-mM39b0gQP6OY3GN-OmhYgw4WOOpaCAyMj0fzhSx425WQ2eLAPQYj17w99Gcka8yTO_4I2A7gf27rmBcSefnDoVM6CsgKCsdYalUR9Vyv3i85LectRVWnWz2McgeV9zenun05oLb3x5oxbYkS-nN9pHVnGyFBX4S66URzbyCy6GfBK2sqJUESEqXAw2FmIWrhpBUmQDeAlT_1JFvr4jjM5Uh-_ybjR70V0GQrVbIl2tw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCx0WrGP-vY76uO8Ke-wbdiJmIDMme0rFcvfGU93DAjbcBEAEgAGCVkpaCqAeCARdjYS1wdWItNDQ5MTY1OTQ5NjM3MjE3MsgBCakCKqzPSPn1sT7gAgCoAwGqBP0BT9AHB4UnzmThPEfU1IZmNNuR9svt2rAuGNBnfuEenU0Z-EpgFUEdHFymyJY3PcvxdLU3EcL7H54dUaP0KAycAuxsp1FT25x3SaTRkPtUd7xWYkEWqCvqtUL2sKMYizJs70tN4A66C7Aip6r8BGoSnIFyYm8Dql3oteel0Pmkv0aV7NLY4wmM9LfJOJ7xCJJ1l9P8LaqNnUYT01MGKxXFxRoF1dju6cS6I6SN-8OrkhEOMaW7ctmsDK4Jv8qgI_1IZv1S8kzKxSsrkRcTxVbHZ7RCAuXo2VgrbPnacrEoXifrwWJv4If_95iK8MDvzRsqpgC8LpGAq38EBshscOAEAYAGsJqfnOuR9LezAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1t8geqCBwN_TSdWjEJrvCeJqaSWA%26client%3Dca-pub-4491659496372172%26adurl%3D

Requested by

Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

0a61eb86849dd5e6c29a08a4f3b1c75ef6ea24461e4f1a7daa623ee4c58badf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sat, 31 Dec 2022 09:21:29 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=AaXa81tLgdakW4f998arX7Mq6im5GTT-PciMA-t2bhIJAxPjH7M6NhDwNfSt8QrRFxQG-7gCxN_b5e3LhbSV5NJqUMghswPstSNlSFd11SV2TIuiBOU8nKY8CVDhltPXt3RcehF4-7JPV2kCizf88YFkm0trAJFwRKJAHdbCQmY5XLY4MgRYc6IeUFYylMouzfd2QW7oRg66UZT-vipn-9zXHgOzvqFU8s4p6IDQzVwHPDrLnZH586k3SZ_pnugzKLWukg"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 86721522
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 71B6 3 KB
1 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 19:29:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49892
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 Jan 2023 19:29:57 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 380C 1 KB
643 B 47ms
22ms Document
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 6806
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 31 Dec 2022 07:28:03 GMT
etag: 48472445140208031
expires: Sun, 01 Jan 2023 07:28:03 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 71B6 18 KB
7 KB 20ms
18ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 11:30:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78630
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 Jan 2023 11:30:59 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 71B6 0
0 41ms
40ms Image
text/html 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS6OHx7JgZLWemj9a2kJHfCngfcSrLfL-AcsY9Il66HLz-DyELlwOn-bloKMRuRvNcv4AGZS5NLwUgifmayHmyJ9_7DnQ
Requested by: Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 71B6 24 KB
6 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 24 Dec 2022 15:15:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 583575
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 24 Dec 2023 15:15:14 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 71B6 153 KB
47 KB 65ms
64ms Script
text/javascript 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 31 Dec 2022 09:21:29 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 4FA4 624 B
242 B 76ms
53ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNVhvo0UwYd_1iIDcKlsVqgCBf98N6cGtKLY6mVNSqEoX4rB4P7KIzNnopkfDWlwokX7PV09ompvC1DM7WxR0OpKZb6E1Z-iLsBjezDDvA_GBBn9fPxkjjl6lVeXfoOtyzlIHj6VoeAaC9AOUBtj4p-WRZl7d0kxAaY9z4e7XuUIzfyFakA

Requested by

Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 31 Dec 2022 09:21:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 7764 91 KB
36 KB 80ms
63ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BHnd83SYbCp0935BEsO1leh427h93s9vR-loEhITISBr-foRk50rW8ve5door1AbMQd676kvDjd6iAypcM8_R5HuBUNPZRSeDc56HLWFrKACOqYocJKQfpKNqtWEdhP72f_jxF_WmBYoC_nzRZP32m7VbpBdLPNqXcanAiDJOJn8eWZqw&dbm_d=AKAmf-DckH5HZf55fRzF6xea1gGjAGyq3m9KINUVBPpPiZy4T5PNbfeTIZ-5HYno74cXCGGVUiXNlnKvoOwg3kjvGJBsFA2sVeNOtr1StiqYGhyKLE5hJgbibnzPBBH17TfhKSE3QvmBTVZUXXb1c06nayU-EbAhO19mRCD0UuPFKokgGOKSe0L59XhQF53OGJRxSXOfLhcFucvlJ-K2FiWgykBzMPWApiWG0eT44GBWCR1yKANVFo23lzW3UC8tgrhH6EMcQptQ6BSm7YkYRSmkjbbaYugHwq0TvlZVDfPwbGhHcewABgGyS0mlBzFwu7x5tXnnFH44L-oWvgbVNS7pcVeP3IuzDrALCqm2eNoBoE0AapJiX0ijvrmsQi_c8SudxH-OQIO-5LGSOGaalAwpgZ7ntmUklc8nUGv_ifdL7bXnyQ7pelI5eaVbajt7EoHnkMelSioCOUfdxLXHj51LoOORa9oWfyfYd7rLzwXjuexbG3PzeiueDfuk4oucTZkZxQxr2cCUjJk7tgFaJ0wy_qKKkY9bt_IFT8NE7N7N18w1ITCFyGWHsI74Wy0M9vZjx1fr496JPzbNsv_iPVzikkcEtIUnMYEuENFlTAmBomQ2HrGR_R9Tbh7t3zOR7ncI63Qv7afk7dX4Kpn-xthNxtvFbuc98JlBAlzVylQ8K8d_zfJqBhfOu2NLGKoBGUftQVPJYZL5V7bVERKSu3jf2CKUVwrzYWdSZqDX5jy-x1zuJVStNB0tz0YmYfnmXoktQYf_j8Y8YiCMWCb1kXmc0wF5p3KG6ZRKNJZExSVkThQC4E0nuxhQJx7Er8TvQUrZBawQVDznCcLPFIc7r48UhNbT8I5lDNbZjkIg9EnISRR-ZUmYbpFIIfPxanX25ev2ZIaQBwkxNYjps9H9Xzlfk0IO_aHdSjaA0fDzymxw0371N4Lty6qombJoUHrmenkjKIar04WIRFOCkib8qDUcd3jKryAK-GQlJgbYaP8sWyEYIpdsaOxIXMWHTvCbxUXZZycIFMfGjLlzSnJuYr_kMCqayTejIBzQvbVHwLnoZa3gMNsNgmpfPPAoTFeRTGu34544oHuX9BG3qPxjHXQpbISFO3_MMJi9V4ZkGj2fTatK-Rv9iDcUhl1Y3v9uaMr48TQPW0EGNSmTm1ID6uigM4pA9uH4eh5q38eIGYW_UL8t7cTCHEYs-3_yGuVeI11OeX2aw7oM8YuCm6-Gyz0X5H-WCnekXkKZ6tFXSt_hROB8UqolUoeRBkmFH23Yjn3es-sMBHjIVHrdK4hlaXj_Ivmag59PSueepJpMx1u6WeawhPFk0RtoJlHP8aKwRIaVlcoHi-raV73gHbdCPM0fFCGswSYF05S6AhLMAy3CTUBlT01RlC6VlJN9RpfaBMx0XdzGnyzkWQlCKP_leEd1kIfTO599ekGekZopNc5LS1YnqI04_k-OENGd6fovUSGxju453m819ameEhpyh7zIx1M8xMfYHFnA7CGqcf5q9WzFF-Coxpv0cfKRUQcldCayC2LI2S3e9Zm_Z7_YRZNSOvxvfo2iPbyJsL_Gv9kxze3vhvXaAjAYD9PX9WiXtn4LJQJs8MeyLzO2iz-8P_hLJZdsXp0dkrs4T3i-_sSSpnGpy7nYT7sJ-86fKA3gbJxK0ZWQhVLv6Wlr5GXw9E3Qat-GZEmCl-9XOKzLdopZglXmacBixYYfki5RC9CJuwRQ0wpZy6ihzKsP6LDhQtNlKg9GvTGIC6cEFYo7GWwmdcMn31GmD8QunmFwkGR2PYoyZVTs3wzwdmsi89Cck2pQxzL1_Ku3Mz4HKOLLe_xHkMjQJTeai3f3QwYG9mAoRAKpWttzTdDyGRxZzp-dIA1elBd2GcHG3R-GwAHYbyIHrjNVpqTgKH-Dm2Hn43paDO9fYENOtfGM43iNzo62ixLf5xhMjCcUocZ7T06I-lEl5gtGCM6jw2wlKJKT6pNc1zcYVRNGSlzAXGSPbYtx3IFsFVxh-FUAgNdiIiiRcUl-IJi7VLsZOYY0lRjq8fIpJAzfrJZQ8iGOwGl9vUXvbToq2clb8uPxbQCSqg5HL35VQ1JE6jckG48EsKN_LR_w9nM2lZ6TE3pHBMmJekxoym_raMoqsGA0hurF24cFf4CZBQKnTQNooR4F-F5LVTbnehTOIjvkSpTCF5gB417bULKSQ8h6E8I25O-KGGtCay8Bx5EhpbLoh2RfmXzC_TSspv2XDgUEzMThkb_sHe1ZFME997t6enS_5CRttMzZwpH0oZa8URl4xpngasPBCJyhfiYlcMe_9YnBFGHnqsJtrThGO6uxUYY8D16G8gVaalaET7oeCCMsYDul3B2aSafv_V0yo-ojgqpANfhFvImNP_Jhvzv9I5ue8STz-DOtMtEeAAHINJCoZdalayABRA92J-2JpgAUnD8fuifPUypOnB_fAiVot5vduha3jEaZ56Re9Ew6NR7bgHT2bYpnrNsWtjlJNkCjki2mPfzpgCe3414SbQKhp2NgTgvY8y0norTEpxTgoHaTtnVIwq-oQqlqfANGIXMTRdo5-b5FzoBdh4ZZrYwfzRNE6o3Gtf0IFG6pE4oM27clfptdxQxXff25xjFBtu_xKBkIq_37cvIaHs1YJUrpETQzEQGlX71d5OBVOxCmXJSicVVwyjRa0iH12EsQX3ySzLP913ZLjlU4bLzigiPpo9XZAMXz3pjdlLCnezf5NOAgOlhj4g5GzNx3zV2iNreOcj3j64awUpzbJ-EVd9ZiNShS7J5iOjrOL7NuQgGCEiPI2Ben6NIeyh2cvHlY3N7d0GLLKRfEWvYeHWGo3pSr-VF2GjbM9VyI1B-7s_k-8Z7Y5Yv2hz1TNTqIKbR4y7k-sNN8ODIcmzvjZFkpuhsACLg1yLPooLvAPooy28nNMRVBlmCMDyZ6qVvP8C3xJVU_JX_ljV7jVklk6nGKnKcZ3FPJgsC6721Bv7NS4ZaDhT0KvAexHDVDZTGj0QlIYmTudyVr1AmGeNoC_ZIaOl3YTz1m1OEXJhFj5i53-UzZqYNFRoc2WmhhZxK_Wk__qcfvmk4TPNY1KOlEx0CuGTErtoGt0W4Wfw_syUTIV0hWqhQpROknSOtbrFEN4HN22dWzXzOwYXWDNiT9ACXRkeT7TYJNBro8RPn8KSZe8-jiM32BWRdI2WVFFtUY0uq3ZzsWZZm24Ex6_YaFat73HDEeoKRMc3Xc7OwDI1vl2Xfky6228ZodDxoAaC5ieKAXf_rCm9nQfmkKjMZfT2OZY6dbFZAHZEITOw7Bvt9_oT5wlOjNPRL9sXsnJbe-8bhJKZNpEQ6Tk65Uy84ADifmaPUH6qzgoA2d1OIDho_4b1WfAzGia3LTNIDdGT4o_6Q-1Uf7SWb1Gpbm0w7_yAK8F9cdxnk5aFLSkoVaGHZhkRTO73S_K4MzqSy477lfgrUeWicN6100iKyClhY5XVB1xfUNpW1T-lH3Dexmyp4Mga44KRjUWjvhHlUdY4KMQWa89igZ_74L2c4tGgMfePp1FwzGDQB5T3OFinxnd7rZZS8nEkpcYNoHVLG8NbrpT5OQhIuY4rVO&cid=CAQSPADq26N9q_MG4HbXAKHa33U84Vy569wJQ_AyPVB7joS1PlDZ0qEYqruK4ruAhJ52ves3sYgeghxyO-4IghgBIBM&rfl=1%2Chttps%253A%252F%252Fwww.walla.co.il%252F%240

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f4833c04a8ea9d01a962b4ed03a112c2131a7d7f7dbb2edba413f733ffb03ebf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37021
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7764 42 B
63 B 80ms
63ms Image
image/gif 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CHCbqLe_HuHI6dJGfGD9tQ0wU8wQgTcBMc6kfhaoy3bzX9NJdHs1-NOyLmtqGLZfqSGPQDiDv8FoeQ4hGwp_EIk0oCB3hRhpKgpGmuzHPbnY2j0AA

Requested by

Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 7764 3 KB
1 KB 26ms
9ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 19:29:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49892
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 Jan 2023 19:29:57 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 7764 18 KB
7 KB 26ms
9ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 11:30:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78630
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 Jan 2023 11:30:59 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 7764 0
0 61ms
44ms Image
text/html 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS0xZE_GnModowUFbDG81KwuZlERB-SxmAAOaIBCZ-6Z0bFqHKZga_R1Q4TqOqXYzq-3qnQ3bXk4Hr1wAlB3HG3APjY2g
Requested by: Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7764 153 KB
47 KB 155ms
138ms Script
text/javascript 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 31 Dec 2022 09:21:29 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 83EE 624 B
242 B 75ms
54ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNV_IYJDAereZuGqmydxxMT_oReB5AubWotlfcjGn6KGssFW5VdCT4ibPSUJjRcVMgMEtKuqGIXOtqmbB58f56j7JUomIDfzt8FW0Kdzhg8ZV4tFiHn5vPcqAO6xiacoIbbL_iMQSXL1p5VNFXPFNmF9uW-O7e5RKh61si8cyX0YY2JW-ZA

Requested by

Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 31 Dec 2022 09:21:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 2F1A 91 KB
36 KB 84ms
67ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CflAbL0qCJSFIhhFyX1_Gl6dJ9wCKnUgdAC1YbhZW8aTzwcNtUyR8MdVTeHt-M6_dtXOaLzWHcTQkCGY_kYP4DWosY310hAUJCOCgFDFoR-qRvVy8XsFFuNGOYdJekcnLdkUfP_dvunsNY_7QM-zPgstwEEBDHykQRF0AFcA4ekuvjFxM&dbm_d=AKAmf-BhElzGXOWGjElvpAt4qF92E_XupBrFXbG5In-Zaa3hUqbTKWS-GGSzMr9k_N7oFHYNtENTNhV1ooiT27yg1oQhAUst2WjVJ1WJO0zQjHV2Z5UhSslyEgHZa5evRKJrta-bx1T5uUd0heVb2RkSMUldX1HhvNT3YBURMWjONvrBLQVu_LOVLc18u8gbij2o4ZXxqGhz_jFXS7SX31Ump8se2i-ijWgp-nD1scBlmaK0hE1vrnm9EyMEKYYnPzxC1a5vi2lEF_W-SlS-_fm9iw0FDJD1llsInkeaq0bEKZ94Dshu4CNAODs7qRa1XwC93tND156VrT9PGuLs7uSfTUhB6PPZKIVkOUHI9NVsAKGg3KBE0AGyVkyyNu5XHGIYNT2d8gkXPMlk75SS9hDy3BrAEjm0KxCGibtXW97Z9UC3s_Wi4JKQPbulCIwv1nZfC-GPq2qLHRDXoi6xMDqe3QgqcFWwUCzxHPKUzOyFaplPeLJRa_cWHZsiMajkxiJTv_91HBx4ZLBDSaSAstbgolmKuvJvHf5fbHn_rKvwTwRtujivI-kMhaU79O_rmDqwqDgfZ5w_DYDvS_4ZqSsxFgLa2GKt9I4R5an_XDqutVheiiqNiXJV4bwpaQSGp6pB9B5n4qndDWVLHAWC1M6xNZ6MWNgiVrdno2n7ZDvL5stN8WwfT8VWkz7RCCNA15VnwJgACj44pJquOVMLxT9blMhOwbRiUz2Fhqawql-TJPHDhHFgUPX_IkWwLgGnSq2I-1_bmT92HdUO0XsrPvYbmms1DUY46CA6VaBWM05GVuID5W-oddhn6r749HFVXa282uK1ZuDLK67VVAPDTqZrIGxBaoT1tnytJe7t-Xh0XH74qnK_fsGn9U9jglLKwfQnT_MvmwlNsiAM_x3JkZZ4-j3N5QuSFnz66ePIhzq1aHbSMOyPXylmU6PcsIxqHZlKlfS-HT51Bjqk1THbDOzsiQJe_c5dNw73qzLVFp-c8xsgkmnx8jq83kMzbo6xSuSyvRyoF9_7BiH0iswAOD-NTvyB__V1CB9IgwYiCj9kIwRWPftams06pBsUD7ALuuLQI82AssXXgvhWatCnkoiu4bj2By0rNwMUAYCSLmdAPj-ZUxdmRqAiZJOnm2fz6OcFWZkHHzB2SKC6Bokz3ulM_V9X5HXIk1K59ICn8dxzyCcTDh5XAM-XBqtGJS44giZHEQvNZqqSBQYNrfX1M7ofdGY7BsCt11rdTkFT5DM37Upccp73qjfAXJwc8pGE3PM92EH-pzs7ADRf02bWP4rJ-Kr_IRiQ6CsZKtciqwM1i4luY952wbSIuJIxyVAfBUeOYX2UvFYm-uuO-UNVCe_dnNGRGhGVyQQfuf_A-4eSs_9nSR0_7BGd1zLsaDn0MLtyor8afuRTFqW3pvTFbMWJ-VjbNJu8_XGbSdoIQ4LJ9-gW7KDQvMJ6tl0Z8GIb5h-YH_fU16YxZSljxtIwvGL6DkESWrUqRwPjn6mw2nnZr8PWodU4hs7O9Mcc74IyWbE4dQDVK7nRBXT9btQ48YDW9sSNQydeHO8mJa62PKZEBt6FuGzn-ZQmZYiEJ61l5SADfsxCp5Ai2cHXsqlyaHl7mux3P7uufv03NWan3E2NGurV13h-Kzo2dieGUMKrSlqbyZclMB-wT6L1r4ov2wAKvmOk6L2HSZO-NB0ipvra1fHNEE48wEtYk1jWzNrr_3o4XMaG-q5YPhRFVaSjmu5QaN8gqa_Ix7Zk0rn5i5xvsBv0RNNvFzyFCcTBBQy5ET9napNjA8kDjWuBJMgrwLgoAwC1HerGSB-CvRg5aImNcIuLhqE_KsuLo7vnEF78Q_DbF84rz_kNl7QDu4pvNsN78fP9HxoNSeOhsw2ciKctfzY_6b5DHAuEjKiyv3kj1TcbsusOOKDXG7KQ16vg7lN_WsrkNuOIt7gVty3uA-YANG2bqFPRXT4MAmFuqiEwnh7hEwdJEN1f0rfOJfC9JE3jOQTOJtNaGVS_o1Tdf7Ressad4Aqbmm_ltOE4Hl5gaA2_DOkBAi3fAG5DBrwY_Ai_YFqxyl3AEzvYrb3nshIKhElDOZaSeleiVcZBLDZBzduBDy8sM-MToOouLGA3u-BUKY2KbLF5jhz5-lbNAIZhdYMJcL1TIRCyLG44qKuLaV1msT7C7nT-IRsApuH_ibupzHkLnckK0UphKUxmnFPOCaoj94eTCf_vcnbyZdBZqjlBGLETrXSoQbOY5EWZV5kHdYsy5mNNlacg2Yv0VAjoYlQ-lndmSLkfPcIJKOREWLGj7EZSOs0Ga68qw7Ct5MyavzEZ79Rjd6zWxo9VEE124j0f7NLlcrXoKUpwaMaj3r2vvMLTOYxTvNtbiPVBCY-3hZK74TSEJy89bBJdpir8JCd7f0kgxrotKxuR7djukq40xvf6oqirtZNwgksUsdjLKxUDmdGy2W7UXmjaBUfH4VNVpe_j1L2i4ezUaftS4eMx8hbhuJ-dSvinSzcS6fsliE_OvpT7jbZb92S5mIIpwq8_Bw2p49qjkZw6PyEOkNDJcyBfoVJyPbEGVvAlfyHqC_VXX0EPpsbGgU2_y-tlMp9jVWjcauMfcdDYzQTQ65hjvjzIWXitOTO-G6taGRZBp31P3TfcNl2cEnNgQrcaYNFreW6TK5GtYuSjWTXw-zxQAzSITuRKbLkLpP1Yly08rhFcsa3oWWNAXCo0uVsUy5ucCrB7cErjM_mWrDBFPS5n_r_1-Kbr_Dp9NybRiaJyNmxRjSDg0-p-f9_pIKOsgLC_E3HXCXW9shsNAmGqudPMzQXP1UWvSnF7g2q6GA4gcF6B8n8IG2mgWFq93quUTajR4OC77rIUbtzfK9EMfIJUm6oeeeXD_bAlBmh-OyuoqUvHkInAMySuA8dUonpjBXgvqnwhkk2m4A6w9SmSh8dLhKN1-pc77Xc8TKMToI4TTGj-JVI1RbyJSXdc9hi-LacqOIuqN3kHeZHxGwqXujoVgKXHzHvr2gnJDdwsWNICS96VHEZS-jwt4wtvMf9k2d_r7K-OWmNphezh_N-xATC_ljBr2kqT6RyPEbbAD2XZ7kETLf5jneX3-V_5j-zIDa3J1bgzdsZy-kiwstMnjk5N4QtJWIbESbrmj_8NXCi5QvXTCrV58sdsyH9hOCkYH7fYJ37NjDJpMerQ6mdWrIlIqRZ9kMIRmpMxC-QYcXEGHgN1hs2eGsXQQtLmm_V6gdNuWX6I7q1_FEBsatkA1ni4BK0JP5dPB5Cn-nMNLwuFAvR4eWoA93LefgeGMIRRfxDM3AVmKxV_luD0RwVPJc9tyBxiyqDWqmkpHHo85upmsaks6a-jiJ2HuNoo__-Qpf5jmFzE99YKDZBKMBTLYEQLKthjBs-dWxzHpu_KVlgEbx6V5-DgjSLiQNH6ESN1o45P5sBEmO4&cid=CAQSPADq26N9q_MG4HbXAKHa33U84Vy569wJQ_AyPVB7joS1PlDZ0qEYqruK4ruAhJ52ves3sYgeghxyO-4IghgBIBM&rfl=1%2Chttps%253A%252F%252Fwww.walla.co.il%252F%240

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ae9a0e15ad2874595c794eb20de48f03b764f178851c6cde860866b4840fdca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37069
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2F1A 42 B
63 B 79ms
61ms Image
image/gif 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AtAcPAhFWJw79WCwqcl602sCS1gtpUE5agn_2deR0V15TElVetdGZTq03JPK55i_ooP1WrK8sZ_Ztl1Tnby3_SQ0hCCZRCMJpAk836UGLCTScAyo8

Requested by

Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 2F1A 3 KB
1 KB 25ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 19:29:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49892
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 Jan 2023 19:29:57 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 2F1A 18 KB
7 KB 25ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 11:30:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78630
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 Jan 2023 11:30:59 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 2F1A 0
0 60ms
43ms Image
text/html 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ6eNvNyTkF2mJiXJhM23TxsD2s0dWvVX7obUpI3L7V-vEt_LLovzTI2MS7bcg7ysuE_qEQEfGwMT0qOf0_5_dDz9VmgQ
Requested by: Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2F1A 153 KB
47 KB 155ms
139ms Script
text/javascript 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 31 Dec 2022 09:21:29 GMT

GET
H3 200 createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 83C1 186 KB
48 KB 72ms
61ms Script
text/javascript 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4278290951424718962/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4278290951424718962/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49100
x-xss-protection: 0
last-modified: Wed, 16 Mar 2016 13:51:35 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 31 Dec 2022 09:21:29 GMT

GET
H3 200 4251983_FP_Sommer_2023_Ver-B_728x90_DE.js Show response
s0.2mdn.net/sadbundle/4278290951424718962/ Frame 83C1 48 KB
11 KB 31ms
20ms Script
application/x-javascript 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4278290951424718962/4251983_FP_Sommer_2023_Ver-B_728x90_DE.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4278290951424718962/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1d498ffc7da424afbf48d321ddacb7adc20a4e4c5e94545fd1da5ff73196b09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4278290951424718962/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 25 Dec 2022 23:38:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 467002
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10873
x-xss-protection: 0
last-modified: Thu, 22 Dec 2022 12:57:36 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 25 Dec 2023 23:38:07 GMT

GET
H2 200 ob_logo_67x12.png
widgets.outbrain.com/images/widgetIcons/ 2 KB
3 KB 11ms
8ms Image
image/png 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/ob_logo_67x12.png
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:29 GMT
last-modified: Mon, 12 Sep 2022 07:37:47 GMT
server: AkamaiNetStorage
etag: "c52b07e749f7a09fa7b97b7e195e06ce:1662969049.940408"
access-control-allow-methods: GET,POST
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2326
expires: Mon, 30 Jan 2023 09:21:29 GMT

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 4 B
332 B 87ms
87ms Fetch
text/plain 70.42.32.191
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=70b9ce2faa78f9abe93b88461d5c6aa0_1769_1672478489387&tm=1779&eT=0&widgetWidth=864&widgetHeight=259&widgetX=536&widgetY=5269&wRV=201010&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=586&oo=true&lo=568&odbreq=2349&odbres=2934&mvreq=2349&mvres=2934&cet=4g&to=1672478486811&umv=1&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.191 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 31 Dec 2022 09:21:29 GMT
Access-Control-Expose-Headers: content-range
X-TraceId: f4c66d08fc98352b085cecdec8576aa8
Content-Length: 4
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: text/plain; charset=UTF-8

GET
H2 200 get Show response
mv.outbrain.com/Multivac/api/ 138 KB
34 KB 1107ms
1107ms Script
text/javascript 199.232.18.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fwww.walla.co.il%2F&idx=3&rand=60842&key=NANOWDGT01&widgetJSId=HPC&va=true&et=true&format=html&t=YzM1ZGI1YzMwMDZlYmQwYzRjMDdiMWRjNDZmNDFhMTM=&adblck=false&abwl=false&px=537&py=12287&vpd=11087&cw=863&activeTab=true&darkMode=false&ab=0&wl=0&umv=1&settings=true&recs=true&version=201010&sig=gBsVzksV&apv=false&&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fwww.walla.co.il%2F
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.18.132 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 19b39bc58a3ddd95aa40b2140230e0d6869167476a33c49ac13ba8e7dd983355

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-cache-hits: 0, 0
date: Sat, 31 Dec 2022 09:21:30 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, VIE, Europe1
x-timer: S1672478490.760952,VS0,VE1091
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-served-by: cache-lga21944-LGA, cache-vie6379-VIE
x-traceid: f41acd6300365c2425ef13490bfa9079
accept-ranges: bytes
content-length: 34269
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 Configurable_01_122.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame E1B4 74 KB
26 KB 15ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Configurable_01_122.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ef7e00750f06efee8a0074f2984b78a62c1a0f8cb971f01197532d57a78a836

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 09:50:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84646
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26222
x-xss-protection: 0
server: cafe
etag: 15511454539072389427
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 31 Dec 2022 09:50:43 GMT

GET
H3 200 Responsive_listing.js Show response
tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/ Frame E1B4 199 KB
68 KB 20ms
13ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a96924ddd5fb2ea84242905ab60d5ba262bb28e91fd6f097a077db0a63728dec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 08:28:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3171
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69148
x-xss-protection: 0
server: cafe
etag: 5199203132765013944
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 01 Jan 2023 08:28:38 GMT

GET
H3 200 Responsive_listing.css
tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/ Frame E1B4 11 KB
2 KB 17ms
10ms Stylesheet
text/css 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.css

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c2b09643e58ded9316fb73dfab3ffca42772599008066cf599bfc7fb40766c1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 17:13:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58051
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1758
x-xss-protection: 0
server: cafe
etag: 15825927903621683888
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 31 Dec 2022 17:13:58 GMT

GET
H2 200 decode_consent.js Show response
static.smilewanted.com/js/decode_consent/ 48 KB
12 KB 37ms
18ms Script
application/javascript 104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.smilewanted.com/js/decode_consent/decode_consent.js

Requested by

Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 3086274
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Thu, 15 Apr 2021 17:11:55 GMT
server: cloudflare
etag: W/"607873db-c1ce"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7821f201681c927d-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 743A 0
17 B 46ms
28ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lcbqidkt&c=1201159005279&slotId=600579502639.5&qqid=CP625PHDo_wCFZP2EQgdANwMUg&fb=ima_html5-lima&sdkv=h.3.549.0&ppt=videojs-ima&ppv=1.11.0&mrd=4&aab=1&itv=1&gpm_i=11&gpm_c=11&gpm_a=10&smb=1000&br=864&mt=video%2Fmp4&vs=640x360&webm=0&vp9=0&vamt=application%2Fx-mpegurl%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:29 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 83EF 22 KB
8 KB 9ms
8ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 241474
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 28 Dec 2022 14:16:55 GMT
expires: Thu, 28 Dec 2023 14:16:55 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 0B5E
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEAWeuTem0gSDTumcaxvsVA4&google_cver=1&google_push=AavPq0P5jtCcEa58sx8OR89cq4_aYikO63o472dX9Sc2xa2wIAKWeOrXmVXxWYhfmVfsb1nPOJ6Xq6lKauGKR5I7m9YhVjv7-_LD
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjcwODA0MzEzMzIxODU4MDc1Mw==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEOw1FjtaC3UOM6ufysdi8Kg&google_cver=1

43 B
398 B

21ms
21ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEOw1FjtaC3UOM6ufysdi8Kg&google_cver=1
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 31 Dec 2022 09:21:29 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:29 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEOw1FjtaC3UOM6ufysdi8Kg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0B5E
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEA9JskbDPSbG7i-D-7nse2s&google_cver=1&google_push=AavPq0NWBkUp4sXE5fux0MlUW3HRuPqpxawuDq3eqkkvoVJqKNqfqFexuSmAdwCJtGmZp2sl7-xUk-GJScT7L6mue7oCNi4LTF4
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E7A2B62F53D146028BC9E6C1F559061C&google_push=AavPq0NWBkUp4sXE5fux0MlUW3HRuPqpxawuDq3eqkkvoVJqKNqfqFexuSmAdwCJtGmZp2sl7-xUk-GJScT7L6m...

170 B
188 B

44ms
43ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E7A2B62F53D146028BC9E6C1F559061C&google_push=AavPq0NWBkUp4sXE5fux0MlUW3HRuPqpxawuDq3eqkkvoVJqKNqfqFexuSmAdwCJtGmZp2sl7-xUk-GJScT7L6mue7oCNi4LTF4

Requested by

Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 31 Dec 2022 09:21:29 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E7A2B62F53D146028BC9E6C1F559061C&google_push=AavPq0NWBkUp4sXE5fux0MlUW3HRuPqpxawuDq3eqkkvoVJqKNqfqFexuSmAdwCJtGmZp2sl7-xUk-GJScT7L6mue7oCNi4LTF4
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 30 Dec 2022 09:21:29 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 0B5E 0
174 B 106ms
27ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEOirV1dxa41kRhWQPrzG628&google_cver=1&google_push=AavPq0Pg-O0VJTEl9nYiDQx0annLEiSFW636wtxSjUGaBN3ksmcPRiONxYcMZnflgMkg2Gcf-xFnhWbPXL-4-xUJ2DuFCFj6bCtN
Requested by: Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:29 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0B5E
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESED3knne6YluPHHPPb7ZbXrU&google_cver=1&google_push=AavPq0N-OdqNQNBmoyzGUTqQFhe4yONQsNDS-CrHmJT9_RZcCst4EWPUh_qLA4tLeWe4idKQMoaZELxxo86-XyQilcZO...
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=f77c74e6-1d71-4f99-9882-c848f64a9683&ssp=google
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0N-OdqNQNBmoyzGUTqQFhe4yONQsNDS-CrHmJT9_RZcCst4EWPUh_qLA4tLeWe4idKQMoaZELxxo86-XyQilcZOuUn0CcIN&google_hm=DxBa-yCSQrSjJowYLnwm1w==

170 B
188 B

45ms
45ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0N-OdqNQNBmoyzGUTqQFhe4yONQsNDS-CrHmJT9_RZcCst4EWPUh_qLA4tLeWe4idKQMoaZELxxo86-XyQilcZOuUn0CcIN&google_hm=DxBa-yCSQrSjJowYLnwm1w==

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AavPq0N-OdqNQNBmoyzGUTqQFhe4yONQsNDS-CrHmJT9_RZcCst4EWPUh_qLA4tLeWe4idKQMoaZELxxo86-XyQilcZOuUn0CcIN&google_hm=DxBa-yCSQrSjJowYLnwm1w==
date: Sat, 31 Dec 2022 09:21:30 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0B5E
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHOV_y6wakBZm4zSogVorL8&google_cver=1&google_push=AavPq0OuDTCIIRSzLw4A_7VQHmf5xajB4o8mJy2nyCQ7PR51ZJYnLCrvpQhMajGKoiPHYwvg4du5QUsF...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTE3NzMyMjIyMjU1NTkxNDY1NA&google_push=AavPq0OuDTCIIRSzLw4A_7VQHmf5xajB4o8mJy2nyCQ7PR51ZJYnLCrvpQhMajGKoiPHYwvg4du5QU...

170 B
188 B

90ms
89ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTE3NzMyMjIyMjU1NTkxNDY1NA&google_push=AavPq0OuDTCIIRSzLw4A_7VQHmf5xajB4o8mJy2nyCQ7PR51ZJYnLCrvpQhMajGKoiPHYwvg4du5QUsFhHpA7FR8AAy1vymSaMqW

Requested by

Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTE3NzMyMjIyMjU1NTkxNDY1NA&google_push=AavPq0OuDTCIIRSzLw4A_7VQHmf5xajB4o8mJy2nyCQ7PR51ZJYnLCrvpQhMajGKoiPHYwvg4du5QUsFhHpA7FR8AAy1vymSaMqW
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame 0B5E 0
75 B 214ms
21ms Image
text/plain 185.86.137.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEPAKyGR2Pl1HzEwa5DDNQ24&google_cver=1&google_push=AavPq0PUzWRZJ9dC7WUSLIUG6nmJIWiUU_oRmejyJ2EKvlrYU_M8TgvN-lkaYb4ehfMqIalkVX_z2XuykBdiIqx3vRKdu8Jm0oE
Requested by: Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:29 GMT
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0B5E
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEC5FKZut4iTpSV4HWLC_J0I&google_cver=1&google_push=AavPq0PMbUoXKmrvYK9orzoltrsNYge4Xj95rGDCI1j9FfA7R2S5qq-iTNXl-tks-u8MzItgDs...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1HcmZHZ0JwRTJ1Ry50X3JXZ09taEl2Sld6bGRvUkJuX35B&google_push=AavPq0PMbUoXKmrvYK9orzoltrsNYge4Xj95rGDCI1j9FfA7R2S5qq-iT...

170 B
188 B

60ms
56ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1HcmZHZ0JwRTJ1Ry50X3JXZ09taEl2Sld6bGRvUkJuX35B&google_push=AavPq0PMbUoXKmrvYK9orzoltrsNYge4Xj95rGDCI1j9FfA7R2S5qq-iTNXl-tks-u8MzItgDsoK9cIL8WmuB4ig-CqKjw2CL7_5

Requested by

Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1HcmZHZ0JwRTJ1Ry50X3JXZ09taEl2Sld6bGRvUkJuX35B&google_push=AavPq0PMbUoXKmrvYK9orzoltrsNYge4Xj95rGDCI1j9FfA7R2S5qq-iTNXl-tks-u8MzItgDsoK9cIL8WmuB4ig-CqKjw2CL7_5
date: Sat, 31 Dec 2022 09:21:29 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 0B5E 0
12 B 45ms
44ms Image
text/html 142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K0F6HD8q-OU9RwagZSfPTkDY_Z07vH85URHivyulV1080rgRPrJvULJaax4ODVyPVRzN7sIg

Requested by

Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:29 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 sourcesanspro-400-latin.woff2
static.criteo.net/design/googlefont/sourcesanspro/ Frame 6D5A 13 KB
13 KB 86ms
39ms Font
application/octet-stream 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/sourcesanspro/sourcesanspro-400-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/sourcesanspro/sourcesanspro-400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

d51105af85114f8e1637892f3971892eeaff4acb5d8ce2cbeb0eae526c1a1372

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/sourcesanspro/sourcesanspro-400.css
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:29 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:17:03 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f1df-32ec"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 26 Dec 2023 09:21:29 GMT

GET
H2 200 sourcesanspro-700-latin.woff2
static.criteo.net/design/googlefont/sourcesanspro/ Frame 6D5A 13 KB
13 KB 85ms
40ms Font
application/octet-stream 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/sourcesanspro/sourcesanspro-700-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/sourcesanspro/sourcesanspro-700.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

43e7c5032ef551716251cd76d2d271ff8a66bda855fbf366d176e1629f33f8e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/sourcesanspro/sourcesanspro-700.css
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:29 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:17:05 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f1e1-327c"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 26 Dec 2023 09:21:29 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 4FA4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFN3SBMHXy1Go1cRphCLJsY&google_cver=1

43 B
766 B

17ms
14ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFN3SBMHXy1Go1cRphCLJsY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNVhvo0UwYd_1iIDcKlsVqgCBf98N6cGtKLY6mVNSqEoX4rB4P7KIzNnopkfDWlwokX7PV09ompvC1DM7WxR0OpKZb6E1Z-iLsBjezDDvA_GBBn9fPxkjjl6lVeXfoOtyzlIHj6VoeAaC9AOUBtj4p-WRZl7d0kxAaY9z4e7XuUIzfyFakA
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 31 Dec 2022 09:21:29 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=494
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:29 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFN3SBMHXy1Go1cRphCLJsY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 4FA4
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y6--GX4k0RL85DpHIYUDBgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFN3SBMHXy1Go1cRphCLJsY&google_cver=1

43 B
766 B

11ms
11ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFN3SBMHXy1Go1cRphCLJsY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNVhvo0UwYd_1iIDcKlsVqgCBf98N6cGtKLY6mVNSqEoX4rB4P7KIzNnopkfDWlwokX7PV09ompvC1DM7WxR0OpKZb6E1Z-iLsBjezDDvA_GBBn9fPxkjjl6lVeXfoOtyzlIHj6VoeAaC9AOUBtj4p-WRZl7d0kxAaY9z4e7XuUIzfyFakA
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 31 Dec 2022 09:21:30 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:29 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFN3SBMHXy1Go1cRphCLJsY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 4FA4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEAZa-qeTP2hos7FLc15OPH0&google_cver=1

43 B
1 KB

64ms
63ms

Image
image/gif

185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEAZa-qeTP2hos7FLc15OPH0&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNVhvo0UwYd_1iIDcKlsVqgCBf98N6cGtKLY6mVNSqEoX4rB4P7KIzNnopkfDWlwokX7PV09ompvC1DM7WxR0OpKZb6E1Z-iLsBjezDDvA_GBBn9fPxkjjl6lVeXfoOtyzlIHj6VoeAaC9AOUBtj4p-WRZl7d0kxAaY9z4e7XuUIzfyFakA

Protocol

HTTP/1.1

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 31 Dec 2022 09:21:30 GMT
AN-X-Request-Uuid: 528ad4ee-8050-4772-ac89-9652bff57094
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 81.95.5.35; 81.95.5.35; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:29 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEAZa-qeTP2hos7FLc15OPH0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4FA4
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjE0Mjg4NDA4ODkyMzYyNjEyOQ%3D%3D

170 B
188 B

49ms
48ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjE0Mjg4NDA4ODkyMzYyNjEyOQ%3D%3D

Requested by

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sat, 31 Dec 2022 09:21:30 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 81.95.5.35; 81.95.5.35; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: ed0cea5b-688d-4d6e-afdc-74d73fa8cab6
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjE0Mjg4NDA4ODkyMzYyNjEyOQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 83EE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFN3SBMHXy1Go1cRphCLJsY&google_cver=1

43 B
766 B

10ms
10ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFN3SBMHXy1Go1cRphCLJsY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNV_IYJDAereZuGqmydxxMT_oReB5AubWotlfcjGn6KGssFW5VdCT4ibPSUJjRcVMgMEtKuqGIXOtqmbB58f56j7JUomIDfzt8FW0Kdzhg8ZV4tFiHn5vPcqAO6xiacoIbbL_iMQSXL1p5VNFXPFNmF9uW-O7e5RKh61si8cyX0YY2JW-ZA
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 31 Dec 2022 09:21:29 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:29 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFN3SBMHXy1Go1cRphCLJsY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 83EE
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y6--GX4k0RL85DpHIYUDBgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFN3SBMHXy1Go1cRphCLJsY&google_cver=1

43 B
766 B

8ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFN3SBMHXy1Go1cRphCLJsY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNV_IYJDAereZuGqmydxxMT_oReB5AubWotlfcjGn6KGssFW5VdCT4ibPSUJjRcVMgMEtKuqGIXOtqmbB58f56j7JUomIDfzt8FW0Kdzhg8ZV4tFiHn5vPcqAO6xiacoIbbL_iMQSXL1p5VNFXPFNmF9uW-O7e5RKh61si8cyX0YY2JW-ZA
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 31 Dec 2022 09:21:30 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:29 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFN3SBMHXy1Go1cRphCLJsY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 83EE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEAZa-qeTP2hos7FLc15OPH0&google_cver=1

43 B
1 KB

62ms
33ms

Image
image/gif

185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEAZa-qeTP2hos7FLc15OPH0&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNV_IYJDAereZuGqmydxxMT_oReB5AubWotlfcjGn6KGssFW5VdCT4ibPSUJjRcVMgMEtKuqGIXOtqmbB58f56j7JUomIDfzt8FW0Kdzhg8ZV4tFiHn5vPcqAO6xiacoIbbL_iMQSXL1p5VNFXPFNmF9uW-O7e5RKh61si8cyX0YY2JW-ZA

Protocol

HTTP/1.1

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 31 Dec 2022 09:21:30 GMT
AN-X-Request-Uuid: 56afd050-5f60-4281-b338-9e92cd61497d
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 81.95.5.35; 81.95.5.35; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:29 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEAZa-qeTP2hos7FLc15OPH0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 83EE
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjE0Mjg4NDA4ODkyMzYyNjEyOQ%3D%3D

170 B
188 B

45ms
45ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjE0Mjg4NDA4ODkyMzYyNjEyOQ%3D%3D

Requested by

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sat, 31 Dec 2022 09:21:29 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 81.95.5.35; 81.95.5.35; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 4696656c-6ca4-40bc-b392-90c02d1f3327
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjE0Mjg4NDA4ODkyMzYyNjEyOQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FF6F 143 B
166 B 18ms
12ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2186
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 31 Dec 2022 08:45:03 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 48C0 3 KB
1 KB 17ms
14ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 19:29:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49892
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 Jan 2023 19:29:57 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 48C0 18 KB
7 KB 17ms
14ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 11:30:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78630
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 Jan 2023 11:30:59 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame EF39 2 KB
1 KB 17ms
16ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6__GAAO1z4K3s9CAAZEXUg38HQs0OXY5DzqZg&u=%7C6CeYpfQDiXVaHm158a8CwTuND7XEvu7ApyPT2Akn0jI%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T1Hl_UF-u9tNjiMRvUnnoE2Ymoy5pUNBeUsi2ZDBwRAuwFDisSmqbEy7w3S9SOUjABiSA5fKQMRz6lapYVz9jfjD0mUwOQBtsFJ3weSjHfPV1_NRwjrPuT5S7GziPGqbgitBOkc7-ZSPFGZcdDpMwZMBgXgaDsyJh5u9kIMLssrl6zHdehR_d0vsCM3LmosLk7L0J6FQJm4rX13SObm3mvpNCyDQ3rk3-hA3whxLyYPFSKK6nHQXxv9MQMX_8ip9YEktfl3nkF_e9IHNi5DVqbkmtdkff6ThaGSYwIOFk6sZGY75Xsroi7TblucdaF3slpHIUk89aAY-mM39b0gQP6OY3GN-OmhYgw4WOOpaCAyMj0fzhSx425WQ2eLAPQYj17w99Gcka8yTO_4I2A7gf27rmBcSefnDoVM6CsgKCsdYalUR9Vyv3i85LectRVWnWz2McgeV9zenun05oLb3x5oxbYkS-nN9pHVnGyFBX4S66URzbyCy6GfBK2sqJUESEqXAw2FmIWrhpBUmQDeAlT_1JFvr4jjM5Uh-_ybjR70V0GQrVbIl2tw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCx0WrGP-vY76uO8Ke-wbdiJmIDMme0rFcvfGU93DAjbcBEAEgAGCVkpaCqAeCARdjYS1wdWItNDQ5MTY1OTQ5NjM3MjE3MsgBCakCKqzPSPn1sT7gAgCoAwGqBP0BT9AHB4UnzmThPEfU1IZmNNuR9svt2rAuGNBnfuEenU0Z-EpgFUEdHFymyJY3PcvxdLU3EcL7H54dUaP0KAycAuxsp1FT25x3SaTRkPtUd7xWYkEWqCvqtUL2sKMYizJs70tN4A66C7Aip6r8BGoSnIFyYm8Dql3oteel0Pmkv0aV7NLY4wmM9LfJOJ7xCJJ1l9P8LaqNnUYT01MGKxXFxRoF1dju6cS6I6SN-8OrkhEOMaW7ctmsDK4Jv8qgI_1IZv1S8kzKxSsrkRcTxVbHZ7RCAuXo2VgrbPnacrEoXifrwWJv4If_95iK8MDvzRsqpgC8LpGAq38EBshscOAEAYAGsJqfnOuR9LezAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1t8geqCBwN_TSdWjEJrvCeJqaSWA%26client%3Dca-pub-4491659496372172%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:29 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 26 Dec 2023 09:21:29 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame EF39 2 KB
1 KB 19ms
17ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:29 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 26 Dec 2023 09:21:29 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame EF39 308 B
636 B 21ms
15ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:29 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Tue, 26 Dec 2023 09:21:29 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame EF39 293 B
621 B 28ms
22ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:29 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Tue, 26 Dec 2023 09:21:29 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame EF39 43 B
347 B 24ms
19ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=65YW-mWdd-aiho5unzzSitl4fPHkmwi-jrt8ozXpz6QQKo15xX3lQuwQCF4benlew848t_O6ryEzGeHf_BhKooV1Yyk_NVJeIkdvpEEwidpsHSzOADNzvUfJgYt6KZT6AXOIaxeL_4LUD2phfBBTE5rKQ-yzxndWGrCr41RzMxwbS-ZUZq1TzP4sBX9UwxV_C37eNIXY43ntDVvDduT50PmL26AK33U_u24yX8nmzZiZWQHigsNeFcYZrs5QVF3W924FBLSWeYto0ojHzuxZIA47AR1h3Bk_RFGpZs4-5UUeCGlGhWDocNm3krZgMdasbmjHxEjg0TzKFlS9dIaAMs870heUNwRN7yRC2_1u56i1A_BBeFfwedZOIXXDGe9hDrEYOHNGpysDVJTJBMgCBhanLDltA382xbO4m2s2pGeptQoR

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:29 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3752471
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame EF39 43 B
1 KB 84ms
30ms Image
image/gif 213.202.235.10
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvId=15&extPu=13929-criteo&extLi=264882&consent_string=&iab=1&rnd=63afff18a7d498abecb2584bb81a1454

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.202.235.10 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Date: Sat, 31 Dec 2022 09:21:29 GMT
X-Content-Type-Options: nosniff
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy: cross-origin
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
X-Xss-Protection: 0
Pragma: no-cache
Last-Modified: Sa, 31 Dez 2022 09:21:30 GMT
X-ET-Code: 0
Accept-CH: sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://ads.eu.criteo.com
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 1051
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 204 unip Show response
trc-events.taboola.com/1245572/log/3/ 0
247 B 158ms
13ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1245572/log/3/unip?en=pre_d_eng_tb&tos=1631&scd=9&ssd=1&est=1672478488269&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1672478489901&vi=1672478488266&ri=92aeb478625cca712a4fbb72060db785&ref=null&cv=20221227-23-RELEASE&item-url=https%3A%2F%2Fwww.walla.co.il%2F
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1245572/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: https://www.walla.co.il
pragma: no-cache
date: Sat, 31 Dec 2022 09:21:30 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/990511/61634100/ Frame 7764 242 KB
73 KB 219ms
66ms Script
application/javascript 54.217.61.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/990511/61634100/skeleton.js?ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.217.61.24 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-217-61-24.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 69d1298df9f17be4ddf9970ed9aa2adfd0396e7beca2d828c27dd96520390657

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:30 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 7764 106 KB
37 KB 36ms
36ms Script
text/javascript 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/
Origin: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 21:33:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42473
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 31 Dec 2022 21:33:36 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/ Frame 7764 8 KB
3 KB 30ms
30ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BHnd83SYbCp0935BEsO1leh427h93s9vR-loEhITISBr-foRk50rW8ve5door1AbMQd676kvDjd6iAypcM8_R5HuBUNPZRSeDc56HLWFrKACOqYocJKQfpKNqtWEdhP72f_jxF_WmBYoC_nzRZP32m7VbpBdLPNqXcanAiDJOJn8eWZqw&dbm_d=AKAmf-DckH5HZf55fRzF6xea1gGjAGyq3m9KINUVBPpPiZy4T5PNbfeTIZ-5HYno74cXCGGVUiXNlnKvoOwg3kjvGJBsFA2sVeNOtr1StiqYGhyKLE5hJgbibnzPBBH17TfhKSE3QvmBTVZUXXb1c06nayU-EbAhO19mRCD0UuPFKokgGOKSe0L59XhQF53OGJRxSXOfLhcFucvlJ-K2FiWgykBzMPWApiWG0eT44GBWCR1yKANVFo23lzW3UC8tgrhH6EMcQptQ6BSm7YkYRSmkjbbaYugHwq0TvlZVDfPwbGhHcewABgGyS0mlBzFwu7x5tXnnFH44L-oWvgbVNS7pcVeP3IuzDrALCqm2eNoBoE0AapJiX0ijvrmsQi_c8SudxH-OQIO-5LGSOGaalAwpgZ7ntmUklc8nUGv_ifdL7bXnyQ7pelI5eaVbajt7EoHnkMelSioCOUfdxLXHj51LoOORa9oWfyfYd7rLzwXjuexbG3PzeiueDfuk4oucTZkZxQxr2cCUjJk7tgFaJ0wy_qKKkY9bt_IFT8NE7N7N18w1ITCFyGWHsI74Wy0M9vZjx1fr496JPzbNsv_iPVzikkcEtIUnMYEuENFlTAmBomQ2HrGR_R9Tbh7t3zOR7ncI63Qv7afk7dX4Kpn-xthNxtvFbuc98JlBAlzVylQ8K8d_zfJqBhfOu2NLGKoBGUftQVPJYZL5V7bVERKSu3jf2CKUVwrzYWdSZqDX5jy-x1zuJVStNB0tz0YmYfnmXoktQYf_j8Y8YiCMWCb1kXmc0wF5p3KG6ZRKNJZExSVkThQC4E0nuxhQJx7Er8TvQUrZBawQVDznCcLPFIc7r48UhNbT8I5lDNbZjkIg9EnISRR-ZUmYbpFIIfPxanX25ev2ZIaQBwkxNYjps9H9Xzlfk0IO_aHdSjaA0fDzymxw0371N4Lty6qombJoUHrmenkjKIar04WIRFOCkib8qDUcd3jKryAK-GQlJgbYaP8sWyEYIpdsaOxIXMWHTvCbxUXZZycIFMfGjLlzSnJuYr_kMCqayTejIBzQvbVHwLnoZa3gMNsNgmpfPPAoTFeRTGu34544oHuX9BG3qPxjHXQpbISFO3_MMJi9V4ZkGj2fTatK-Rv9iDcUhl1Y3v9uaMr48TQPW0EGNSmTm1ID6uigM4pA9uH4eh5q38eIGYW_UL8t7cTCHEYs-3_yGuVeI11OeX2aw7oM8YuCm6-Gyz0X5H-WCnekXkKZ6tFXSt_hROB8UqolUoeRBkmFH23Yjn3es-sMBHjIVHrdK4hlaXj_Ivmag59PSueepJpMx1u6WeawhPFk0RtoJlHP8aKwRIaVlcoHi-raV73gHbdCPM0fFCGswSYF05S6AhLMAy3CTUBlT01RlC6VlJN9RpfaBMx0XdzGnyzkWQlCKP_leEd1kIfTO599ekGekZopNc5LS1YnqI04_k-OENGd6fovUSGxju453m819ameEhpyh7zIx1M8xMfYHFnA7CGqcf5q9WzFF-Coxpv0cfKRUQcldCayC2LI2S3e9Zm_Z7_YRZNSOvxvfo2iPbyJsL_Gv9kxze3vhvXaAjAYD9PX9WiXtn4LJQJs8MeyLzO2iz-8P_hLJZdsXp0dkrs4T3i-_sSSpnGpy7nYT7sJ-86fKA3gbJxK0ZWQhVLv6Wlr5GXw9E3Qat-GZEmCl-9XOKzLdopZglXmacBixYYfki5RC9CJuwRQ0wpZy6ihzKsP6LDhQtNlKg9GvTGIC6cEFYo7GWwmdcMn31GmD8QunmFwkGR2PYoyZVTs3wzwdmsi89Cck2pQxzL1_Ku3Mz4HKOLLe_xHkMjQJTeai3f3QwYG9mAoRAKpWttzTdDyGRxZzp-dIA1elBd2GcHG3R-GwAHYbyIHrjNVpqTgKH-Dm2Hn43paDO9fYENOtfGM43iNzo62ixLf5xhMjCcUocZ7T06I-lEl5gtGCM6jw2wlKJKT6pNc1zcYVRNGSlzAXGSPbYtx3IFsFVxh-FUAgNdiIiiRcUl-IJi7VLsZOYY0lRjq8fIpJAzfrJZQ8iGOwGl9vUXvbToq2clb8uPxbQCSqg5HL35VQ1JE6jckG48EsKN_LR_w9nM2lZ6TE3pHBMmJekxoym_raMoqsGA0hurF24cFf4CZBQKnTQNooR4F-F5LVTbnehTOIjvkSpTCF5gB417bULKSQ8h6E8I25O-KGGtCay8Bx5EhpbLoh2RfmXzC_TSspv2XDgUEzMThkb_sHe1ZFME997t6enS_5CRttMzZwpH0oZa8URl4xpngasPBCJyhfiYlcMe_9YnBFGHnqsJtrThGO6uxUYY8D16G8gVaalaET7oeCCMsYDul3B2aSafv_V0yo-ojgqpANfhFvImNP_Jhvzv9I5ue8STz-DOtMtEeAAHINJCoZdalayABRA92J-2JpgAUnD8fuifPUypOnB_fAiVot5vduha3jEaZ56Re9Ew6NR7bgHT2bYpnrNsWtjlJNkCjki2mPfzpgCe3414SbQKhp2NgTgvY8y0norTEpxTgoHaTtnVIwq-oQqlqfANGIXMTRdo5-b5FzoBdh4ZZrYwfzRNE6o3Gtf0IFG6pE4oM27clfptdxQxXff25xjFBtu_xKBkIq_37cvIaHs1YJUrpETQzEQGlX71d5OBVOxCmXJSicVVwyjRa0iH12EsQX3ySzLP913ZLjlU4bLzigiPpo9XZAMXz3pjdlLCnezf5NOAgOlhj4g5GzNx3zV2iNreOcj3j64awUpzbJ-EVd9ZiNShS7J5iOjrOL7NuQgGCEiPI2Ben6NIeyh2cvHlY3N7d0GLLKRfEWvYeHWGo3pSr-VF2GjbM9VyI1B-7s_k-8Z7Y5Yv2hz1TNTqIKbR4y7k-sNN8ODIcmzvjZFkpuhsACLg1yLPooLvAPooy28nNMRVBlmCMDyZ6qVvP8C3xJVU_JX_ljV7jVklk6nGKnKcZ3FPJgsC6721Bv7NS4ZaDhT0KvAexHDVDZTGj0QlIYmTudyVr1AmGeNoC_ZIaOl3YTz1m1OEXJhFj5i53-UzZqYNFRoc2WmhhZxK_Wk__qcfvmk4TPNY1KOlEx0CuGTErtoGt0W4Wfw_syUTIV0hWqhQpROknSOtbrFEN4HN22dWzXzOwYXWDNiT9ACXRkeT7TYJNBro8RPn8KSZe8-jiM32BWRdI2WVFFtUY0uq3ZzsWZZm24Ex6_YaFat73HDEeoKRMc3Xc7OwDI1vl2Xfky6228ZodDxoAaC5ieKAXf_rCm9nQfmkKjMZfT2OZY6dbFZAHZEITOw7Bvt9_oT5wlOjNPRL9sXsnJbe-8bhJKZNpEQ6Tk65Uy84ADifmaPUH6qzgoA2d1OIDho_4b1WfAzGia3LTNIDdGT4o_6Q-1Uf7SWb1Gpbm0w7_yAK8F9cdxnk5aFLSkoVaGHZhkRTO73S_K4MzqSy477lfgrUeWicN6100iKyClhY5XVB1xfUNpW1T-lH3Dexmyp4Mga44KRjUWjvhHlUdY4KMQWa89igZ_74L2c4tGgMfePp1FwzGDQB5T3OFinxnd7rZZS8nEkpcYNoHVLG8NbrpT5OQhIuY4rVO&cid=CAQSPADq26N9q_MG4HbXAKHa33U84Vy569wJQ_AyPVB7joS1PlDZ0qEYqruK4ruAhJ52ves3sYgeghxyO-4IghgBIBM&rfl=1%2Chttps%253A%252F%252Fwww.walla.co.il%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 21:33:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42473
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2986
x-xss-protection: 0
server: cafe
etag: 3296546412363819624
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 Jan 2023 21:33:36 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 7764 30 KB
11 KB 34ms
33ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4d60e53476012ab254ca2f3f479903a6be9ead3cb39a9ea353c51ec75c618c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 21:33:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42473
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11387
x-xss-protection: 0
server: cafe
etag: 8197878782792770439
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 Jan 2023 21:33:36 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 380C 0
104 B 118ms
25ms Image
text/plain 2a02:fa8:8806:20::2040
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEF3hACJpjpr-ew6kc0KlHDY&google_cver=1&google_push=AavPq0OgFQYZ9KcL1nVB0mhqCLwCfwQ3rKR0q4_hyU0TGrqNMrcytuEVEV2CAp6seOXwhqGv8wBTi6yCWYOdaSnndomf-yQo0lVu_zc1EUWOEYCaZ9l8PEoeA7hMa_4cYuYmDe-DXvz9SWA
Requested by: Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2040 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:30 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 380C
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEAJrXva75wy8swWaM0wPe4Q&google_cver=1&google_push=AavPq0MX-TFK2i6yyFWWCkAPsH1HBV_wLyMpHIOmXbfIxT7oONh9WsG41pRUMWXmxqEOFGuEio4wTwYWWnY71zMV...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AavPq0MX-TFK2i6yyFWWCkAPsH1HBV_wLyMpHIOmXbfIxT7oONh9WsG41pRUMWXmxqEOFGuEio4wTwYWWnY71zMVIB6YUdgUHTyFZL_Zo3XF1aN8FcX4-O...

170 B
188 B

42ms
42ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AavPq0MX-TFK2i6yyFWWCkAPsH1HBV_wLyMpHIOmXbfIxT7oONh9WsG41pRUMWXmxqEOFGuEio4wTwYWWnY71zMVIB6YUdgUHTyFZL_Zo3XF1aN8FcX4-OaBnmIrI_i5RrU6gCuXfrG-0w

Requested by

Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sat, 31 Dec 2022 09:21:30 GMT
Server: MT3 277 3f0ad7a master zrh-pixel-x7 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AavPq0MX-TFK2i6yyFWWCkAPsH1HBV_wLyMpHIOmXbfIxT7oONh9WsG41pRUMWXmxqEOFGuEio4wTwYWWnY71zMVIB6YUdgUHTyFZL_Zo3XF1aN8FcX4-OaBnmIrI_i5RrU6gCuXfrG-0w
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sat, 31 Dec 2022 09:21:29 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 380C 0
120 B 25ms
21ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEDQdr7qsTD0x9zRCodOrAHU&google_cver=1&google_push=AavPq0MPhpv1GHRGvKmJP8jvwRBt9JyCP1YImp4kGyU77sP6xi3yCJ67C1AImmxVNziqBW4EzMyCgO67ZHlYwFad0qhGIRhZFehwI2pzsVfV6DHSeOh6yNEkFRFOBEZ5Qnlxn0-aiKzGyOU
Requested by: Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:29 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 dds
rtb.openx.net/sync/ Frame 380C 43 B
351 B 70ms
16ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEBctPptXwX1qxmiCI1LE9Fw&google_cver=1&google_push=AavPq0NrN4MGeW7DpGMHno57dF_uszdaYxZro8YmcCjaL5ox6ASUc6DmpYPf8-YoVPRTKqEurE-OItK64-IXBf8AuOEcHoe0mlTwE1V-8xEdwdgYF1BqnQFpEof_HZ-IplMPxbXPPuArxEI
Requested by: Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:29 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: qoiiq6ru807udph5od5bign465mufrgn

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 380C
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIeGQOWlSw6Z9_zuy7aRm9M&google_cver=1&google_push=AavPq0Ny4UMKISlSA91qj_TvZuJjnlk3b-Ml_audIsSYDNXzKXVlQJaScCQFrnkDHaExZA2_zDl...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENCUUlDWEQtMVgtNkNWNA==&google_push=AavPq0Ny4UMKISlSA91qj_TvZuJjnlk3b-Ml_audIsSYDNXzKXVlQJaScCQFrnkDHaExZA2_zDlt7xULS-FlWNBiouz8HBS_yrqHw...

170 B
188 B

43ms
43ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENCUUlDWEQtMVgtNkNWNA==&google_push=AavPq0Ny4UMKISlSA91qj_TvZuJjnlk3b-Ml_audIsSYDNXzKXVlQJaScCQFrnkDHaExZA2_zDlt7xULS-FlWNBiouz8HBS_yrqHwmLt4Hmg-UBMB-xAt8PtFtIyvfoANUDFou56QJzUUYI

Requested by

Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENCUUlDWEQtMVgtNkNWNA==&google_push=AavPq0Ny4UMKISlSA91qj_TvZuJjnlk3b-Ml_audIsSYDNXzKXVlQJaScCQFrnkDHaExZA2_zDlt7xULS-FlWNBiouz8HBS_yrqHwmLt4Hmg-UBMB-xAt8PtFtIyvfoANUDFou56QJzUUYI
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 380C
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEHYjSO45xBN5RAw0A6CvVqA&google_cver=1&google_push=AavPq0O4xOJ6XJcuHxvLXj4XCREApTMmZouQEh6tifRdtoJUlOQkGzTNmhtP-oEgCqtRiZE6yO...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1HcmZHZ0JwRTJ1Ry50X3JXZ09taEl2Sld6bGRvUkJuX35B&google_push=AavPq0O4xOJ6XJcuHxvLXj4XCREApTMmZouQEh6tifRdtoJUlOQkGzTNm...

170 B
188 B

43ms
43ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1HcmZHZ0JwRTJ1Ry50X3JXZ09taEl2Sld6bGRvUkJuX35B&google_push=AavPq0O4xOJ6XJcuHxvLXj4XCREApTMmZouQEh6tifRdtoJUlOQkGzTNmhtP-oEgCqtRiZE6yOW1kHbBnnYloDjtgHASI03XLTLyLY__aKKfoB-H53H8hLgz_KcEClqAeQd9qtnXR7CsS5Bd

Requested by

Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1HcmZHZ0JwRTJ1Ry50X3JXZ09taEl2Sld6bGRvUkJuX35B&google_push=AavPq0O4xOJ6XJcuHxvLXj4XCREApTMmZouQEh6tifRdtoJUlOQkGzTNmhtP-oEgCqtRiZE6yOW1kHbBnnYloDjtgHASI03XLTLyLY__aKKfoB-H53H8hLgz_KcEClqAeQd9qtnXR7CsS5Bd
date: Sat, 31 Dec 2022 09:21:29 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 380C
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESECB5Tj76sRNu8mV-91GVqV0&google_cver=1&google_push=AavPq0MBV2H5Q5dS5...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NjE0Mjg4NDA4ODkyMzYyNjEyOQ%3D%3D&google_gid=CAESECB5Tj76sRNu8mV-91GVqV0&google_cver=1&google_push=AavPq0MBV2H5Q5dS5lq427iQVpkRriqF4J...

170 B
188 B

45ms
45ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NjE0Mjg4NDA4ODkyMzYyNjEyOQ%3D%3D&google_gid=CAESECB5Tj76sRNu8mV-91GVqV0&google_cver=1&google_push=AavPq0MBV2H5Q5dS5lq427iQVpkRriqF4JO6ZRdQ5stfRtTY7f-ho9P-6PM3apjyjCR4IxtiKlA1rXPMupT9PBFaK5JVRzbqi1mrZcid2_lzFVX00tWjd9USTow1-Lky5mxymgD9DtWMZ2l2

Requested by

Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sat, 31 Dec 2022 09:21:29 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 81.95.5.35; 81.95.5.35; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: a3286d34-4c79-463b-83da-00adc5d0c630
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NjE0Mjg4NDA4ODkyMzYyNjEyOQ%3D%3D&google_gid=CAESECB5Tj76sRNu8mV-91GVqV0&google_cver=1&google_push=AavPq0MBV2H5Q5dS5lq427iQVpkRriqF4JO6ZRdQ5stfRtTY7f-ho9P-6PM3apjyjCR4IxtiKlA1rXPMupT9PBFaK5JVRzbqi1mrZcid2_lzFVX00tWjd9USTow1-Lky5mxymgD9DtWMZ2l2
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 380C 0
12 B 76ms
75ms Image
text/html 142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KdpYq7wu0t_Fm8hVP0RfvGnsT0XKs5hSH2TVsDs1EpC6TZLcksz7i1a9flePWW_6nNWilI6qc

Requested by

Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:29 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/990511/61634100/ Frame 2F1A 242 KB
72 KB 166ms
31ms Script
application/javascript 54.217.61.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/990511/61634100/skeleton.js?ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.217.61.24 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-217-61-24.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 02c2a5f7282e140905ccf2ef9f7792967bdf9513de5ca3d6d02c8b413171ab65

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:30 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 2F1A 106 KB
37 KB 25ms
25ms Script
text/javascript 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/
Origin: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 21:33:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42473
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 31 Dec 2022 21:33:36 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/ Frame 2F1A 8 KB
3 KB 23ms
22ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CflAbL0qCJSFIhhFyX1_Gl6dJ9wCKnUgdAC1YbhZW8aTzwcNtUyR8MdVTeHt-M6_dtXOaLzWHcTQkCGY_kYP4DWosY310hAUJCOCgFDFoR-qRvVy8XsFFuNGOYdJekcnLdkUfP_dvunsNY_7QM-zPgstwEEBDHykQRF0AFcA4ekuvjFxM&dbm_d=AKAmf-BhElzGXOWGjElvpAt4qF92E_XupBrFXbG5In-Zaa3hUqbTKWS-GGSzMr9k_N7oFHYNtENTNhV1ooiT27yg1oQhAUst2WjVJ1WJO0zQjHV2Z5UhSslyEgHZa5evRKJrta-bx1T5uUd0heVb2RkSMUldX1HhvNT3YBURMWjONvrBLQVu_LOVLc18u8gbij2o4ZXxqGhz_jFXS7SX31Ump8se2i-ijWgp-nD1scBlmaK0hE1vrnm9EyMEKYYnPzxC1a5vi2lEF_W-SlS-_fm9iw0FDJD1llsInkeaq0bEKZ94Dshu4CNAODs7qRa1XwC93tND156VrT9PGuLs7uSfTUhB6PPZKIVkOUHI9NVsAKGg3KBE0AGyVkyyNu5XHGIYNT2d8gkXPMlk75SS9hDy3BrAEjm0KxCGibtXW97Z9UC3s_Wi4JKQPbulCIwv1nZfC-GPq2qLHRDXoi6xMDqe3QgqcFWwUCzxHPKUzOyFaplPeLJRa_cWHZsiMajkxiJTv_91HBx4ZLBDSaSAstbgolmKuvJvHf5fbHn_rKvwTwRtujivI-kMhaU79O_rmDqwqDgfZ5w_DYDvS_4ZqSsxFgLa2GKt9I4R5an_XDqutVheiiqNiXJV4bwpaQSGp6pB9B5n4qndDWVLHAWC1M6xNZ6MWNgiVrdno2n7ZDvL5stN8WwfT8VWkz7RCCNA15VnwJgACj44pJquOVMLxT9blMhOwbRiUz2Fhqawql-TJPHDhHFgUPX_IkWwLgGnSq2I-1_bmT92HdUO0XsrPvYbmms1DUY46CA6VaBWM05GVuID5W-oddhn6r749HFVXa282uK1ZuDLK67VVAPDTqZrIGxBaoT1tnytJe7t-Xh0XH74qnK_fsGn9U9jglLKwfQnT_MvmwlNsiAM_x3JkZZ4-j3N5QuSFnz66ePIhzq1aHbSMOyPXylmU6PcsIxqHZlKlfS-HT51Bjqk1THbDOzsiQJe_c5dNw73qzLVFp-c8xsgkmnx8jq83kMzbo6xSuSyvRyoF9_7BiH0iswAOD-NTvyB__V1CB9IgwYiCj9kIwRWPftams06pBsUD7ALuuLQI82AssXXgvhWatCnkoiu4bj2By0rNwMUAYCSLmdAPj-ZUxdmRqAiZJOnm2fz6OcFWZkHHzB2SKC6Bokz3ulM_V9X5HXIk1K59ICn8dxzyCcTDh5XAM-XBqtGJS44giZHEQvNZqqSBQYNrfX1M7ofdGY7BsCt11rdTkFT5DM37Upccp73qjfAXJwc8pGE3PM92EH-pzs7ADRf02bWP4rJ-Kr_IRiQ6CsZKtciqwM1i4luY952wbSIuJIxyVAfBUeOYX2UvFYm-uuO-UNVCe_dnNGRGhGVyQQfuf_A-4eSs_9nSR0_7BGd1zLsaDn0MLtyor8afuRTFqW3pvTFbMWJ-VjbNJu8_XGbSdoIQ4LJ9-gW7KDQvMJ6tl0Z8GIb5h-YH_fU16YxZSljxtIwvGL6DkESWrUqRwPjn6mw2nnZr8PWodU4hs7O9Mcc74IyWbE4dQDVK7nRBXT9btQ48YDW9sSNQydeHO8mJa62PKZEBt6FuGzn-ZQmZYiEJ61l5SADfsxCp5Ai2cHXsqlyaHl7mux3P7uufv03NWan3E2NGurV13h-Kzo2dieGUMKrSlqbyZclMB-wT6L1r4ov2wAKvmOk6L2HSZO-NB0ipvra1fHNEE48wEtYk1jWzNrr_3o4XMaG-q5YPhRFVaSjmu5QaN8gqa_Ix7Zk0rn5i5xvsBv0RNNvFzyFCcTBBQy5ET9napNjA8kDjWuBJMgrwLgoAwC1HerGSB-CvRg5aImNcIuLhqE_KsuLo7vnEF78Q_DbF84rz_kNl7QDu4pvNsN78fP9HxoNSeOhsw2ciKctfzY_6b5DHAuEjKiyv3kj1TcbsusOOKDXG7KQ16vg7lN_WsrkNuOIt7gVty3uA-YANG2bqFPRXT4MAmFuqiEwnh7hEwdJEN1f0rfOJfC9JE3jOQTOJtNaGVS_o1Tdf7Ressad4Aqbmm_ltOE4Hl5gaA2_DOkBAi3fAG5DBrwY_Ai_YFqxyl3AEzvYrb3nshIKhElDOZaSeleiVcZBLDZBzduBDy8sM-MToOouLGA3u-BUKY2KbLF5jhz5-lbNAIZhdYMJcL1TIRCyLG44qKuLaV1msT7C7nT-IRsApuH_ibupzHkLnckK0UphKUxmnFPOCaoj94eTCf_vcnbyZdBZqjlBGLETrXSoQbOY5EWZV5kHdYsy5mNNlacg2Yv0VAjoYlQ-lndmSLkfPcIJKOREWLGj7EZSOs0Ga68qw7Ct5MyavzEZ79Rjd6zWxo9VEE124j0f7NLlcrXoKUpwaMaj3r2vvMLTOYxTvNtbiPVBCY-3hZK74TSEJy89bBJdpir8JCd7f0kgxrotKxuR7djukq40xvf6oqirtZNwgksUsdjLKxUDmdGy2W7UXmjaBUfH4VNVpe_j1L2i4ezUaftS4eMx8hbhuJ-dSvinSzcS6fsliE_OvpT7jbZb92S5mIIpwq8_Bw2p49qjkZw6PyEOkNDJcyBfoVJyPbEGVvAlfyHqC_VXX0EPpsbGgU2_y-tlMp9jVWjcauMfcdDYzQTQ65hjvjzIWXitOTO-G6taGRZBp31P3TfcNl2cEnNgQrcaYNFreW6TK5GtYuSjWTXw-zxQAzSITuRKbLkLpP1Yly08rhFcsa3oWWNAXCo0uVsUy5ucCrB7cErjM_mWrDBFPS5n_r_1-Kbr_Dp9NybRiaJyNmxRjSDg0-p-f9_pIKOsgLC_E3HXCXW9shsNAmGqudPMzQXP1UWvSnF7g2q6GA4gcF6B8n8IG2mgWFq93quUTajR4OC77rIUbtzfK9EMfIJUm6oeeeXD_bAlBmh-OyuoqUvHkInAMySuA8dUonpjBXgvqnwhkk2m4A6w9SmSh8dLhKN1-pc77Xc8TKMToI4TTGj-JVI1RbyJSXdc9hi-LacqOIuqN3kHeZHxGwqXujoVgKXHzHvr2gnJDdwsWNICS96VHEZS-jwt4wtvMf9k2d_r7K-OWmNphezh_N-xATC_ljBr2kqT6RyPEbbAD2XZ7kETLf5jneX3-V_5j-zIDa3J1bgzdsZy-kiwstMnjk5N4QtJWIbESbrmj_8NXCi5QvXTCrV58sdsyH9hOCkYH7fYJ37NjDJpMerQ6mdWrIlIqRZ9kMIRmpMxC-QYcXEGHgN1hs2eGsXQQtLmm_V6gdNuWX6I7q1_FEBsatkA1ni4BK0JP5dPB5Cn-nMNLwuFAvR4eWoA93LefgeGMIRRfxDM3AVmKxV_luD0RwVPJc9tyBxiyqDWqmkpHHo85upmsaks6a-jiJ2HuNoo__-Qpf5jmFzE99YKDZBKMBTLYEQLKthjBs-dWxzHpu_KVlgEbx6V5-DgjSLiQNH6ESN1o45P5sBEmO4&cid=CAQSPADq26N9q_MG4HbXAKHa33U84Vy569wJQ_AyPVB7joS1PlDZ0qEYqruK4ruAhJ52ves3sYgeghxyO-4IghgBIBM&rfl=1%2Chttps%253A%252F%252Fwww.walla.co.il%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 21:33:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42473
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2986
x-xss-protection: 0
server: cafe
etag: 3296546412363819624
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 Jan 2023 21:33:36 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 2F1A 30 KB
11 KB 28ms
28ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4d60e53476012ab254ca2f3f479903a6be9ead3cb39a9ea353c51ec75c618c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 21:33:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42473
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11387
x-xss-protection: 0
server: cafe
etag: 8197878782792770439
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 Jan 2023 21:33:36 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame E1B4 34 KB
13 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/Configurable_01_122.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 09:40:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85231
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 31 Dec 2022 09:40:58 GMT

GET
DATA 200
OK truncated
/ Frame 71B6 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 10a6399511ac0d2e2848f31570b7479e0ffeb0f72dccd029c5f63039e7b9001f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame EF39 12 KB
5 KB 47ms
13ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 822738
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w%2FaZ5Fo5koS7TEEZzEQabjtC3viBE6ZqFznisKriUr9UYMMNaTAAG6nEYDAamZRXKnibzkywiRYmTem9mgaMkuZBeM4vPVTOVOJiZr3k1xmR8TJpNY3l%2BU7p8mnyxt0Vcn2hX4b7gd1Aa67bObiaYIGm"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7821f202df3f906c-FRA
expires: Thu, 21 Dec 2023 09:21:30 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame EF39 12 KB
6 KB 17ms
16ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:30 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 26 Dec 2023 09:21:30 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame EF39 5 KB
6 KB 18ms
17ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F435x596%2Fcpro%2Fmedia%2Fimages%2Fproduct%2F22%2F5%2F100136191715000_0_1653524557497.jpg&v=3&w=400&s=n7oT6hcv0I2ndHqX1LZqfeG_&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

146fd5371c16ec55c85e9053c6a0c38acc5effe5ee9cae931f12e256d9441cf8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:29 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=7251524
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 5576
expires: Sat, 25 Mar 2023 07:40:14 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame EF39 19 KB
20 KB 21ms
21ms Image
image/png 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=116&m=0&partner=8721&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F8721%2F151110%2Fb36c36e292dd46478a893899a4e21a5f_breuninger_de_all.png&v=3&w=596&s=9hCu24Jp9VafUxXM_ppqGggd

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

9d3b426eab31bb93387e03383277a793a0347d1ff89a3a558479f674dc811e24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:29 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=30737054
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 19739
expires: Fri, 22 Dec 2023 03:25:44 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame EF39 5 KB
6 KB 19ms
18ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F435x596%2Fcpro%2Fmedia%2Fimages%2Fproduct%2F22%2F7%2F100136516015000_0_1657173993859.jpg&v=3&w=400&s=1wyra4zn7kPxc9nPWoFks3mr&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

57ab4b76932117e38ee9752f2cba7837abbfb61317449e33d5924f9aaf79079b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:29 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=6309005
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 5378
expires: Tue, 14 Mar 2023 09:51:35 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame EF39 0
127 B 21ms
21ms Ping
text/plain 2a02:2638::21
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=AaXa81tLgdakW4f998arX7Mq6im5GTT-PciMA-t2bhIJAxPjH7M6NhDwNfSt8QrRFxQG-7gCxN_b5e3LhbSV5NJqUMghswPstSNlSFd11SV2TIuiBOU8nKY8CVDhltPXt3RcehF4-7JPV2kCizf88YFkm0trAJFwRKJAHdbCQmY5XLY4MgRYc6IeUFYylMouzfd2QW7oRg66UZT-vipn-9zXHgOzvqFU8s4p6IDQzVwHPDrLnZH586k3SZ_pnugzKLWukg&sds=2&rev=84145&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 31 Dec 2022 09:21:29 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame EF39 2 KB
1 KB 21ms
21ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:30 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 26 Dec 2023 09:21:30 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame EF39 2 KB
1 KB 14ms
14ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:30 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 26 Dec 2023 09:21:30 GMT

GET
H3 200 photo.jpg
s0.2mdn.net/sadbundle/4278290951424718962/images/ Frame 83C1 19 KB
19 KB 23ms
21ms Image
image/jpeg 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4278290951424718962/images/photo.jpg

Requested by

Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bf92d2e1a509c1c00ad3d0482e7d4fddb1cfab8376428fccf4dbf86f4e0ae3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4278290951424718962/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 25 Dec 2022 23:38:07 GMT
x-content-type-options: nosniff
age: 467003
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19345
x-xss-protection: 0
last-modified: Thu, 22 Dec 2022 12:57:36 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 25 Dec 2023 23:38:07 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame F74A 0
0 99ms
57ms Fetch
image/gif 142.251.208.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss2YcxpDW75yo-oPlfhgEOD9FMh-2Si8p83lmpHH0qeDBpHcbZwd6sFTtAargb8UuLGe_LdoKXTH0kaFf9IVucOGAyjUiL44BF2UlTsLmvmHXLppE9YVAs35MGwjL4qXdlKGe9PuZ4bp9AgYJWqOXx1X4lKaScVpFTS9q0ys6NZ-UGdzdb9Mv6BIU-e6gwKSZbDOfigq2OFwdVZv_Cabr3m_72nFjQXGU42c9OLu5G-OoyjweRglEyKKYA-5VPh-JHszfrRjFc_B0Hp5qEY9qGwtoqyCZHGnezN99TlTQ2QgY739-kYKhWmdDaIqXV0Owmubsy9ykvc1aio_1gmzNV6gAKF58X1KPJIDUAFz3fXm22aKyine1OetEDqrN_aojjnXuCw31Xp2QmmT6eSCLW77B8rZ-yoI9ItnZhbsug5bObZYqPyC2tg84Kw6mWmP-RaPaUK-JDzgP72LFYjYpURWsbpISteXw_sOEX6SVbMopse0HV7OSmPQ87q5cvHC0SN03nsd7rNcPesXav-Su3_Wsm7lmtlOLjXOeBGWKsmCeuAJymc04xiP7IQi_k5lqqSojT0by9XeeIgfkMx_H1qfCoUoYliqThCO_9XAlm1yXPdRfszK0qRQWOqMOo_7sBlKIdgA96F4gfan47qe36OCjOeyKnHPdPJqnZefTiPk0XfDApIEYG6sGKXl_1TJ1JSQzjBLB-A7B_k6AkVZJR3jz7tVUxkMnQQAxPqpERR6QEWCjipFMhr0JA7d2mNhsfIUMb69trJaHX9HbvG1UJmhoYiLtJqfgXugwkforSDKzL1Pie0RcLY_uRUydRIWtyAgFWEcVi-LHS_hfU5RhoOhuto_jDWnX-MhccA9xwaXwLpWCb7mdTzvSu4_igRy6WGVilo3zjb6H5W0gtM9UM9vYr1mOpdBJCDThqgYPF1_JTqdr1PqQOeFcGgeNQV8CEflVwDzPUepjuc0mlSKcuzBBRqD5MhOguP7nAFjPvvnEE-LtMiWdEsOTziInpsi2l48CU-AUMM_Tl21I7qT6-DvQC_3j6MuYHofN602md-6vuHjIkPObYd6QB7MAlxMXaFyqF3OSf6Pb4UT44jx8bu2mZZzz4f2zoE1QXPofNw0_-jkG1K1gD8aKoeAF6_nWVUqmLXfMEh_IfMGpJ2zMQwpARyVj1CaGva2_vC0v93JuYJBjbMhwCtPxSGB0KTxCLd0fQCqniEoRWR&sai=AMfl-YRVLFqb7MwlfxSeR8oMY_dcd53h-og_XYyrJlqiNkXvwaE0dXNh-VkJc5oGe6_Cxmm9LAs9xgiIxvzBvbdCEUwQwggzppbVA0Sm1B2NBByyLf2mh_3JmpDGBjLHMj-afQq3aQd0plK8nUXkctGhtu9Kfkbl70Doi9FSLwIxA--rWNc2OVZf_vKcak9Da6JyOf22ncovyFsDupgQt9w8r8oUuy5DZ9rNEGj2YCE42BpRjDR6GybX_LjndIMggjXDtPn8xeyWedxVDg&sig=Cg0ArKJSzDZdAr6JyRH2EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=806&vt=11&dtpt=513&dett=3&cstd=288&cisv=r20221207.49466&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.208.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 31 Dec 2022 09:21:30 GMT

GET
H3 200 QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js Show response
pagead2.googlesyndication.com/bg/ Frame 83EF 36 KB
16 KB 20ms
20ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 20:49:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 304326
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15878
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Dec 2023 20:49:24 GMT

GET
H2 200 drop_cookie_sw.php Show response
csync.smilewanted.com/ Frame 72F7 0
361 B 27ms
26ms Document
text/html 104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/drop_cookie_sw.php
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 7821f2031aa2927d-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 31 Dec 2022 09:21:30 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2

200

63efe3b826707541f628dadb689854fb Show response
csync.smilewanted.com/set_partner_userid_get/freewheel/ Frame E4D4
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
https://csync.smilewanted.com/set_partner_userid_get/freewheel/63efe3b826707541f628dadb689854fb?gdpr_consent=&gdpr=0

0
399 B

31ms
31ms

Document
text/html

104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/freewheel/63efe3b826707541f628dadb689854fb?gdpr_consent=&gdpr=0
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 7821f2045cb8927d-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 31 Dec 2022 09:21:30 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
Date: Sat, 31 Dec 2022 09:21:30 GMT
Expires: Sat, 31 Dec 2022 09:21:30 GMT
Location: https://csync.smilewanted.com/set_partner_userid_get/freewheel/63efe3b826707541f628dadb689854fb?gdpr_consent=&gdpr=0
Pragma: no-cache
Server: nginx
x-sticky-vk: 1672478490204055-553

POST
H2 200 events Show response
khn.crowdad.io/ 0
104 B 33ms
33ms XHR
text/plain 54.220.80.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://khn.crowdad.io/events
Requested by: Host: d2r08ja41ypc0t.cloudfront.net
URL: https://d2r08ja41ypc0t.cloudfront.net/WALLA/kahoona-idx-live.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.220.80.235 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-220-80-235.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.walla.co.il
date: Sat, 31 Dec 2022 09:21:30 GMT
access-control-allow-credentials: true
content-length: 0

OPTIONS
H2 200 events
khn.crowdad.io/ Frame 0
0 31ms
30ms Preflight 54.220.80.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://khn.crowdad.io/events
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.220.80.235 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-220-80-235.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.walla.co.il
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://www.walla.co.il
content-length: 0
date: Sat, 31 Dec 2022 09:21:30 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FF6F
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

19ms
17ms

Document
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 31 Dec 2022 09:21:30 GMT
expires: Sat, 31 Dec 2022 09:21:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 31 Dec 2022 09:21:30 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 l
www.google.com/ads/measurement/ Frame 48C0 0
0 48ms
47ms Image
text/html 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQa3KFU_os0nxPZ6HVYmCM9lgDp25GoXWqX2Xot0GFEjQLXnRU_7gaqtPTS9pnUGVsRfinoFFvUtlhAm6rnkft6sIlZJg
Requested by: Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 48C0 153 KB
47 KB 58ms
58ms Script
text/javascript 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 31 Dec 2022 09:21:30 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 743A 42 B
64 B 54ms
53ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 48C0 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 50180594c35d319cc9d399615b316298b5d92327a234316868695b937ab791f8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 css
fonts.googleapis.com/ Frame EF39 4 KB
1 KB 107ms
45ms Stylesheet
text/css 2a00:1450:400d:805::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3f714f28225e03c64ce6cd24eb1f076426d54a0c7bdadd813b590013008b9f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 31 Dec 2022 09:21:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 31 Dec 2022 07:26:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 31 Dec 2022 09:21:30 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 7764 41 KB
15 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 14:16:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 241475
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Dec 2023 14:16:55 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 90F7 1 KB
643 B 21ms
20ms Document
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 6807
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 31 Dec 2022 07:28:03 GMT
etag: 48472445140208031
expires: Sun, 01 Jan 2023 07:28:03 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 7764 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5d615c958a69b1703593129541742e7312178dc53dc9425e1f232f4145edc46d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/8545329873006492075/ Frame FAA7 142 KB
22 KB 20ms
20ms Document
text/html 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8545329873006492075/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5728239d6302f134e425b17d7758bc6f4206b4acfc035db7f8625c2f1bbdea5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 238012
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 22810
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 28 Dec 2022 15:14:38 GMT
expires: Thu, 28 Dec 2023 15:14:38 GMT
last-modified: Wed, 09 Feb 2022 10:36:00 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7764 0
0 62ms
61ms Fetch
image/gif 142.251.208.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst9XUxJjrihcn1-eIFGPnFDWijq178atcWiViN9swhQFduiqTYsmVtsYR3QelQBH90ILNw8wVVuWIR4vd1ANGZl2041-3UhjcMRyj7AmAOv84dx0CjwnEu5-JzWUMtHoD77_NILkDIfGnksF5TFx-RvFWCy3_m5J5wrzexaX_onYDnwvoBxvIm68qFsLCcACFfOpUO21rdcF6zNuauYIKZjoVOEB_SdcVJkIpLeGAjtpjo1RNDGHlr0dZ9pkVijPqfLar2h5t176qDQNL0EW0bcedGuLjwYmMZEmXcLU2BF7duqATbyd8zzrcjQMY_41WVbT6cjc_mjE0Y05sgb2mF0oENexMdQpls_0okp9uist9WUZzWA6cBrnuXI_In3gtP6rj_JMFtAAIfMhYC_GiXhkDcOVEJfugMjTHgxI8eL3SlsyZjgr9qxhavo9LaSK-CEhbkzl1DPqVntkUcADg7HIRjuWeMqoOSFozk6eX4pPqqtQTdTPcAZNj9YIWe-YjXF7Opizrw422SUxwfZNQCQgJvCEDWUnIgHVGpxd9oLJ4DV7SW1JZ0T8lJWqI2CgQTNMugeft3CwXP4FPHYtcZ44iYbn3vlsjF7bCYzak65P8bJ-IWqry-ywZXRGEz5tgy-Ovr1-7saxlyGOyZfEod8jds3kXoalRm5GAgOPxLOUYpyaGHWkDRcTBaKEKIyNhXJIRFcYEdn7UQEUIgczhXkkfpxcGoSzIevThfHc9Bv27ynUS8wpIFGdjVuPsQG-t01746xY5gUftgcem9zyasw6vMrdBgrwj54iCrVdu5PZR9VJH68wPfMpQYRRdWCujarrZ19TjNNQOmocqedWGksYS7tNZhPaYUDYgy7dcrTVa6T-fGntaYTT5kDSSKCoH93L6wzTAk_B--FYyfvpQMAAbwWvNT53_rS-udyEQI4tRPjzkBGi1_lWYwn2t6ssUSghlGmZ_Hga-fe8IcvtlJpK4y7wcz4Yc6YCuXMsdjhQpJMXC7e5evY1SqZqCWi7s3TLqj2FdB2SiEHgTQC2Q7l_twN8h29nF-N41DocjrnhvlBEzIYKvMVCoNaMkAICKQSm5-JOzDjS5NPUyOUWKQD_KP-_4sy1HBsrBNPguba3fFwGmzTVggdQvKIfi9t2KV6qkukSCRKvobzK3UzEUA0AjrA4i4lNeDD21gRvyU5BqiB_xB1xL21P6ZI19JyY0lC3_HY-HYl-Ymv9P8hxIvqUuEk3G_feqS32eezAShy2oGAz2kwd3Zktykv0w&sai=AMfl-YR5Hovb-Ux_P5CdHZo94JyO5bp383Gx2nCjMejYGz0JwUmWvJCJwV6J3-lkGMqwSbhZJc9kOlx1FZpviWZJvIpeYc88Qqyy0QO7qTqFY7gPdA9qxFmER4FSiHXQaPAN2b7bPW2Zb31IgsNph5mg-GXh7oCRRzsG7g4cG-SJEo_SuGZGtguLQ6ZpDinJYkzR1CDr8M6Pc1l5ZFwn-1N4At4p7686qOADRB37EgvQdTXAGuxJFajA8W9KpA5geLsPHWkS-ZHiZqpc1Q&sig=Cg0ArKJSzBLj-Ln4-dFjEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=267&cbvp=1&cstd=266&cisv=r20221207.13047&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.208.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 31 Dec 2022 09:21:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 31 Dec 2022 09:21:30 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 2F1A 41 KB
15 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 14:16:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 241475
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Dec 2023 14:16:55 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame C122 1 KB
643 B 20ms
20ms Document
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 6807
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 31 Dec 2022 07:28:03 GMT
etag: 48472445140208031
expires: Sun, 01 Jan 2023 07:28:03 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 2F1A 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 10f55659f38c04e7aa7f5bec2bc9d48ee095cffd16ad98df3be933eaeab93ab2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 743A 41 KB
15 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 24 Dec 2022 10:02:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 602353
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 24 Dec 2023 10:02:17 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 743A 0
20 B 54ms
54ms Image
image/gif 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 743A 0
27 B 119ms
74ms Image
image/gif 142.251.208.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssiyxp1g00DWYImEysfsGizwh5UvOIzyHZHwALwdR20OJ25sreI4ZOmYTx0PGW_yJmG0xMveqegGSk_pJcTW0DRARjtDnXmRGxsBavzuV-hhGVmyVrul5W3AWip2uBINo7t-Y10Pom2EkuwnJqj4MvUN9u0vwq7Uw4yiUS5SUU-Ar_1qbB4KYzPv0fpRM_9ZvBkiED-hW019kEs9AIUQpxO2EhVhUejDvh3iJL8EK8rPYihLIuFvqabxvE7qL0_FVQCTeKssc-3Be1qygOIB-KJiU7W4jUbXWMlPb-aEpduayj0fv7tgUA5rMUtL11fXZ-8o4Q6i7Hgya5D54_hMeRgPo6CGA1Qr3CHzIfW0WY6jjDPKkjOOOE3ZHXp9buKhPtWRjwmg5VnJLn9e9yDoD-sJ0zZpF1TXU3PoTvXFTSCmDdPwjG17QlNU_HRLWi9tcVqDQlqH0NbYDi2fs2dEmYgVyNB14ir_f14kxJdIq_FqdndmDXJDMfJHpak7IKMbnH1iyXyGa6m6tl1qMPUAAVS0s00Ai1UPJybc_y7jJo8KH22jRdXsSx55Y2dtzayY3UKrWRvU9IgBZbjc2H4Ax6Sj-LuSDYCcZ_PZzKtwTnjhzmo4s2EHdT3gZZ1wlTdujfXzJk3GfoU4XE9ji2ZtnhhWgJd2N-lKcsO-rQO8uy-I0sV_MaO9pIjhBhgso5HtKofQPIht4kR6lnf04UWekrfhkGaP9Tyux43MjSNlD1MQv10igqwnK6XWu_lNIIe6-GcfOArLGcAvVsulztkPjnuW3-F23vn2JQDJGzU4u68A0XEg7Zq180giU5NTASOeGRZMK2Crg_rdUm6lyEfh6GdYmPcqQIjErl-YyVV02LuzfUpljHofZPmSFJz6rJ_-p8oYEvmuhVKj9xEwELEi3aj5KzPtSp-5w8zsNmoF9NbsYYbdME2YTZjEz13l3fNQJdN12Szbp_bN4_xy0zXsGN6bPrhoteIyaKppIdwwI5FoNUk5piLGb7jEncoCNYehJ1VgquOHox06BcZv1-GbPvJpemyOpARVdUT1OnlAx73jk_GW6z0jKrGC8ymRB1euN1e599DmeoJlplrtthd1wlbtsSGPZeFvAnyszJP4VzMJ6CZs8e-sx3Vy96uP7rm63WSBuDBJBohMwt0E8RGYd-DgOQcvc3lGSVOvTbIk0aOItA-PCsLRgTloDi3gncBvjQdfe-lwNBbMFFlFziQ3gWK3OI5&sai=AMfl-YS4JEqzY05ip3ODUTySRf_aWfa5UZssEldsyrVrS-fY9bsuY6Bm6wl3hfpmSWbBizmJYXAUr2_ifu7I-fMq1K5aqL-cS7rQNSfhogTJtLK0LRNKhBcpyIEh2fi7o40kUuCivc7rqH3zrR0dZQvM5tKwnEEdGcoIG0e_O4Smtm-snAeqaBuZ7VqgR06vYrSf7VxEPUG2zWRDDZu3Pr2ynuVUdu3wv5alBHDWacuT_AHQAZRSraHXhdVD4e_nxeaO15gPp6z300Q&sig=Cg0ArKJSzHYgpjDOdXHbEAE&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&fbs_aeid=[gw_fbsaeid]&urlfix=1&sdkv=h.3.549.0&adurl=

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.208.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 31 Dec 2022 09:21:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 pixel
googleads.g.doubleclick.net/xbbe/ Frame 743A 0
0 51ms
49ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARjQsonRASABMAE&v=APEucNUkl9Dj9GWDjbR-LqZRP90VDthfHKW-qYwk64aEVY8_0nNGFb25okDaS-pyijl9Tihwmf62uwup6BJaaItobLN4-c8-Xw
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 743A 42 B
64 B 52ms
50ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=C4-EXGP-vY_7KNJPtx_APgLizkAWz5Jz1bb-p1aSbEP_1kOPXAhABIJmjzypglZKWgqgHoAHIx7XyAsgBBagDAZgEAKoE_wFP0FANrkEU4Or40xRj24B4JxevcdJWo3xqd3UP0fCa6R7kjYC435SFjKOwuA4N3F6cTrWaXrCYjhOG4dYGdQJD1cJA6fhqRVurUbmbR041xfcL02hcjQNIwzVEruaaNsS_ea3Tg2GxUBEOvAWEemknUqC18GGRg5uANf3ROaWUlsl3tWlZG7nEO2fJhVRbdAgg08i8kAQi6gqkBIJ_ag6yY8V7KEasOaQRe7v82gJCeyCLD9RKA-IFFenucdwMsAneCUNh3g1-dnz9kq7tGlDXmSRHrKaKm43FJUN2yGd4ij1UgvCYrPbdDdAHfya2WMGcM0WoAlYpz0TzesfPY4TABL7B08iNBOAEA5AGAaAGToAHoLjKjQGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE6Ks2RHQEwDYEw2IFAfYFAHQFQH4FgGAFwE&sigh=ey6G70__oOE&label=vast_creativeview&ad_mt=0&acvw=sv%3D941%26cb%3Dima%26e%3D19%26nas%3D1%26sdk%3Dh%26p%3D2821,790,3151,1377%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D30016%26vmtime%3D-1%26is%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D926%26femvt%3D0%26emc%3D4%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D604995902%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1672478488098%26ptlt%3D1672478490214%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1672478489414&sdkv=h.3.549.0&vci=CiEIAhoLQWRTZW5zZS9BZFggAyoMNjE1OTE5ODM5MDIyQAAKcAgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSADKgk1MzQ5NzU1NjMyCTE3NTk0Mjg2N0CFAVI1COAGEA8lAADwQSgBOgd1bmtub3duQgd1bmtub3duSNAFUABaEFI3bGtuZmxiWVpHX0hBWkoYAQ..

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMItNmB8sOj_AIVbTPTCh25GAm7EAAYACDT2fJTQhMI_rbk8cOj_AIVk_YRCB0A3AxS;met=1;acvw=sv%3D941%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D2821,790,3151,1377%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%...
ade.googlesyndication.com/ddm/activity/ Frame 743A 42 B
107 B 95ms
50ms Image
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMItNmB8sOj_AIVbTPTCh25GAm7EAAYACDT2fJTQhMI_rbk8cOj_AIVk_YRCB0A3AxS;met=1;acvw=sv%3D941%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D2821,790,3151,1377%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D30016%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D926%26femvt%3D0%26emc%3D4%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D604995902%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1672478488098%26ptlt%3D1672478490215%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1672478489414;ecn1=1;etm1=0;eid1=200101;

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 743A 42 B
64 B 58ms
56ms Image
image/gif 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvBOOmSHbTmUquo1LDs9Wx5knvWbdfs-Wy_lzIO4pfZIV7mrNMiQJz6WmqhvbPo0YihJOnUDozFTrGZF6erxj3cKawvcjr97tu_LhA6RrqXGjaY3PPVS1nWrQtqVjhE7A0w-s3u4A&sai=AMfl-YToy0yYE0Vru6m7tI1nlgmJwl-uh4KlGkbiAbgCMcC2lPl4cBRdk-QmXY3NT2KzCw5VoxLeRoAcpQRNwC6pQ9yYCPnzFh_s5fp5gT_vnEzy_t5tvZaPzclH5USA2Q&sig=Cg0ArKJSzLX6MY-9OvMzEAE&cid=CAQSOwDq26N9tH_u_2QAHD9Rs17yGxFJ64W8nHTP-cYUH4itCZNhdvLcP_V5Yt0W-OSdrefe837wzOGrhQFNGAEgEw&id=lidarv&acvw=sv%3D941%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D2821,790,3151,1377%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D30016%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D926%26femvt%3D0%26emc%3D4%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D604995902%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1672478488098%26ptlt%3D1672478490215%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1672478489414&avm=1

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMItNmB8sOj_AIVbTPTCh25GAm7EAAYACDT2fJTQhMI_rbk8cOj_AIVk_YRCB0A3AxS;met=1;acvw=sv%3D941%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D2821,790,3151,1377%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%2...
ade.googlesyndication.com/ddm/activity/ Frame 743A 42 B
107 B 94ms
50ms Image
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMItNmB8sOj_AIVbTPTCh25GAm7EAAYACDT2fJTQhMI_rbk8cOj_AIVk_YRCB0A3AxS;met=1;acvw=sv%3D941%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D2821,790,3151,1377%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D30016%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D926%26femvt%3D0%26emc%3D4%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D604995902%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1672478488098%26ptlt%3D1672478490216%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1672478489414;dc_rfl=1,https%253A%252F%252Fwww.walla.co.il%252F%240;ecn1=1;etm1=0;eid1=11;

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 743A 42 B
64 B 52ms
50ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=C4-EXGP-vY_7KNJPtx_APgLizkAWz5Jz1bb-p1aSbEP_1kOPXAhABIJmjzypglZKWgqgHoAHIx7XyAsgBBagDAZgEAKoE_wFP0FANrkEU4Or40xRj24B4JxevcdJWo3xqd3UP0fCa6R7kjYC435SFjKOwuA4N3F6cTrWaXrCYjhOG4dYGdQJD1cJA6fhqRVurUbmbR041xfcL02hcjQNIwzVEruaaNsS_ea3Tg2GxUBEOvAWEemknUqC18GGRg5uANf3ROaWUlsl3tWlZG7nEO2fJhVRbdAgg08i8kAQi6gqkBIJ_ag6yY8V7KEasOaQRe7v82gJCeyCLD9RKA-IFFenucdwMsAneCUNh3g1-dnz9kq7tGlDXmSRHrKaKm43FJUN2yGd4ij1UgvCYrPbdDdAHfya2WMGcM0WoAlYpz0TzesfPY4TABL7B08iNBOAEA5AGAaAGToAHoLjKjQGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE6Ks2RHQEwDYEw2IFAfYFAHQFQH4FgGAFwE&sigh=ey6G70__oOE&label=part2viewed&ad_mt=0&acvw=sv%3D941%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D2821,790,3151,1377%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D30016%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D926%26femvt%3D0%26emc%3D4%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D604995902%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1672478488098%26ptlt%3D1672478490216%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1672478489414&sdkv=h.3.549.0&vci=CiEIAhoLQWRTZW5zZS9BZFggAyoMNjE1OTE5ODM5MDIyQAAKcAgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSADKgk1MzQ5NzU1NjMyCTE3NTk0Mjg2N0CFAVI1COAGEA8lAADwQSgBOgd1bmtub3duQgd1bmtub3duSNAFUABaEFI3bGtuZmxiWVpHX0hBWkoYAQ..

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMItNmB8sOj_AIVbTPTCh25GAm7EAAYACDT2fJTQhMI_rbk8cOj_AIVk_YRCB0A3AxS;met=1;acvw=sv%3D941%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D2821,790,3151,1377%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%...
ade.googlesyndication.com/ddm/activity/ Frame 743A 42 B
494 B 93ms
49ms Image
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMItNmB8sOj_AIVbTPTCh25GAm7EAAYACDT2fJTQhMI_rbk8cOj_AIVk_YRCB0A3AxS;met=1;acvw=sv%3D941%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D2821,790,3151,1377%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D87%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D87%26pst%3D-1%26dur%3D30016%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D87%26is%3D18%26i0%3D18%26ic%3D4096%26cs%3D4114%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D926%26femvt%3D0%26emc%3D4%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D604995902%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1672478488098%26ptlt%3D1672478490219%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1672478489414;ecn1=1;etm1=0;eid1=16;

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 743A 42 B
64 B 52ms
51ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=C4-EXGP-vY_7KNJPtx_APgLizkAWz5Jz1bb-p1aSbEP_1kOPXAhABIJmjzypglZKWgqgHoAHIx7XyAsgBBagDAZgEAKoE_wFP0FANrkEU4Or40xRj24B4JxevcdJWo3xqd3UP0fCa6R7kjYC435SFjKOwuA4N3F6cTrWaXrCYjhOG4dYGdQJD1cJA6fhqRVurUbmbR041xfcL02hcjQNIwzVEruaaNsS_ea3Tg2GxUBEOvAWEemknUqC18GGRg5uANf3ROaWUlsl3tWlZG7nEO2fJhVRbdAgg08i8kAQi6gqkBIJ_ag6yY8V7KEasOaQRe7v82gJCeyCLD9RKA-IFFenucdwMsAneCUNh3g1-dnz9kq7tGlDXmSRHrKaKm43FJUN2yGd4ij1UgvCYrPbdDdAHfya2WMGcM0WoAlYpz0TzesfPY4TABL7B08iNBOAEA5AGAaAGToAHoLjKjQGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE6Ks2RHQEwDYEw2IFAfYFAHQFQH4FgGAFwE&sigh=ey6G70__oOE&label=admute&ad_mt=0&acvw=sv%3D941%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D2821,790,3151,1377%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D87%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D87%26pst%3D-1%26dur%3D30016%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D87%26is%3D18%26i0%3D18%26ic%3D4096%26cs%3D4114%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D926%26femvt%3D0%26emc%3D4%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D604995902%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26pnmm%3D1672478488098%26ptlt%3D1672478490219%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1672478489414&sdkv=h.3.549.0&vci=CiEIAhoLQWRTZW5zZS9BZFggAyoMNjE1OTE5ODM5MDIyQAAKcAgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSADKgk1MzQ5NzU1NjMyCTE3NTk0Mjg2N0CFAVI1COAGEA8lAADwQSgBOgd1bmtub3duQgd1bmtub3duSNAFUABaEFI3bGtuZmxiWVpHX0hBWkoYAQ..

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/8545329873006492075/ Frame 75C3 142 KB
22 KB 21ms
20ms Document
text/html 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8545329873006492075/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5728239d6302f134e425b17d7758bc6f4206b4acfc035db7f8625c2f1bbdea5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 238012
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 22810
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 28 Dec 2022 15:14:38 GMT
expires: Thu, 28 Dec 2023 15:14:38 GMT
last-modified: Wed, 09 Feb 2022 10:36:00 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2F1A 0
0 66ms
65ms Fetch
image/gif 142.251.208.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuEe3E6nu7RSA6XeTCrrvkCT_YxM9ZCnaClvJ1cAmXcESiycUld-eof2LKMi_GVcg7tFHQ1CgR2Y-KCjG0ifT4FQjh_9qB2lGar38CokmCLt8tArKNMr8r1A87WHlxSDuUstue2ZcoqGP8vCBZKc2jepDPfU4apVf2ADMwo1w_r-E_6KendPlKvoxrKqb5Clt79EKYG_QRQfx2derZ2RH8bfKXH6GaFYhyG8s75W59kH1CSMHqKC4Unrz1gV4dZGhsPGJEUaMM8-c58iISdbf8lXcYk04g0YHoGvy10uAjDA3EtR7KJPBbkKHrTbv6tyP9VWpBLulivznnFUi-rGoa19LVrH26NEyO9nzHxCcNoANWfqGyecD_aSYnJWOpyEkW6VIJzempci2_MbAr3gNu8oz5kpgQ5pf73WsKj3RrTptit4Br2YrZ-ZI_RKFTMS5j13GTCWaijcgd9OJcYzSYZlLElzDz4Knp72qfo1Op6TgGofIw5CbxyQ_IYDI7-67D8hZgSw2lagYLnzauL1C4hHFpxXxrKenSuvkPqlkbASmZ94gww6oq2VRzyotcHWoX1LlxXTm-RWcvDRyrturdpx4GV0W5KVk-SqRxG13BoVMuA3impIu_vlOHZ1uEDUH547ImHlH-afHOO_SVDzVaJI6slrE0mvghAqRXsQIUBtq915MAJtTWfuhSlL4BkiO_wNil0Qxl1ZWFDeJegkIGfRjaouMH7cLBNFGBhk0KNdcpp1m8gi7jW0jqVAhkASWsxEuOGS4TYYzE3ZZgSJT_wHtf-mpo22BdEDh92QRtjIz_QRGVRI_lJ5ZESz0Snn_X5PcHafdfqvXbhGC1LCa1EihSQRYn7tM2Ste8x2jiodDTd4ezGpmraGs9og6edoSkukUC5-PR5lR809ZpWtsfPy-ZOKaq2aCjn6lc59DrYxNogoZJnZ0U8h58uglZuicAUu8D_RIRUmzk2Iw54MuZheGjoR7VSdaQ2G_Uo5KI5_E_v99kjMEA86WkaFiqSaMGQIMCQQ0MLzGfrQvExMy1q5Zso31VUqRiPmlK5oehT5fBB5ncDZpL0RPtjSc8bWUlrwyiWHPbYSYPkMgI_JYgEHFwvaSVJgpJHvDNpnRibDgTIi8WSpjz5n-7YVrv6j5vJ9P797N582QaTbFXHqY7Bg7Dnxv4wkuhQvI2EtKJzg0GTUrGT1GfWiNhNH_b70Tcs9CMI2FMzs0CRbtwZZlagSxZOYanqI8XKYGvSs3r1WPuUml1MQbNK&sai=AMfl-YSoSpQ0VC8bXE5WCst83A3qjpiBVn9Qbg5uxVgaZr92FJUQd0NWQR43txuA7z4--G92mZkOFxKaGHU7AHkAJI9Q1UEEPEK5r0ajffi8NuOHigUOQGckCceBcTBOgfpiEmQflbfCRiuNn_mQeB3xkJp1b4ADlBWB6fzL4EeycGFh_YdzPT1WAT1eBeXjUd6lnAvq3ilOWHV9RARsLxVCyRcrJKte8rb8KiPqCpHpSM7qzftEY-7RHkFq0LMKg_y9iZyzTqQskSdQlg&sig=Cg0ArKJSzFWC9OhUw07LEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=283&cbvp=1&cstd=281&cisv=r20221207.00912&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.208.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 31 Dec 2022 09:21:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 31 Dec 2022 09:21:30 GMT

GET
H2 204 v1
match.sharethrough.com/universal/ Frame E359 0
0 39ms
12ms Document
text/plain 3.69.128.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.69.128.123 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-69-128-123.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

date: Sat, 31 Dec 2022 09:21:30 GMT

GET
H/1.1 204
No Content smw888.gif
us.ck-ie.com/ Frame 5023 0
0 273ms
88ms Document
text/plain 8.2.110.114
NATCOWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 8.2.110.114 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Type: text/plain
Date: Sat, 31 Dec 2022 09:21:30 GMT
Server: nginx

GET
H3 200 DcmEnabler_01_247.js Show response
s0.2mdn.net/879366/ Frame FAA7 29 KB
10 KB 22ms
22ms Script
text/javascript 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 20:09:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47515
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10136
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 31 Dec 2022 20:09:35 GMT

GET
H3 200 DcmEnabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 75C3 29 KB
10 KB 20ms
20ms Script
text/javascript 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 20:09:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47515
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10136
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 31 Dec 2022 20:09:35 GMT

GET
H2

200

7ctc1kcITs0Fu8pB9fMY Show response
csync.smilewanted.com/set_partner_userid_get/rtbhouse/ Frame 217E
Redirect Chain

https://creativecdn.com/cm-notify?pi=smilewanted
https://creativecdn.com/cm-notify?pi=smilewanted&tc=1
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/7ctc1kcITs0Fu8pB9fMY?pi=smilewanted&tc=1

0
426 B

29ms
28ms

Document
text/html

104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/7ctc1kcITs0Fu8pB9fMY?pi=smilewanted&tc=1
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 7821f2053e4b927d-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 31 Dec 2022 09:21:30 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
date: Sat, 31 Dec 2022 09:21:30 GMT Sat, 31 Dec 2022 09:21:30 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/7ctc1kcITs0Fu8pB9fMY?pi=smilewanted&tc=1
pragma: no-cache

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame 2F1A
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/990511/61634100/4.js?ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=&adContainerId=brand_safety_Gf-vY4...
https://static.adsafeprotected.com/4.js

1 KB
1 KB

16ms
9ms

Script
application/javascript

2600:9000:214f:a000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js
Requested by: Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2600:9000:214f:a000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 26 Dec 2022 16:54:38 GMT
x-amz-version-id: 2Pg_7dCiVzLnRDq1elVhHSnZiqqlc8yQ
content-encoding: gzip
via: 1.1 f960fa0538fdb326fc338e984fa7ece8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 404813
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 12 Dec 2022 16:54:35 GMT
server: AmazonS3
etag: W/"33dffa7df253125904b2f354b5bb5e8d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: 3POU32pkYl3VbjQxQoGUvkYtf1l7tYuoWk6JNInZpTTtVCAv4gDqfQ==

Redirect headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:30 GMT
server: nginx
x-server-name: app18.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 171E 91 KB
23 KB 53ms
14ms Script
application/javascript 2600:9000:214f:a000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:a000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 f960fa0538fdb326fc338e984fa7ece8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 8703914
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: vFyP_QgHqtvY3Af4sRImjtK1Dw85m9ijkYn1uT04nTduxqMy89Ip7w==

GET
H/1.1

200
OK

setuid Show response
ib.adnxs.com/prebid/ Frame 72E6
Redirect Chain

https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%...
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=24d5d2111c0b9b698ba36841a7691e64

43 B
1 KB

15ms
14ms

Document
image/gif

185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=24d5d2111c0b9b698ba36841a7691e64

Requested by

Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

AN-X-Request-Uuid: 3f816883-5dbb-4c31-ada2-f14b4a52b645
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Sat, 31 Dec 2022 09:21:30 GMT
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma: no-cache
Server: nginx/1.21.3
X-Proxy-Origin: 81.95.5.35; 81.95.5.35; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 7821f2052e20927d-FRA
content-type: text/html; charset=UTF-8
date: Sat, 31 Dec 2022 09:21:30 GMT
location: https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=24d5d2111c0b9b698ba36841a7691e64
server: cloudflare

GET
H3 200 css
fonts.googleapis.com/ Frame E1B4 6 KB
672 B 85ms
44ms Stylesheet
text/css 2a00:1450:400d:805::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700,300&subset=latin

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 31 Dec 2022 09:21:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 31 Dec 2022 09:09:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 31 Dec 2022 09:21:30 GMT

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame 7764
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/990511/61634100/4.js?ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=&adContainerId=brand_safety_Gf-vY8...
https://static.adsafeprotected.com/4.js

1 KB
1 KB

8ms
8ms

Script
application/javascript

2600:9000:214f:a000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js
Requested by: Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2600:9000:214f:a000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 26 Dec 2022 16:54:38 GMT
x-amz-version-id: 2Pg_7dCiVzLnRDq1elVhHSnZiqqlc8yQ
content-encoding: gzip
via: 1.1 f960fa0538fdb326fc338e984fa7ece8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 404813
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 12 Dec 2022 16:54:35 GMT
server: AmazonS3
etag: W/"33dffa7df253125904b2f354b5bb5e8d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: CrSwBD59Fy81P7cJ8i0VpXizqYl7W9wrhQQRFrgFLsuBqRn-S-u8-Q==

Redirect headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:30 GMT
server: nginx
x-server-name: app14.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 5C78 91 KB
23 KB 11ms
11ms Script
application/javascript 2600:9000:214f:a000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:a000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 f960fa0538fdb326fc338e984fa7ece8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 8703914
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: KmapbvlvkW46kWW-QPjfYMk1IRTorbETHbxqe2NBSHXpoNAUbPfqpQ==

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 98BF 22 KB
8 KB 13ms
12ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 241475
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 28 Dec 2022 14:16:55 GMT
expires: Thu, 28 Dec 2023 14:16:55 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 3488809637579780263
tpc.googlesyndication.com/simgad/ Frame E1B4 10 KB
10 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3488809637579780263

Requested by

Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49257f2b0e2f407b405d879814328ec4e6a62c4127d2e785beb4a0aa19f9ffaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 24 Dec 2022 11:34:16 GMT
x-content-type-options: nosniff
age: 596834
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10345
x-xss-protection: 0
last-modified: Wed, 23 Mar 2022 15:21:01 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 24 Dec 2023 11:34:16 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 90F7
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESELzL2L28q4812vpLh-UIzGU&google_cver=1&google_push=AavPq0NWuK9OKUq1Pq9ipvjrrB8z4oLUFGugSaWjrkuQGC6cliZBQeiXwViOsV0ifrZ9avL5Cj9lzNsHcHBJnkPLpUMySGrftidQ6A
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E7A2B62F53D146028BC9E6C1F559061C&google_push=AavPq0NWuK9OKUq1Pq9ipvjrrB8z4oLUFGugSaWjrkuQGC6cliZBQeiXwViOsV0ifrZ9avL5Cj9lzNsHcHBJnkP...

170 B
188 B

43ms
43ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E7A2B62F53D146028BC9E6C1F559061C&google_push=AavPq0NWuK9OKUq1Pq9ipvjrrB8z4oLUFGugSaWjrkuQGC6cliZBQeiXwViOsV0ifrZ9avL5Cj9lzNsHcHBJnkPLpUMySGrftidQ6A

Requested by

Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 31 Dec 2022 09:21:30 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E7A2B62F53D146028BC9E6C1F559061C&google_push=AavPq0NWuK9OKUq1Pq9ipvjrrB8z4oLUFGugSaWjrkuQGC6cliZBQeiXwViOsV0ifrZ9avL5Cj9lzNsHcHBJnkPLpUMySGrftidQ6A
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 30 Dec 2022 09:21:30 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 90F7
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEMwvA-jOx95tAFV1RvGMyq4&google_cver=1&google_push=AavPq0Ns_E02VU54JacsnwgAeIWM2UXpHGDm4xtrSNKLTlpeaT1NX9l27c1C6nEnR7aemHOtjWK5FoZGHTj...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AavPq0Ns_E02VU54JacsnwgAeIWM2UXpHGDm4xtrSNKLTlpeaT1NX9l27c1C6nEnR7aemHOtjWK5FoZGHTj9fSS2H1mhAruXTvyrmg&google_hm=kmDKUYTxRLeCaiDAEL...

170 B
188 B

44ms
43ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AavPq0Ns_E02VU54JacsnwgAeIWM2UXpHGDm4xtrSNKLTlpeaT1NX9l27c1C6nEnR7aemHOtjWK5FoZGHTj9fSS2H1mhAruXTvyrmg&google_hm=kmDKUYTxRLeCaiDAELqxOCM

Requested by

Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:30 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AavPq0Ns_E02VU54JacsnwgAeIWM2UXpHGDm4xtrSNKLTlpeaT1NX9l27c1C6nEnR7aemHOtjWK5FoZGHTj9fSS2H1mhAruXTvyrmg&google_hm=kmDKUYTxRLeCaiDAELqxOCM
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 90F7
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEFLA40TKfyheTouIcQQjGdI&google_cver=1&google_push=AavPq0PkZcOlkkcRSC6yyIRAubT0qaxLfkiPQmkaoDW-UM9rzIlji0cJwqJ5iFHjvLAHOU3-SvdA7tawtCor2zXgC7895uU...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0PkZcOlkkcRSC6yyIRAubT0qaxLfkiPQmkaoDW-UM9rzIlji0cJwqJ5iFHjvLAHOU3-SvdA7tawtCor2zXgC7895uUEa3VYcg&google_hm=eS1zN1NOTlVGRTJwSHlI...

170 B
188 B

46ms
45ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0PkZcOlkkcRSC6yyIRAubT0qaxLfkiPQmkaoDW-UM9rzIlji0cJwqJ5iFHjvLAHOU3-SvdA7tawtCor2zXgC7895uUEa3VYcg&google_hm=eS1zN1NOTlVGRTJwSHlIOXZoblpzY1JpM2pOMmdCdndsVn5B

Requested by

Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 31 Dec 2022 09:21:30 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0PkZcOlkkcRSC6yyIRAubT0qaxLfkiPQmkaoDW-UM9rzIlji0cJwqJ5iFHjvLAHOU3-SvdA7tawtCor2zXgC7895uUEa3VYcg&google_hm=eS1zN1NOTlVGRTJwSHlIOXZoblpzY1JpM2pOMmdCdndsVn5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 90F7
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELt_9tA64n2c7lShc-0DRpk&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELt_9tA64n2c7lShc-0DRpk&google_hm=Y6__GX4k0RL85DpHIYUDBgAADHgAAAIB&google_nid=index&google_push=AavPq0M1VNsNsZfjJqtCyrjMknAg1hO5cJpJy...

170 B
188 B

44ms
43ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELt_9tA64n2c7lShc-0DRpk&google_hm=Y6__GX4k0RL85DpHIYUDBgAADHgAAAIB&google_nid=index&google_push=AavPq0M1VNsNsZfjJqtCyrjMknAg1hO5cJpJy4tRuYKxTEpfG_sMR_xnue3M1FgdplzXUpCbsvb0XZRh1deYt1rbumqvPZbqNBLu

Requested by

Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:30 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DQ5Rf1SHn7ItKrLea0OgnQ0z534goMYaEvvPQ8IzLkrwa%2F3RFv7JRqj5%2B3CZfXIMvPDoTr66K7XT19ZbeXD2Jla6wmikXllhDWMjsZuVhXioJuFy%2Bwe1MPFt78WQ4wK13o9HiRts%2B0NDbA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELt_9tA64n2c7lShc-0DRpk&google_hm=Y6__GX4k0RL85DpHIYUDBgAADHgAAAIB&google_nid=index&google_push=AavPq0M1VNsNsZfjJqtCyrjMknAg1hO5cJpJy4tRuYKxTEpfG_sMR_xnue3M1FgdplzXUpCbsvb0XZRh1deYt1rbumqvPZbqNBLu
cache-control: no-cache
cf-ray: 7821f2061e5abbe3-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 90F7
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESENBwKOMT3OmQlcjtO7tc7dE&google_cver=1&google_push=AavPq0OoL6GvTRM8Sn9KhdnMv0Wqo4ZEX-IuIRFRr6EOQ5bfln9vrckQ_q5URIo-uZOgQoxHh99uhVAdGMF5sDxdT...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESENBwKOMT3OmQlcjtO7tc7dE&google_cver=1&google_push=AavPq0OoL6GvTRM8Sn9KhdnMv0Wqo4ZEX-IuIRFRr6EOQ5bfln9vrckQ_q5URIo-uZOgQoxHh99uhVAdGMF5sDxdT...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AavPq0OoL6GvTRM8Sn9KhdnMv0Wqo4ZEX-IuIRFRr6EOQ5bfln9vrckQ_q5URIo-uZOgQoxHh99uhVAdGMF5sDxdT2MX6Mg41HqQvg&google_hm=F6ERvGZHntJY28Y3QlS6...

170 B
188 B

44ms
43ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AavPq0OoL6GvTRM8Sn9KhdnMv0Wqo4ZEX-IuIRFRr6EOQ5bfln9vrckQ_q5URIo-uZOgQoxHh99uhVAdGMF5sDxdT2MX6Mg41HqQvg&google_hm=F6ERvGZHntJY28Y3QlS6XFaB

Requested by

Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sat, 31 Dec 2022 09:21:30 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AavPq0OoL6GvTRM8Sn9KhdnMv0Wqo4ZEX-IuIRFRr6EOQ5bfln9vrckQ_q5URIo-uZOgQoxHh99uhVAdGMF5sDxdT2MX6Mg41HqQvg&google_hm=F6ERvGZHntJY28Y3QlS6XFaB
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap7ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 90F7
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESECB5Tj76sRNu8mV-91GVqV0&google_cver=1&google_push=AavPq0Nnk5E1P5w--...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NjE0Mjg4NDA4ODkyMzYyNjEyOQ%3D%3D&google_gid=CAESECB5Tj76sRNu8mV-91GVqV0&google_cver=1&google_push=AavPq0Nnk5E1P5w--KFgG1B_-ngkXlcSG8...

170 B
188 B

42ms
42ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NjE0Mjg4NDA4ODkyMzYyNjEyOQ%3D%3D&google_gid=CAESECB5Tj76sRNu8mV-91GVqV0&google_cver=1&google_push=AavPq0Nnk5E1P5w--KFgG1B_-ngkXlcSG8sG1NKSm9GXkdBZkA-pLCJGHTSifEEbOBiiARylK-WY-Q2xkOZ5rTSPAHxh1jMosA7a6A

Requested by

Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sat, 31 Dec 2022 09:21:30 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 81.95.5.35; 81.95.5.35; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: c32099d5-77c2-4332-a4c2-d72fb4b8a8ff
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NjE0Mjg4NDA4ODkyMzYyNjEyOQ%3D%3D&google_gid=CAESECB5Tj76sRNu8mV-91GVqV0&google_cver=1&google_push=AavPq0Nnk5E1P5w--KFgG1B_-ngkXlcSG8sG1NKSm9GXkdBZkA-pLCJGHTSifEEbOBiiARylK-WY-Q2xkOZ5rTSPAHxh1jMosA7a6A
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 90F7
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEPJJQsSHP...
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=0f105afb-2092-42b4-a326-8c182e7c26d7&%%GOOGLE_PUSH_PAIR%%

170 B
188 B

43ms
43ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=0f105afb-2092-42b4-a326-8c182e7c26d7&%%GOOGLE_PUSH_PAIR%%

Requested by

Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=0f105afb-2092-42b4-a326-8c182e7c26d7&%%GOOGLE_PUSH_PAIR%%
date: Sat, 31 Dec 2022 09:21:30 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 90F7 0
12 B 43ms
42ms Image
text/html 142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JpJSOaXcN5YM5DfCWEvEDGzo97_sVgMrm9hmqRJXIVBJV_WJf4x-195waNt0hdhvkZBnFX--s

Requested by

Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:30 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 connectmyusers.php Show response
cdn.connectad.io/ Frame AF60 1 KB
824 B 68ms
35ms Document
text/html 2606:4700:10::6816:36ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7821f205fbe72bf1-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 31 Dec 2022 09:21:30 GMT
server: cloudflare

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame EF39 13 KB
13 KB 42ms
11ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 26 Dec 2022 17:43:57 GMT
x-content-type-options: nosniff
age: 401853
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13036
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Dec 2023 17:43:57 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame EF39 13 KB
13 KB 41ms
9ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 18:50:20 GMT
x-content-type-options: nosniff
age: 52270
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12924
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:02:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Dec 2023 18:50:20 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 2F1A 43 B
215 B 562ms
163ms Image
image/gif 2600:1f13:800:7781:4e87:2a9d:c066:aa6b
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=db0458b7-4be3-4dc2-9a1b-090ece622c21&tv=%7Bc:ymEG4z,pingTime:-3,time:174,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:22%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:174,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:22,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B169~0%5D,as:%5B169~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:trAhiNT+111%7C112%7C12%7C13%7C14%7C151%7C152%7C153%7C1541%7C161%7C162%7C17%7C18%7C19%7C1a%7C1b1%7C1b2%7C1b3%7C1c1%7C1c2%7C1d*.990511-61634100%7C1d1%7C1d2%7C1d3%7C1e1%7C1e2%7C1e3%7C1f%7C1g%7C1h%7C1i%7C1j,idMap:1d*,rmeas:1,rend:0,renddet:na,siq:24%7D&br=c
Requested by: Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:4e87:2a9d:c066:aa6b Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:31 GMT
server: nginx
x-server-name: dt10.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 2F1A 43 B
216 B 557ms
161ms Image
image/gif 2600:1f13:800:7781:4e87:2a9d:c066:aa6b
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=db0458b7-4be3-4dc2-9a1b-090ece622c21&tv=%7Bc:ymEG4B,pingTime:-6,time:176,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:176,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:22,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B170~0%5D,as:%5B170~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:trAhiNT+111%7C112%7C12%7C13%7C14%7C151%7C152%7C153%7C1541%7C161%7C162%7C17%7C18%7C19%7C1a%7C1b1%7C1b2%7C1b3%7C1c1%7C1c2%7C1d*.990511-61634100%7C1d1%7C1d2%7C1d3%7C1e1%7C1e2%7C1e3%7C1f%7C1g%7C1h%7C1i%7C1j,idMap:1d*,rmeas:1,rend:0,renddet:na,siq:24%7D&tpiLookup=ao:www.walla.co.il*&br=c
Requested by: Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:4e87:2a9d:c066:aa6b Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:31 GMT
server: nginx
x-server-name: dt09.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H/1.1

200
OK

getuid Show response
sync.smartadserver.com/ Frame 1F31
Redirect Chain

https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]
https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1

0
75 B

21ms
21ms

Document
text/plain

185.86.139.89
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.89 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
date: Sat, 31 Dec 2022 09:21:30 GMT

Redirect headers

cache-control: no-cache,no-store
content-length: 0
date: Sat, 31 Dec 2022 09:21:30 GMT
location: https://sync.smartadserver.com:443/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
pragma: no-cache

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 1B5D 22 KB
8 KB 11ms
10ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 241475
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 28 Dec 2022 14:16:55 GMT
expires: Thu, 28 Dec 2023 14:16:55 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dpixel
cms.quantserve.com/ Frame C122 35 B
463 B 45ms
10ms Image
image/gif 2620:116:800d:21:93ca:31d8:d86e:38f6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEF3md_hvwJUqawG4SNiNq70&google_cver=1&google_push=AavPq0O9kXcplwmW2bmYbOxkL3raVXYT_jCNjBEhwj3FmK-BtsJZpkTnMJYpivYNFIRv-XBoV_RNmW0Xo-S69VE5zD4V92C4qOwj

Requested by

Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:30 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C122
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WTYtLUdRQUFEZEdKWndBZQ==&google_gid=CAESEDAIWOy4pprOpqvcnBgWQUk&google_cver=1&google_push=AavPq0NNUu6_ZrRhGeehMyBwPwR2zdBPeB...

170 B
188 B

45ms
44ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WTYtLUdRQUFEZEdKWndBZQ==&google_gid=CAESEDAIWOy4pprOpqvcnBgWQUk&google_cver=1&google_push=AavPq0NNUu6_ZrRhGeehMyBwPwR2zdBPeBzkpc1DeeHCNdLREBkK2ulqHTy5Uuce0jnvNyfR6NrOEVkxM6L3FBezPyg-YAZ1DAh_

Requested by

Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-hhn-etou8220042-HHN
pragma: no-cache
date: Sat, 31 Dec 2022 09:21:30 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1672478491.558193,VS0,VE0
x-cache: HIT
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WTYtLUdRQUFEZEdKWndBZQ==&google_gid=CAESEDAIWOy4pprOpqvcnBgWQUk&google_cver=1&google_push=AavPq0NNUu6_ZrRhGeehMyBwPwR2zdBPeBzkpc1DeeHCNdLREBkK2ulqHTy5Uuce0jnvNyfR6NrOEVkxM6L3FBezPyg-YAZ1DAh_
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C122
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEMwvA-jOx95tAFV1RvGMyq4&google_cver=1&google_push=AavPq0Pn5JundSjU_njUkC9HNJNV-UpOT8W1Qq2ov2Txl-EMg8ARlK-mASW6WSuSfE2YibYIu2Svxc77F1F...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AavPq0Pn5JundSjU_njUkC9HNJNV-UpOT8W1Qq2ov2Txl-EMg8ARlK-mASW6WSuSfE2YibYIu2Svxc77F1FpM7yH0-4s0la0xQZV&google_hm=J7rhZ-oiQJq6ddfLBtdJRCM

170 B
188 B

45ms
44ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AavPq0Pn5JundSjU_njUkC9HNJNV-UpOT8W1Qq2ov2Txl-EMg8ARlK-mASW6WSuSfE2YibYIu2Svxc77F1FpM7yH0-4s0la0xQZV&google_hm=J7rhZ-oiQJq6ddfLBtdJRCM

Requested by

Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:30 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AavPq0Pn5JundSjU_njUkC9HNJNV-UpOT8W1Qq2ov2Txl-EMg8ARlK-mASW6WSuSfE2YibYIu2Svxc77F1FpM7yH0-4s0la0xQZV&google_hm=J7rhZ-oiQJq6ddfLBtdJRCM
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C122
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEFLA40TKfyheTouIcQQjGdI&google_cver=1&google_push=AavPq0Nh8-mDW1CN89bAX_Sm_mEbg2JtpsCS0G_1oQfjQOjTZoFfyhWM6lI8HstBsWWGmSciGDlSdeFmXOWbdVbnHxPEPlu...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0Nh8-mDW1CN89bAX_Sm_mEbg2JtpsCS0G_1oQfjQOjTZoFfyhWM6lI8HstBsWWGmSciGDlSdeFmXOWbdVbnHxPEPlugc7M&google_hm=eS1zN1NOTlVGRTJwSHlIOXZ...

170 B
188 B

45ms
45ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0Nh8-mDW1CN89bAX_Sm_mEbg2JtpsCS0G_1oQfjQOjTZoFfyhWM6lI8HstBsWWGmSciGDlSdeFmXOWbdVbnHxPEPlugc7M&google_hm=eS1zN1NOTlVGRTJwSHlIOXZoblpzY1JpM2pOMmdCdndsVn5B

Requested by

Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 31 Dec 2022 09:21:30 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0Nh8-mDW1CN89bAX_Sm_mEbg2JtpsCS0G_1oQfjQOjTZoFfyhWM6lI8HstBsWWGmSciGDlSdeFmXOWbdVbnHxPEPlugc7M&google_hm=eS1zN1NOTlVGRTJwSHlIOXZoblpzY1JpM2pOMmdCdndsVn5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C122
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=QTOxV9o4RluFaQgHyu3FUQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

49ms
48ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=QTOxV9o4RluFaQgHyu3FUQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AavPq0NHUna2KmXmukyDEq-hTRdSZjHroBuP6qFp-I8fh5Pv58XVMviGwxlVdYAabBktxcxNgkIRpcbzn9vYqnglFwk71rkOo0gg

Requested by

Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=QTOxV9o4RluFaQgHyu3FUQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AavPq0NHUna2KmXmukyDEq-hTRdSZjHroBuP6qFp-I8fh5Pv58XVMviGwxlVdYAabBktxcxNgkIRpcbzn9vYqnglFwk71rkOo0gg
date: Sat, 31 Dec 2022 09:21:30 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame C122 0
75 B 29ms
20ms Image
text/plain 185.86.137.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEPs4UjwNPVBl7TJkc8rm47c&google_cver=1&google_push=AavPq0MO1AysYurfpCPP7mIQmdjmIgvgX-sLV6SYhvZUem6AioeCcyD7kbZo0508F3k-cVFvwKAnudFywead1C0x_2u1u-OZ5_QR
Requested by: Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:29 GMT
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C122
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESECB5Tj76sRNu8mV-91GVqV0&google_cver=1&google_push=AavPq0P4ZAz9asUGI...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NjE0Mjg4NDA4ODkyMzYyNjEyOQ%3D%3D&google_gid=CAESECB5Tj76sRNu8mV-91GVqV0&google_cver=1&google_push=AavPq0P4ZAz9asUGI2AE-tNCfayIWVqZRU...

170 B
188 B

45ms
43ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NjE0Mjg4NDA4ODkyMzYyNjEyOQ%3D%3D&google_gid=CAESECB5Tj76sRNu8mV-91GVqV0&google_cver=1&google_push=AavPq0P4ZAz9asUGI2AE-tNCfayIWVqZRU7WxjbUoOuVXrn-hgnCrzLr4P2lzLUTKUEsoMzD54k_a5KodzbZ5CnMXWzw5Hkmtw65

Requested by

Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sat, 31 Dec 2022 09:21:30 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 81.95.5.35; 81.95.5.35; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 04a1a70e-e037-46f5-a114-3cdb4ba15509
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NjE0Mjg4NDA4ODkyMzYyNjEyOQ%3D%3D&google_gid=CAESECB5Tj76sRNu8mV-91GVqV0&google_cver=1&google_push=AavPq0P4ZAz9asUGI2AE-tNCfayIWVqZRU7WxjbUoOuVXrn-hgnCrzLr4P2lzLUTKUEsoMzD54k_a5KodzbZ5CnMXWzw5Hkmtw65
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame C122 0
12 B 48ms
41ms Image
text/html 142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IQ11N3_yk7fVUwZ6zDZ6_FDnDF3yOco5YpwxbwE8hdzJ0hw-ClpSV8wQ6hKBbRH3WluatdGQ

Requested by

Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:30 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js Show response
pagead2.googlesyndication.com/bg/ Frame E1B4 36 KB
16 KB 26ms
19ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 20:49:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 304326
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15878
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Dec 2023 20:49:24 GMT

GET
H2

200

fc427e9a-95ca-4a00-8475-b0fb3a912b99&partner_id=1010 Show response
csync.smilewanted.com/set_partner_userid_get/improve/ Frame 2285
Redirect Chain

https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010
https://csync.smilewanted.com/set_partner_userid_get/improve/fc427e9a-95ca-4a00-8475-b0fb3a912b99&partner_id=1010

0
685 B

25ms
25ms

Document
text/html

104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/improve/fc427e9a-95ca-4a00-8475-b0fb3a912b99&partner_id=1010
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 7821f2062fec927d-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 31 Dec 2022 09:21:30 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

access-control-allow-origin: *
content-length: 0
content-type: text/plain
date: Sat, 31 Dec 2022 09:21:30 GMT
location: https://csync.smilewanted.com/set_partner_userid_get/improve/fc427e9a-95ca-4a00-8475-b0fb3a912b99&partner_id=1010
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame E944 23 KB
9 KB 9ms
8ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 452343
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8727
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 26 Dec 2022 03:42:27 GMT
expires: Tue, 26 Dec 2023 03:42:27 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 743A 0
20 B 52ms
51ms Image
image/gif 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodarir&v=34&d=1&s=1&f=0.01&li=v_h.3.549.0&bgai=BwDy8Gf-vY_ToFO3mzAa5saTYCwAAAAA4AeAEAg

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7764 43 B
215 B 525ms
162ms Image
image/gif 2600:1f13:800:7781:4e87:2a9d:c066:aa6b
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=ce28b9cf-602a-859f-7d24-b3896159f8f4&tv=%7Bc:ymEG5a,pingTime:-3,time:122,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:24%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:122,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:24,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B113~0%5D,as:%5B113~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:trAhiNT+111%7C112%7C12%7C13%7C14%7C151%7C152%7C153%7C1541%7C161%7C162%7C17%7C18%7C19%7C1a%7C1b1%7C1b2%7C1b3%7C1c1%7C1c2%7C1d.990511-61634100%7C1d1%7C1d2%7C1d3%7C1d4%7C1e*.990511-61634100%7C1e1%7C1e2%7C1e3%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k,idMap:1e*,rmeas:1,rend:0,renddet:na,siq:25%7D&br=c
Requested by: Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:4e87:2a9d:c066:aa6b Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:31 GMT
server: nginx
x-server-name: dt12.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7764 43 B
215 B 518ms
162ms Image
image/gif 2600:1f13:800:7781:4e87:2a9d:c066:aa6b
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=ce28b9cf-602a-859f-7d24-b3896159f8f4&tv=%7Bc:ymEG5g,pingTime:-6,time:128,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:128,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:24,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B119~0%5D,as:%5B119~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:trAhiNT+111%7C112%7C12%7C13%7C14%7C151%7C152%7C153%7C1541%7C161%7C162%7C17%7C18%7C19%7C1a%7C1b1%7C1b2%7C1b3%7C1c1%7C1c2%7C1d.990511-61634100%7C1d1%7C1d2%7C1d3%7C1d4%7C1e*.990511-61634100%7C1e1%7C1e2%7C1e3%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k,idMap:1e*,rmeas:1,rend:0,renddet:na,siq:25%7D&tpiLookup=ao:www.walla.co.il*&br=c
Requested by: Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:4e87:2a9d:c066:aa6b Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:31 GMT
server: nginx
x-server-name: dt01.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 0C08 0
0 8ms
8ms Document
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache,no-store,must-revalidate
Content-Type: image/gif
Expires: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 2F1A 43 B
215 B 650ms
320ms Image
image/gif 2600:1f13:800:7781:4e87:2a9d:c066:aa6b
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=db0458b7-4be3-4dc2-9a1b-090ece622c21&tv=%7Bc:ymEG5H,pingTime:-2,time:244,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:824,beZ:826,mfA:827,cmA:828,inA:828,inZ:831,prA:831,prZ:843,si:847,poA:848,poZ:869,cmZ:869,mfZ:869,loA:1000,loZ:1002,ltA:1068,ltZ:1068%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:22%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:244,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:22,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B238~0%5D,as:%5B238~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:trAhiNT+111%7C112%7C12%7C13%7C14%7C151%7C152%7C153%7C1541%7C161%7C162%7C17%7C18%7C19%7C1a%7C1b1%7C1b2%7C1b3%7C1c1%7C1c2%7C1d*.990511-61634100%7C1d1%7C1d2%7C1d3%7C1e.990511-61634100%7C1e1%7C1e2%7C1e3%7C1f%7C1g%7C1h%7C1i%7C1j,idMap:1d*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:na,siq:24,sinceFw:220,readyFired:true%7D&br=c
Requested by: Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:4e87:2a9d:c066:aa6b Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:31 GMT
server: nginx
x-server-name: dt02.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 8E2A 16 KB
6 KB 16ms
15ms Document
text/html 2.18.36.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-36-193.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=92311
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Sat, 31 Dec 2022 09:21:30 GMT
expires: Sun, 01 Jan 2023 11:00:01 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7764 43 B
215 B 619ms
319ms Image
image/gif 2600:1f13:800:7781:4e87:2a9d:c066:aa6b
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=ce28b9cf-602a-859f-7d24-b3896159f8f4&tv=%7Bc:ymEG6b,pingTime:-2,time:185,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:908,beZ:910,mfA:915,cmA:916,inA:917,inZ:920,prA:920,prZ:928,si:933,poA:934,poZ:954,cmZ:954,mfZ:954,loA:1036,loZ:1038,ltA:1093,ltZ:1093%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:24%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:185,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:24,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B176~0%5D,as:%5B176~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:trAhiNT+111%7C112%7C12%7C13%7C14%7C151%7C152%7C153%7C1541%7C161%7C162%7C17%7C18%7C19%7C1a%7C1b1%7C1b2%7C1b3%7C1c1%7C1c2%7C1d.990511-61634100%7C1d1%7C1d2%7C1d3%7C1d4%7C1e*.990511-61634100%7C1e1%7C1e2%7C1e3%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k,idMap:1e*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:na,siq:25,sinceFw:158,readyFired:true%7D&br=c
Requested by: Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:4e87:2a9d:c066:aa6b Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:31 GMT
server: nginx
x-server-name: dt03.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame E1B4 15 KB
15 KB 25ms
8ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,300&subset=latin

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 19:42:15 GMT
x-content-type-options: nosniff
age: 135555
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Dec 2023 19:42:15 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7764 0
0 56ms
56ms Fetch
image/gif 142.251.208.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst9XUxJjrihcn1-eIFGPnFDWijq178atcWiViN9swhQFduiqTYsmVtsYR3QelQBH90ILNw8wVVuWIR4vd1ANGZl2041-3UhjcMRyj7AmAOv84dx0CjwnEu5-JzWUMtHoD77_NILkDIfGnksF5TFx-RvFWCy3_m5J5wrzexaX_onYDnwvoBxvIm68qFsLCcACFfOpUO21rdcF6zNuauYIKZjoVOEB_SdcVJkIpLeGAjtpjo1RNDGHlr0dZ9pkVijPqfLar2h5t176qDQNL0EW0bcedGuLjwYmMZEmXcLU2BF7duqATbyd8zzrcjQMY_41WVbT6cjc_mjE0Y05sgb2mF0oENexMdQpls_0okp9uist9WUZzWA6cBrnuXI_In3gtP6rj_JMFtAAIfMhYC_GiXhkDcOVEJfugMjTHgxI8eL3SlsyZjgr9qxhavo9LaSK-CEhbkzl1DPqVntkUcADg7HIRjuWeMqoOSFozk6eX4pPqqtQTdTPcAZNj9YIWe-YjXF7Opizrw422SUxwfZNQCQgJvCEDWUnIgHVGpxd9oLJ4DV7SW1JZ0T8lJWqI2CgQTNMugeft3CwXP4FPHYtcZ44iYbn3vlsjF7bCYzak65P8bJ-IWqry-ywZXRGEz5tgy-Ovr1-7saxlyGOyZfEod8jds3kXoalRm5GAgOPxLOUYpyaGHWkDRcTBaKEKIyNhXJIRFcYEdn7UQEUIgczhXkkfpxcGoSzIevThfHc9Bv27ynUS8wpIFGdjVuPsQG-t01746xY5gUftgcem9zyasw6vMrdBgrwj54iCrVdu5PZR9VJH68wPfMpQYRRdWCujarrZ19TjNNQOmocqedWGksYS7tNZhPaYUDYgy7dcrTVa6T-fGntaYTT5kDSSKCoH93L6wzTAk_B--FYyfvpQMAAbwWvNT53_rS-udyEQI4tRPjzkBGi1_lWYwn2t6ssUSghlGmZ_Hga-fe8IcvtlJpK4y7wcz4Yc6YCuXMsdjhQpJMXC7e5evY1SqZqCWi7s3TLqj2FdB2SiEHgTQC2Q7l_twN8h29nF-N41DocjrnhvlBEzIYKvMVCoNaMkAICKQSm5-JOzDjS5NPUyOUWKQD_KP-_4sy1HBsrBNPguba3fFwGmzTVggdQvKIfi9t2KV6qkukSCRKvobzK3UzEUA0AjrA4i4lNeDD21gRvyU5BqiB_xB1xL21P6ZI19JyY0lC3_HY-HYl-Ymv9P8hxIvqUuEk3G_feqS32eezAShy2oGAz2kwd3Zktykv0w&sai=AMfl-YR5Hovb-Ux_P5CdHZo94JyO5bp383Gx2nCjMejYGz0JwUmWvJCJwV6J3-lkGMqwSbhZJc9kOlx1FZpviWZJvIpeYc88Qqyy0QO7qTqFY7gPdA9qxFmER4FSiHXQaPAN2b7bPW2Zb31IgsNph5mg-GXh7oCRRzsG7g4cG-SJEo_SuGZGtguLQ6ZpDinJYkzR1CDr8M6Pc1l5ZFwn-1N4At4p7686qOADRB37EgvQdTXAGuxJFajA8W9KpA5geLsPHWkS-ZHiZqpc1Q&sig=Cg0ArKJSzBLj-Ln4-dFjEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=824&vt=11&dtpt=557&dett=3&cstd=266&cisv=r20221207.13047&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.208.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 31 Dec 2022 09:21:30 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2F1A 0
0 57ms
57ms Fetch
image/gif 142.251.208.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuEe3E6nu7RSA6XeTCrrvkCT_YxM9ZCnaClvJ1cAmXcESiycUld-eof2LKMi_GVcg7tFHQ1CgR2Y-KCjG0ifT4FQjh_9qB2lGar38CokmCLt8tArKNMr8r1A87WHlxSDuUstue2ZcoqGP8vCBZKc2jepDPfU4apVf2ADMwo1w_r-E_6KendPlKvoxrKqb5Clt79EKYG_QRQfx2derZ2RH8bfKXH6GaFYhyG8s75W59kH1CSMHqKC4Unrz1gV4dZGhsPGJEUaMM8-c58iISdbf8lXcYk04g0YHoGvy10uAjDA3EtR7KJPBbkKHrTbv6tyP9VWpBLulivznnFUi-rGoa19LVrH26NEyO9nzHxCcNoANWfqGyecD_aSYnJWOpyEkW6VIJzempci2_MbAr3gNu8oz5kpgQ5pf73WsKj3RrTptit4Br2YrZ-ZI_RKFTMS5j13GTCWaijcgd9OJcYzSYZlLElzDz4Knp72qfo1Op6TgGofIw5CbxyQ_IYDI7-67D8hZgSw2lagYLnzauL1C4hHFpxXxrKenSuvkPqlkbASmZ94gww6oq2VRzyotcHWoX1LlxXTm-RWcvDRyrturdpx4GV0W5KVk-SqRxG13BoVMuA3impIu_vlOHZ1uEDUH547ImHlH-afHOO_SVDzVaJI6slrE0mvghAqRXsQIUBtq915MAJtTWfuhSlL4BkiO_wNil0Qxl1ZWFDeJegkIGfRjaouMH7cLBNFGBhk0KNdcpp1m8gi7jW0jqVAhkASWsxEuOGS4TYYzE3ZZgSJT_wHtf-mpo22BdEDh92QRtjIz_QRGVRI_lJ5ZESz0Snn_X5PcHafdfqvXbhGC1LCa1EihSQRYn7tM2Ste8x2jiodDTd4ezGpmraGs9og6edoSkukUC5-PR5lR809ZpWtsfPy-ZOKaq2aCjn6lc59DrYxNogoZJnZ0U8h58uglZuicAUu8D_RIRUmzk2Iw54MuZheGjoR7VSdaQ2G_Uo5KI5_E_v99kjMEA86WkaFiqSaMGQIMCQQ0MLzGfrQvExMy1q5Zso31VUqRiPmlK5oehT5fBB5ncDZpL0RPtjSc8bWUlrwyiWHPbYSYPkMgI_JYgEHFwvaSVJgpJHvDNpnRibDgTIi8WSpjz5n-7YVrv6j5vJ9P797N582QaTbFXHqY7Bg7Dnxv4wkuhQvI2EtKJzg0GTUrGT1GfWiNhNH_b70Tcs9CMI2FMzs0CRbtwZZlagSxZOYanqI8XKYGvSs3r1WPuUml1MQbNK&sai=AMfl-YSoSpQ0VC8bXE5WCst83A3qjpiBVn9Qbg5uxVgaZr92FJUQd0NWQR43txuA7z4--G92mZkOFxKaGHU7AHkAJI9Q1UEEPEK5r0ajffi8NuOHigUOQGckCceBcTBOgfpiEmQflbfCRiuNn_mQeB3xkJp1b4ADlBWB6fzL4EeycGFh_YdzPT1WAT1eBeXjUd6lnAvq3ilOWHV9RARsLxVCyRcrJKte8rb8KiPqCpHpSM7qzftEY-7RHkFq0LMKg_y9iZyzTqQskSdQlg&sig=Cg0ArKJSzFWC9OhUw07LEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=813&vt=11&dtpt=530&dett=3&cstd=281&cisv=r20221207.00912&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.208.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

118.74.204.35.bc.googleusercontent.com

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 31 Dec 2022 09:21:30 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame E1B4 15 KB
16 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,300&subset=latin

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 26 Dec 2022 16:44:52 GMT
x-content-type-options: nosniff
age: 405398
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Dec 2023 16:44:52 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame E1B4 15 KB
15 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,300&subset=latin

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 20:40:44 GMT
x-content-type-options: nosniff
age: 45646
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Dec 2023 20:40:44 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F74A 42 B
64 B 105ms
62ms Fetch
image/gif 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvVKwBXH2ivIVXBj6P1YHOOO-PpimLSGCiSA-HBSIpG6Go08aPn92i8UzOntgjHNwh1r5cUNKTxzLP7Lhm0BH1lDNrppAFfpcUOyM7LYaTHRKAZjSLzmvE3W7xZZaN2Il9TQdtkHw&sai=AMfl-YSdbSjtBgmuL-JkM21L86pEUcF3lnRa7raw7Ol3EnkgQg1U05rayFQopR_nuPuh23jtRIqOLwL4hmi5t5ORVJkPfDGeZ9z1Ew0m20xeS2ApBTY0ChG9yKASGvxqYpc&sig=Cg0ArKJSzAPNntPFt_doEAE&cid=CAQSPADq26N94g0XqHU-yu5B0gCS9WHy4aekD5nsV-huSsLAMM6p7NdBs3QdDZsnhUSzGKr9ZlBrf-ILEinQBxgBIBM&id=lidar2&mcvt=1081&p=20,436,110,1164&mtos=1081,1081,1081,1081,1081&tos=1081,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=885339185&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1672478489017&rpt=623&isd=0&lsd=0&met=ie&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 8E2A 2 KB
3 KB 13ms
13ms Script
text/html 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=83154305&p=158810&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 360a522150a379f438dc85314847f0268b623a9be062257a1c7507c4a6027f2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Sat, 31 Dec 2022 09:21:30 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H3 200 QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js Show response
pagead2.googlesyndication.com/bg/ Frame 98BF 36 KB
16 KB 21ms
21ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 20:49:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 304326
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15878
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Dec 2023 20:49:24 GMT

GET
H2 204 1
sync-eu.connectad.io/syncer/ Frame CBF4 0
0 34ms
21ms Document
text/plain 2606:4700:10::6816:36ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by: Host: cdn.connectad.io
URL: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://cdn.connectad.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 7821f207be7e2bf1-FRA
date: Sat, 31 Dec 2022 09:21:30 GMT
server: cloudflare

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 21ms
21ms Image
image/gif 2a00:1450:400d:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1540366654&t=event&_s=1&dl=https%3A%2F%2Fwww.walla.co.il%2F&ul=en-us&de=UTF-8&dt=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20-%20%D7%94%D7%90%D7%AA%D7%A8%20%D7%94%D7%9E%D7%95%D7%91%D7%99%D7%9C%20%D7%91%D7%99%D7%A9%D7%A8%D7%90%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%9E%D7%A1%D7%91%D7%99%D7%91%20%D7%9C%D7%A9%D7%A2%D7%95%D7%9F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Video&ea=ForcedPlay&el=Google&_u=aEDAAEABEAAAACAAI~&jid=&gjid=&cid=1379669123.1672478488&tid=UA-4780630-1&_gid=382441059.1672478488&gtm=2wgbu0T728TH&cd1=1379669123.1672478488&cd2=173&cd3=&cd4=&cd6=&cd7=&cd8=&cd10=0&cd20=no&cd22=0&cd23=0&cd24=0&cd26=&cd27=&cd28=&cd29=&cd30=&cd31=&cd32=%D7%95%D7%95%D7%90%D7%9C%D7%94&cd33=not&cd34=&cd51=&cd53=&cd54=&cd55=&cd56=&cd59=&cd62=&cd63=&cd65=no&cd69=1&cd76=&cd98=&cd107=&cd108=no&cd109=no&cd110=&cd113=1&cd115=&cd116=0&cd35=editorial&cd38=Live&cd39=Live&cd44=true&cd45=Google&cd47=Live&cd49=&cd50=Live&cd72=true&cm9=1&z=277958180

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Dec 2022 16:42:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 59925
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js Show response
pagead2.googlesyndication.com/bg/ Frame 1B5D 36 KB
16 KB 20ms
19ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 20:49:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 304326
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15878
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Dec 2023 20:49:24 GMT

GET
H3 200 z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js Show response
pagead2.googlesyndication.com/bg/ Frame E944 36 KB
16 KB 22ms
21ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 21:35:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 215146
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16132
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Dec 2023 21:35:44 GMT

GET
H3 200 cta_jetzt_buchen.svg
s0.2mdn.net/creatives/assets/4331440/ Frame FAA7 2 KB
1 KB 22ms
20ms Image
image/svg+xml 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4331440/cta_jetzt_buchen.svg

Requested by

Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b9b2b33d50320446996a318fbd7129b3b365e760c44e8acc28031438bb3f8d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:15:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 336
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1056
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 09:19:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 31 Dec 2022 09:30:54 GMT

GET
H3 200 flex_tarif_white.svg
s0.2mdn.net/creatives/assets/4453672/ Frame FAA7 4 KB
2 KB 166ms
164ms Image
image/svg+xml 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/flex_tarif_white.svg

Requested by

Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7df9c79b69dac7eb60962fa843afaabcbf31482db9fdfd346ecb8ca1b7cc8b0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1508
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 09:12:27 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 31 Dec 2022 09:36:31 GMT

GET
H3 200 head2_3line_paare.svg
s0.2mdn.net/creatives/assets/4453672/ Frame FAA7 11 KB
3 KB 25ms
23ms Image
image/svg+xml 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/head2_3line_paare.svg

Requested by

Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba9e143db781b645a27217f7205e9b2e51ba525c0458ad50e3868d695cc27fa3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:15:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 335
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3285
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 09:12:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 31 Dec 2022 09:30:55 GMT

GET
H3 200 head1_1line_paare.svg
s0.2mdn.net/creatives/assets/4453672/ Frame FAA7 4 KB
2 KB 24ms
22ms Image
image/svg+xml 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/head1_1line_paare.svg

Requested by

Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f859c54c2abc8c5257845d36ebb1152e3eb5c555b9b78420cca3a626ecabc9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:15:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 336
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1610
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 09:12:24 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 31 Dec 2022 09:30:54 GMT

GET
H3 200 tui_logo_live_happy.svg
s0.2mdn.net/creatives/assets/4364511/ Frame FAA7 6 KB
2 KB 24ms
22ms Image
image/svg+xml 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4364511/tui_logo_live_happy.svg

Requested by

Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:14:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 430
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2072
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 07:44:21 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 31 Dec 2022 09:29:20 GMT

GET
H3 200 300x250_kv_paar.jpg
s0.2mdn.net/creatives/assets/4453672/ Frame FAA7 38 KB
38 KB 201ms
200ms Image
image/jpeg 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/300x250_kv_paar.jpg

Requested by

Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

292532d44ba2bbf15d48b2bf6ab6388bc21155a71655e38533de8cf606c02fa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:31 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38528
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 09:12:17 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 31 Dec 2022 09:36:31 GMT

GET
H3 200 cta_jetzt_buchen.svg
s0.2mdn.net/creatives/assets/4331440/ Frame 75C3 2 KB
1 KB 22ms
20ms Image
image/svg+xml 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4331440/cta_jetzt_buchen.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b9b2b33d50320446996a318fbd7129b3b365e760c44e8acc28031438bb3f8d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:15:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 336
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1056
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 09:19:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 31 Dec 2022 09:30:54 GMT

GET
H3 200 flex_tarif_white.svg
s0.2mdn.net/creatives/assets/4453672/ Frame 75C3 4 KB
2 KB 166ms
164ms Image
image/svg+xml 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/flex_tarif_white.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7df9c79b69dac7eb60962fa843afaabcbf31482db9fdfd346ecb8ca1b7cc8b0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1508
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 09:12:27 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 31 Dec 2022 09:36:31 GMT

GET
H3 200 head2_3line_paare.svg
s0.2mdn.net/creatives/assets/4453672/ Frame 75C3 11 KB
3 KB 25ms
24ms Image
image/svg+xml 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/head2_3line_paare.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba9e143db781b645a27217f7205e9b2e51ba525c0458ad50e3868d695cc27fa3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:15:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 335
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3285
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 09:12:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 31 Dec 2022 09:30:55 GMT

GET
H3 200 head1_1line_paare.svg
s0.2mdn.net/creatives/assets/4453672/ Frame 75C3 4 KB
2 KB 25ms
23ms Image
image/svg+xml 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/head1_1line_paare.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f859c54c2abc8c5257845d36ebb1152e3eb5c555b9b78420cca3a626ecabc9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:15:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 336
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1610
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 09:12:24 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 31 Dec 2022 09:30:54 GMT

GET
H3 200 tui_logo_live_happy.svg
s0.2mdn.net/creatives/assets/4364511/ Frame 75C3 6 KB
2 KB 24ms
23ms Image
image/svg+xml 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4364511/tui_logo_live_happy.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:14:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 430
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2072
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 07:44:21 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 31 Dec 2022 09:29:20 GMT

GET
H3 200 300x250_kv_paar.jpg
s0.2mdn.net/creatives/assets/4453672/ Frame 75C3 38 KB
38 KB 204ms
203ms Image
image/jpeg 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/300x250_kv_paar.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

292532d44ba2bbf15d48b2bf6ab6388bc21155a71655e38533de8cf606c02fa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:31 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38528
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 09:12:17 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 31 Dec 2022 09:36:31 GMT

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame DA47
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:cf5463af-ff1b-4a00-8166-3bf50d84b994&gdpr=0&gdpr_consent=

42 B
556 B

49ms
15ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:cf5463af-ff1b-4a00-8166-3bf50d84b994&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sat, 31 Dec 2022 09:21:30 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Content-Type: image/gif
Date: Sat, 31 Dec 2022 09:21:30 GMT
Expires: Sat, 31 Dec 2022 09:21:29 GMT
Keep-Alive: timeout=360
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 277 3f0ad7a master zrh-pixel-x13 config:1.0.0
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:cf5463af-ff1b-4a00-8166-3bf50d84b994&gdpr=0&gdpr_consent=

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame F10D
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6336672988600916080

42 B
424 B

103ms
18ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6336672988600916080
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sat, 31 Dec 2022 09:21:31 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6336672988600916080
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame A9F9 43 B
363 B 107ms
16ms Document
image/gif 178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-type: image/gif
cross-origin-resource-policy: cross-origin
date: Sat, 31 Dec 2022 09:21:30 GMT
expires: Sat, 31 Dec 2022 00:00:00 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 485958
strict-transport-security: max-age=31536000; preload;
x-errorlevel: 0

GET
H/1.1

200
OK

dcm Show response
aax-eu.amazon-adsystem.com/s/ Frame A37E
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=4133B157-DA38-465B-8569-0807CAEDC551&redir=true&gdpr=0&gdpr_consent=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=4133B157-DA38-465B-8569-0807CAEDC551&redir=true&gdpr=0&gdpr_consent=&dcc=t

43 B
855 B

192ms
192ms

Document
image/gif

54.239.38.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=4133B157-DA38-465B-8569-0807CAEDC551&redir=true&gdpr=0&gdpr_consent=&dcc=t

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.239.38.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Sat, 31 Dec 2022 09:21:31 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: NSQVAMH9HWTBJ5MV5P0R

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Sat, 31 Dec 2022 09:21:31 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=4133B157-DA38-465B-8569-0807CAEDC551&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: DMK1W789FBXSKP1XHWNK

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 37F7
Redirect Chain

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6142884088923626129&gdpr=0&gdpr_consent=

42 B
218 B

14ms
14ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6142884088923626129&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sat, 31 Dec 2022 09:21:30 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

AN-X-Request-Uuid: 2cd1fe33-648a-4919-8a4e-8d4a79f57056
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Sat, 31 Dec 2022 09:21:30 GMT
Expires: Sat, 15 Nov 2008 16:00:00 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6142884088923626129&gdpr=0&gdpr_consent=
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma: no-cache
Server: nginx/1.21.3
X-Proxy-Origin: 81.95.5.35; 81.95.5.35; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0

GET
H2 200 4133B157-DA38-465B-8569-0807CAEDC551 Show response
csync.smilewanted.com/set_partner_userid_get/pubmatic/ Frame D520 0
544 B 31ms
27ms Document
text/html 104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/pubmatic/4133B157-DA38-465B-8569-0807CAEDC551
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 7821f2081b84927d-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 31 Dec 2022 09:21:30 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8E2A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=QTOxV9o4RluFaQgHyu3FUQ%3D%3D&gdpr=0&gdpr_consent=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

16 KB
16 KB

17ms
17ms

Image
text/html

2.18.36.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol: H2
Server: 2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-36-193.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:31 GMT
content-encoding: gzip
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=92310
accept-ranges: bytes
content-length: 5554
expires: Sun, 01 Jan 2023 11:00:01 GMT

Redirect headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:30 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 mw
mwzeom.zeotap.com/ Frame 8E2A 95 B
382 B 54ms
24ms Image
image/png 2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=4133B157-DA38-465B-8569-0807CAEDC551
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:30 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 7821f2083f31bb71-FRA
access-control-allow-headers: *
content-length: 95

GET
H2 404 qmap
sync.crwdcntrl.net/ Frame 8E2A 49 B
265 B 117ms
32ms Image
image/gif 52.214.61.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=4133B157-DA38-465B-8569-0807CAEDC551&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.214.61.187 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-61-187.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:30 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.0.163
content-length: 49
expires: 0

GET
H2

204

ids
idsync.frontend.weborama.fr/ Frame 8E2A
Redirect Chain

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3527243415
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=4133B157-DA38-465B-8569-0807CAEDC551

0
277 B

72ms
16ms

Image
text/plain

34.111.131.239
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=4133B157-DA38-465B-8569-0807CAEDC551
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol: H2
Server: 34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 239.131.111.34.bc.googleusercontent.com
Software: Weborama Collect Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:31 GMT
via: 1.1 google
last-modified: Sat, 31 Dec 2022 09:21:31 GMT
server: Weborama Collect Frontend
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location: https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=4133B157-DA38-465B-8569-0807CAEDC551
date: Sat, 31 Dec 2022 09:21:30 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 8E2A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDEzM0IxNTctREEzOC00NjVCLTg1NjktMDgwN0NBRURDNTUx&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
95 B

109ms
19ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sat, 31 Dec 2022 09:21:31 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:30 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 8E2A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEO3ueZg13ru9ALU0Lhv2XyQ&google_cver=1

42 B
298 B

110ms
20ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEO3ueZg13ru9ALU0Lhv2XyQ&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sat, 31 Dec 2022 09:21:31 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:30 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEO3ueZg13ru9ALU0Lhv2XyQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 8E2A 43 B
409 B 18ms
14ms Image
image/gif 35.204.74.118
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:30 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Fri, 30 Dec 2022 09:21:30 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 8E2A 70 B
265 B 146ms
38ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 31 Dec 2022 09:21:31 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 8E2A
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=9177322222555914654

42 B
218 B

14ms
13ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=9177322222555914654
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sat, 31 Dec 2022 09:21:30 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=9177322222555914654
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 4 B
332 B 93ms
93ms Fetch
text/plain 70.42.32.191
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=8217e8671a2bd29f54af33de9b10d6ae_1769_1672478489837&tm=2996&eT=0&widgetWidth=863&widgetHeight=41&widgetX=537&widgetY=12295&wRV=201010&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&rtt=1208&oo=true&lo=568&odbreq=2944&odbres=4151&mvreq=2944&mvres=4151&cet=4g&to=1672478486811&umv=1&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.191 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 31 Dec 2022 09:21:31 GMT
Access-Control-Expose-Headers: content-range
X-TraceId: 120a01f20ead159e31c8b06876dcff9d
Content-Length: 4
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: text/plain; charset=UTF-8

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 4 B
332 B 170ms
88ms Fetch
text/plain 70.42.32.191
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=e352d4ac84828406f4b10a35527b1826_1769_1672478489986&tm=3002&eT=0&widgetWidth=863&widgetHeight=283&widgetX=537&widgetY=12356&wRV=201010&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&oo=true&lo=568&odbreq=2944&odbres=4151&mvreq=2944&mvres=4151&re=4158&cet=4g&cs=5&to=1672478486811&umv=1&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.191 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 31 Dec 2022 09:21:31 GMT
Access-Control-Expose-Headers: content-range
X-TraceId: 2f710824183a3dc2f7e17986112df846
Content-Length: 4
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: text/plain; charset=UTF-8

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 4 B
332 B 256ms
86ms Fetch
text/plain 70.42.32.191
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=3b705afca5c1b93450ea6a3f582642a6_1769_1672478490188&tm=3012&eT=0&widgetWidth=863&widgetHeight=283&widgetX=537&widgetY=12663&wRV=201010&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&oo=true&lo=568&odbreq=2944&odbres=4151&mvreq=2944&mvres=4151&re=4168&cet=4g&cs=5&to=1672478486811&umv=1&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.191 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 31 Dec 2022 09:21:31 GMT
Access-Control-Expose-Headers: content-range
X-TraceId: cad8375d205c496fa1b6a7ee05e0362a
Content-Length: 4
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: text/plain; charset=UTF-8

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 4 B
332 B 342ms
87ms Fetch
text/plain 70.42.32.191
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=dbf9e3f74d46ddc4602d5df2d93f4b36_1769_1672478490342&tm=3014&eT=0&widgetWidth=863&widgetHeight=401&widgetX=537&widgetY=12970&wRV=201010&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&oo=true&lo=568&odbreq=2944&odbres=4151&mvreq=2944&mvres=4151&re=4169&cet=4g&cs=5&to=1672478486811&umv=1&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.191 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 31 Dec 2022 09:21:31 GMT
Access-Control-Expose-Headers: content-range
X-TraceId: 23ac90f57b3a38baa9442c75f2803a9a
Content-Length: 4
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: text/plain; charset=UTF-8

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 4 B
332 B 341ms
86ms Fetch
text/plain 70.42.32.191
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=44e5387333e4ad1338cd71085f85b8cc_1769_1672478490602&tm=3015&eT=0&widgetWidth=863&widgetHeight=283&widgetX=537&widgetY=13395&wRV=201010&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&oo=true&lo=568&odbreq=2944&odbres=4151&mvreq=2944&mvres=4151&re=4171&cet=4g&cs=5&to=1672478486811&umv=1&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.191 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 31 Dec 2022 09:21:31 GMT
Access-Control-Expose-Headers: content-range
X-TraceId: ef0d471ee83ce6d59b4478d40679dd81
Content-Length: 4
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: text/plain; charset=UTF-8

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 4 B
332 B 340ms
87ms Fetch
text/plain 70.42.32.191
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=beee64f2804cda89837e91ad9be3bb25_1769_1672478490783&tm=3016&eT=0&widgetWidth=863&widgetHeight=283&widgetX=537&widgetY=13702&wRV=201010&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&oo=true&lo=568&odbreq=2944&odbres=4151&mvreq=2944&mvres=4151&re=4172&cet=4g&cs=5&to=1672478486811&umv=1&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.191 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 31 Dec 2022 09:21:31 GMT
Access-Control-Expose-Headers: content-range
X-TraceId: 4077e6ff1cadf188a703ae1f239a0535
Content-Length: 4
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: text/plain; charset=UTF-8

GET
H2 200 get Show response
mv.outbrain.com/Multivac/api/ 52 KB
16 KB 313ms
312ms Script
text/javascript 199.232.18.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fwww.walla.co.il%2F&idx=4&rand=20657&key=NANOWDGT01&widgetJSId=AR_25&va=true&et=true&format=html&t=YzM1ZGI1YzMwMDZlYmQwYzRjMDdiMWRjNDZmNDFhMTM=&adblck=false&abwl=false&px=0&py=2452&vpd=1252&cw=1600&activeTab=true&darkMode=false&ab=0&wl=0&umv=1&em=1&settings=true&recs=true&version=201010&sig=gBsVzksV&apv=false&&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fwww.walla.co.il%2F
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.18.132 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 111a5a26493c3e77fef6bcc28125113723ebb5e0bcbceae7a1bf4eb16fb5b4eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-cache-hits: 0, 0
date: Sat, 31 Dec 2022 09:21:31 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, VIE, Europe1
x-timer: S1672478491.996768,VS0,VE297
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-served-by: cache-lga21950-LGA, cache-vie6379-VIE
x-traceid: ac63584a52ae50ed42c74ff3a297fe2e
accept-ranges: bytes
content-length: 16665
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 ob_logo.svg
widgets.outbrain.com/images/widgetIcons/ 12 KB
12 KB 9ms
9ms Image
image/svg+xml 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/ob_logo.svg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 02b5318a75e50e48ccddd6eac9eef067a275adc244f3c3f6186ed6b382d3f971

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:30 GMT
last-modified: Mon, 12 Sep 2022 07:37:47 GMT
server: AkamaiNetStorage
etag: "65df986ae65cffdf92a926e7c42a25a8:1662969047.139727"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 12268
expires: Mon, 30 Jan 2023 09:21:30 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 83EF 0
20 B 55ms
54ms Image
image/gif 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BushdGf-vY5_NCLfC7_UPg52NsAUAAAAAOAHgBAI&bg=!_P-l_7vNAAYgquz3AKo7ACkAdvg8WivTcnOFSzbfGpUVA6EBXmQzSfRrvw3IDxmMtL0dzMkJw_2aDQIAAAKLUgAAAAJoAQeZAye8IvHEO9lpGX-ijL_Wvq776oAZecNX2iMCEvkRX5B7sUcyM-ItRmCUWD3XZjxbP4QkWPaSITyslsNjc-uvwTscfmguGcPG63-i-bCuFj9lwubkNiPnuXzGWIGco4J6ec0Vbl9se6vtive90aDxaLmvL5bSD8G0E6Njqkj23OGAT4if_L4qai5zYznW045OJCxeChPSsTeF920ZW9ytDfLBXZbpj60Nj7yXvbZ9r9FZGtcmzfdF9_xZ680fWPo3qAmfzv9s4MpM7ScmPC0oTfuQrPtdzaH6H0LQl9c1m514k7EuVIsA9sxXyHtRITi7zSVP3jh_C1Khfe_3Hvc55mBa_704ywcVqR0o5ta2PSof6OGscvXXUoJp-73jsoXLDZIcUmVvLtvkoimRPXbLIzIJOouwhkYUThsIT59EBOV-LDTHrXSEf9t8urmqp8i4jNyJyJLL_3EOv7BfAkAKTdnhiTTEqJJKCjAowIJCV6ujcW3fCSDG9xet_pTnd9hUp2nWEmvXIRwZ3m65Wm2oCuciO1X2Krssl7YVmIZ1bVwaNhPXSu8ocVscFihovhgm1ni2sDcqpLAOAY3VVqGdVlkHRKFxILDzOrMOiXSO9dp7DFV6p5CTQ-yX__84R5bkv6Xx6JuLQpbP1PYjmwQGfj9XZMzvyfN8sZA99qiyHHQCfFJ9Q8obzwzH0FKMBh8hhwrizb6LNflqj8R99StA5FB4savNdtl6L-Znh8j7RRS0tNH16fxYXfMbHVPraqeEVCQhqKPCdjfnvYYW2jcBfc-hGp78NSvhlbNQYERlzQzMohtHgYO5BjsJg0wcUjkLIi97o_xxRM_uyZriseeQxCcwiIDOAIGn2zugUeyAD_rdtMHISuUCrjmJZCQrDjTbvCgDAHQOxP5GNh0Vjt-orFGIA5XrnRlW-6N02FDdrmwE_VbfUKy6_h7FMPsiRZDuJKU7CN1HmtaehhLvJVmJoJu7cPAmWzVlCf8rIY8sAt83gwtWWDbVL9IWdrnj-A_8y1VdquEu0Q3zFllnovzLmuh4MHBQig2g9wQcM2g2eceEsyfS4zBZVaw

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 2F1A 43 B
215 B 163ms
162ms Image
image/gif 2600:1f13:800:7781:4e87:2a9d:c066:aa6b
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=db0458b7-4be3-4dc2-9a1b-090ece622c21&tv=%7Bc:ymEGdT,pingTime:-10,time:752,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA4LjAuNTM1OS4xMjQgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1672478491109%7C%7Cfd84642dd997e69297e534477880b070%7C%7Cff2a6b6b0b4b5b2c43e945104008d359%7C%7C722663ff12f8fa18d16dec59d49a8424%7C%7Cc96e71212cccb9fa3135a3091976ba05%7C%7Cdb64fd926a66118919a7d450204768b2%7C%7C8d9d8734777c12c3be84cbbf3c16e991%7C%7C62810860c6e07765c12c7089553e1b25%7C%7C1663701684,im:%7Bpci:%7Btdr:383%7D%7D%7D
Requested by: Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:4e87:2a9d:c066:aa6b Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:31 GMT
server: nginx
x-server-name: dt13.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7764 43 B
215 B 161ms
160ms Image
image/gif 2600:1f13:800:7781:4e87:2a9d:c066:aa6b
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=ce28b9cf-602a-859f-7d24-b3896159f8f4&tv=%7Bc:ymEGeV,time:727,type:e,im:%7Bpci:%7Btdr:285%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:727,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:24,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B718~0%5D,as:%5B718~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:575,fm:trAhiNT+111%7C112%7C12%7C13%7C14%7C151%7C152%7C153%7C1541%7C161%7C162%7C17%7C18%7C19%7C1a%7C1b1%7C1b2%7C1b3%7C1c1%7C1c2%7C1d.990511-61634100%7C1d1%7C1d2%7C1d3%7C1d4%7C1e*.990511-61634100%7C1e1%7C1e2%7C1e3%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k,idMap:1e*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:25,sis:390%7D&br=c
Requested by: Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:4e87:2a9d:c066:aa6b Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:31 GMT
server: nginx
x-server-name: dt09.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 98BF 0
20 B 57ms
57ms Image
image/gif 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BcJT7Gf-vY8jELt2w3gPykpkIAAAAADgB4AQC&bg=!4uGl4aXNAAYgquz3AKo7ACkAdvg8WgYl8PLq3y5cxClMVMJiyLJ9_0l6H1DS5fGWr__EgWr5sDxq6gIAAAFQUgAAAAJoAQcKAFfs-wUs4t-oBemgWFuZmW44zlgmgnTg2a-iHrw6eAJs6lAJaFQ4Uxs_eGFj8jqkp5AY3S60An7xIrgvM5vIvNEE7u6IpHshNEQp_oRLxEoAaD0YpClSdkOZAxnEtfYUpP_MhXbfRbmVbOzJGdzJRLYPEgVYCgn5RuCEcuee3V0PxqnWIq-ELRa7bOkMG8KKH3Wr56sQ2HUFxK9wxUJ9q3QorU91r1wFLJOWvRVrjOh6wtTsDdwS4dC8nhlQPkpmHdwPWGLd8P9BYe40JLIPBPkXtlmBtqRwDyrCR5n98KW7F2arpyijVUm0QZbuZ51zKnrdpgQG_3W2DBIXxCSBs6Pq623KNg35uUDlb-bNCD7MmtREcZhjDJOcbsLw3TXQ3LM8MxNYqVleUIKC6z8LiFw9ZLCtsv1RhXlH4hy_wl141vzttllY2b5vOWEsrlfFZ0WKK1O9q4QsvYQ4vd18-PEwxNMxX_8SMNhEAA71xcUKtrNuFn9Qae-U6FIFYwtxowhPDELgV3wRh_73WIjrqsdSjQZ4eTF2CWU9uj_2hKGlHf0pW8zZU8MjBlkXymOJ-s-R0EAkZJYhQZy5MoSb51tb2tI4ec7QeY8T2awZe3zgQsgJyGFog33UH0mgG1bHPoAu1Fv9KSGSAAbC03z4N_qyI4i3nUpEob558WsbfPQ9WCNVqVwOuyIOG7rTytHrivG7Wx5e8B6aFz91qJGKHBzaXG6Q6OPv04mrPucPfxM9bxr6YWND20PVvTwfnO1K_GU4vbJBx2Lyl44AKjD85jB3m2VAqtvrjyaWyNXubcQ68DPl7zPb4XH4tIHHrvFsKjnDUVRTGagWKcm4Ap7s41mHtUwbSkSuNSbA7oPOsSyuYOdgOoFZ2jLzYENQpHdhURr78YFSfWhczp7euZ9yEsgDg0pi15JqptLlAFo5swb9B_QpueXL7dF1X3j7mtJDUKOFYGLYgnlhEJcP5sk2QZRKRYxHIKpmCDX1nXiq5cjX5VAw4xJMNScCf9PG2KdMtmOnd05z4pOJdEXsV3-cSvcQMPbgMW06NX-ytf2828b0yYk-I9WzfGLw6px2D3pXD052rxydTvIcXMhS_bdRwLDgEw6yiSaZ8ILvY-_CBLn_tKAjgSDu7BA603c3Q-ktTVqKF3N7SsL9F0LDU8vLUxjlsR5v

Requested by

Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1B5D 0
20 B 56ms
56ms Image
image/gif 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B-_XBGf-vY4HXLqa99u8PgOunsA0AAAAAOAHgBAI&bg=!9_Sl9LDNAAYgquz3AKo7ACkAdvg8WstT1Ljv_CR8HYGNmDBRGN8LemmNXQufryAgsDPXgkLYJui-jQIAAAE9UgAAAAJoAQeZAyhQo_xij_lkPxd0VhS903kEUsCPSTh0dAPz7U4RypMB0uyJjfNFyq5jno6gkiXnDIVq1Ko6vflG8dr5t5Ve3ID7ySvKa90j-mnk1MgUfQS2tEcAa7doVvzT16-ETU5vhPbyHsvBiUlWuJwBgCZNEAXWiYj4BwknuBs2UKPXzGn2zs5EeLbm_UK60bh4xlrFe2PRG_F5jLZR9hh4y7eFBN7ZUPS_3E_n_n_RWAspz_5ynvnuPuLTzCH3hmZi2I3SexXGWXJDjIMwgV6u7CUbbPZnaAoONI57zhs1D32NA6-vwxAYdYsx6pJDUepMVo0n9lYnjpji_mG1EombiAIQh82FZpEs-nyShquok3ehKGQUKcmGLK5lkmtdsH5c-cddlOf9mm1X2kJHe8KksU6y9J8bwKFumZcLQq4Y0sxcjt2wiDvU4NMnbVowo8HT5xJzQoUVVsKhsKCCcpdtDn66ahJWbtN65miZrw5eZbE6g7qks_H2yMUdGTFT8QL9AI8OSBIbiXNqNZ_6f3uSc_zV1RKHkGkhyMi79AHLHndNPbEYl494bEl8eRCd4GaihqQeQBPFX14SkF-yHcktiFy67bZogHfzEWDYf7OaDpHjVo7-xSu9vXjzqLX7TxS4mP-49MODM1GtKwi2PU2aJc5sbIRelxJRyURxDGJHxI-ztCHHq9yOAk9G_5BY4ca4aMQ0VpaZD7QnJY73ErHF8Bc7FkwCfSFt_rBkiSj9mSnqMusIBS2FcNrzs3ZeDDDA7BM8sZlM8OwPyXj4nKE9w5YI8GgfxjSUflzSyze13dM5gKr_o7m3oRQb3SQH3cGSIlk4zTIZVIK0h-HgJuXX7JLoCHT43yCLTcLQ3oukXK_5U4_bTOLVqqxN8h-96Yv0p7ECCSsPt3JbMdyO3Jed8DC13c9h6MhNs-gX8AiSafAwnVqxsvGu4V1Xs2Ol2KXIDsLlccYJ8vHoHVZzLNi2xeWeZjX8WmV9Yy-_AkTo0R6R2Pba1gp4u8WGafuhTc9i3q2IxrMfFXob8BxRMWBf9jmvDtQC2J-x8083Ac0iJ1sbCtQoes5NR4Hp38Cq

Requested by

Host: f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com
URL: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E944 0
20 B 59ms
59ms Image
image/gif 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.3.549.0&bgai=BwDy8Gf-vY_ToFO3mzAa5saTYCwAAAAA4AeAEAg&bg=!dHeldzPNAAYgquz3AKo7ACkAdvg8Wi1jux8pEeqgioPX6pBR-DK9hkeT3JTqGxQE9NcIPZ6hzETflAIAAAEzUgAAAAJoAQeZAxfBWzLBDX0TaGWFGYbWeRbZ3oWHfWRBdGyebCk_Dte5Gk5PtLW4lmuStMlYsy0u72ST7sFJ_l6k-EL3gAXOs6cdYkg1U1jU-7Dwm4Vnt7a9Mg3SvuhLWTdZ7Mwqw0QaG0YOzCwOs_micvxcIYEf-Ruqyhd26X3wh_fqgklrPaY9tGmav50kKBuxWU78fhX7_qIxQaewM_AM8jsEX1JabYsy7smg4IhWi77F8Pt3EWXP_O1IwK92S-6COZDT1W3VnjrzhPZrtegLOQBQYv82UlsGDXFiZq8bYKtG3fsw17NxI30QizOP-CNdMYddxlBnSeF66vYOBFRtoz1UdFN8fHJ9mMAMqXa55O1eCG3zzmejDcgrv3DG6PafSZUbfr6f68INxbZGtkqqw8hTb2M8FuJ11b1WCmfujkKB_eoSKABqtxMgIVyo6BpTHJWL3kGB84mOmfZsocBzma1l5S-buQ4QvwgbeHl0GSRBHYluDtaACEu8IdFP7eeuZqu7LeN_FRAHL5l48T_VKET7kpGoP3R2FzwoSlwJX26Aeu_WvlHiVUaJKnAZ19DtYtQM3kxckWA5siL0SJDjzcLTKGvcKEksQs9IieTY9NGowhdA19lUNvpXg28Eqrke8U_lUeAeEZTidHDv3N13NPTVU6p67p_VJtq-Cu2VO5yPyrO2aAPq9fMdfk5RYlUzV1vValgVUZNZo9ukq_o1Qo2-pzOr21eNWBO7TcqeQAox72rh_NxFtjcK4cx_8I7LzvUqggpo6-m1C0InTfAvaose0TeW3eNZUQV7M_vHf_7NlTFprwZCPJ0H9aLqL-k-eE6WiDQNfSX7kRGYUfkFGM8hizi4_YyQBk9ywRUXVULoZVms9ygX2nbb15CVSrUnDANxKC26oW7xU7_VVWbj3k9DCwQ3d-dACtd12LBshn-D77ldT0nuYzHGnEa3ED6rlncNH41QLM6rGGU0TcS3REj7pMl4qL8gQa0EaOZAkFSmlFfdzrdv_TTWssEGCaPJNdZI6bc3WOUcu1IJl2NU1adxvc1_OpaCHtBLd-Z2tw

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 get Show response
mv.outbrain.com/Multivac/api/ 86 KB
21 KB 839ms
839ms Script
text/javascript 199.232.18.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fwww.walla.co.il%2F&settings=true&recs=true&widgetJSId=AR_25&key=NANOWDGT01&version=201010&apv=true&sig=gBsVzksV&format=html&rand=18850&em=1&osLang=en-US&umv=1&va=true&et=true&cmpStat=0&ccpaStat=0&scrW=1600&scrH=1200&t=YzM1ZGI1YzMwMDZlYmQwYzRjMDdiMWRjNDZmNDFhMTM=&winW=1600&winH=1200&adblck=false&abwl=false&secured=true&feedIdx=4&lastIdx=4005&lastCardIdx=0&fAB=no_abtest&dpr=1&cw=1600&darkMode=false&activeTab=true&ogn=https%3A%2F%2Fwww.walla.co.il%2F
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/201010/module/streamFeed.js?e=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.18.132 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4b389a248f55c640dc18c90e0a04e0df3bc16a6865a17a23714aa3346d0ad87b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-cache-hits: 0, 0
date: Sat, 31 Dec 2022 09:21:32 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, VIE, Europe1
x-timer: S1672478491.330240,VS0,VE810
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-served-by: cache-lga21960-LGA, cache-vie6379-VIE
x-traceid: c8dfcc26250eda950e71265597a680be
accept-ranges: bytes
content-length: 21702
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 48C0 42 B
64 B 61ms
60ms Fetch
image/gif 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssluqyAdZ-mMInSJArpIAJs6lPYJrIFlHwR91ZwfKMrvkAy1_ARtXqFUmhHI_CGuWuXctqJ6uEMtTEvIFzwJoQbakr68bGQaKdzfQZ_4yUJoldKKd6GAtEQsWqynWyrpTpeG0VVzQ&sai=AMfl-YSeuJkcrakaI967Gggdzdm3UQrbIYAs94fSDffH1ZD6voLT9JxAgSdv6o0491Pw1UKTd0E8p8RZEre6fD7pK8NK7o1gmSd3TIbX7T1VCmvNfe0cLGya0EyL3SAfMn4&sig=Cg0ArKJSzG4lFXUdOkBPEAE&cid=CAQSPADq26N9q_MG4HbXAKHa33U84Vy569wJQ_AyPVB7joS1PlDZ0qEYqruK4ruAhJ52ves3sYgeghxyO-4IghgBIBM&id=lidar2&mcvt=1003&p=291,1439,891,1599&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=2273020712&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1672478489524&rpt=797&isd=0&lsd=0&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7764 43 B
215 B 162ms
161ms Image
image/gif 2600:1f13:800:7781:4e87:2a9d:c066:aa6b
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=ce28b9cf-602a-859f-7d24-b3896159f8f4&tv=%7Bc:ymEGiZ,pingTime:-10,time:979,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA4LjAuNTM1OS4xMjQgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1672478491109%7C%7Cfd84642dd997e69297e534477880b070%7C%7Cff2a6b6b0b4b5b2c43e945104008d359%7C%7C722663ff12f8fa18d16dec59d49a8424%7C%7Cc96e71212cccb9fa3135a3091976ba05%7C%7Cdb64fd926a66118919a7d450204768b2%7C%7C8d9d8734777c12c3be84cbbf3c16e991%7C%7C62810860c6e07765c12c7089553e1b25%7C%7C1663701684,sca:%7Bspg:db0458b7-4be3-4dc2-9a1b-090ece622c21%7D%7D
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:4e87:2a9d:c066:aa6b Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f70eccd1cf13500a2279e6e43ea38eea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:31 GMT
server: nginx
x-server-name: dt04.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 publishertag.prebid.123.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 15ms
14ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.123.js

Requested by

Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672444800000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:31 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 03 May 2022 11:21:03 GMT
server: nginx
etag: W/"6271101f-15b58"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 01 Jan 2023 09:21:31 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 89 KB
29 KB 33ms
33ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:31 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
server: nginx
etag: W/"6356752f-16294"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 01 Jan 2023 09:21:31 GMT

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.walla.co.il%2F&domain=www.walla.co.il&cw=1&pbt=1&lsw=1
https://mug.criteo.com/sid?cpp=TU7JYnxIV0kzRHI4ZVlpdWlOVlFnL3c4bXRtaldzTmd3TG12UUc0ZkpsS2lsWnhHVTkzcGRaTWY4SUthajcxQ1piUGswQkV0VTZXbGZPSGJwWVU3UlpDb2ZTdXZBTkpEL0ozMjA3ck40T05IZHM0N1dURVVKTFl2T2IxY1...

362 B
649 B

44ms
16ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=TU7JYnxIV0kzRHI4ZVlpdWlOVlFnL3c4bXRtaldzTmd3TG12UUc0ZkpsS2lsWnhHVTkzcGRaTWY4SUthajcxQ1piUGswQkV0VTZXbGZPSGJwWVU3UlpDb2ZTdXZBTkpEL0ozMjA3ck40T05IZHM0N1dURVVKTFl2T2IxY1dHbWVWOEhDK1oyb0d3OVpoaDRySkFsNGNHTC8yc2dzMnpmbXQ2TFRTL1BoVWc2UzJpYmFiMDVIUmRIOVlSaEVaK2NxRU9iNmc2UnQ3VFNmWDJSeXRUajdsbWlZdTh0WmxIWStYQ0ZPMFRMSmVpaUpmQ0xqWlNycW8zQTR0MWQzek1pQ2YzaklQfA&cppv=2

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

ee3b7929e6aaf8654a3f2a1a69d275406a3c490c83e4a0dd1c86a008e99e0c29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:31 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1051791
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:31 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-methods: GET
location: https://mug.criteo.com/sid?cpp=TU7JYnxIV0kzRHI4ZVlpdWlOVlFnL3c4bXRtaldzTmd3TG12UUc0ZkpsS2lsWnhHVTkzcGRaTWY4SUthajcxQ1piUGswQkV0VTZXbGZPSGJwWVU3UlpDb2ZTdXZBTkpEL0ozMjA3ck40T05IZHM0N1dURVVKTFl2T2IxY1dHbWVWOEhDK1oyb0d3OVpoaDRySkFsNGNHTC8yc2dzMnpmbXQ2TFRTL1BoVWc2UzJpYmFiMDVIUmRIOVlSaEVaK2NxRU9iNmc2UnQ3VFNmWDJSeXRUajdsbWlZdTh0WmxIWStYQ0ZPMFRMSmVpaUpmQ0xqWlNycW8zQTR0MWQzek1pQ2YzaklQfA&cppv=2
access-control-allow-origin: https://www.walla.co.il
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 606921
content-length: 0
expires: 0

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 56ms
21ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.walla.co.il%2F&domain=www.walla.co.il&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.walla.co.il
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.walla.co.il
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sat, 31 Dec 2022 09:21:31 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 4865724
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 204 /
onetag-sys.com/usync/ Frame 96EE 0
0 9ms
8ms Document
text/plain 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1672478488691

Requested by

Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672444800000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 4B7C 52 KB
17 KB 64ms
7ms Document
text/html 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672444800000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 50265
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sat, 31 Dec 2022 09:21:31 GMT
ETag: W/"623de86a-cf34"
Expires: Thu, 15 Dec 2022 19:23:16 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 9, 260021
X-Served-By: cache-lga13626-LGA, cache-hhn-etou8220044-HHN
X-Timer: S1672478492.946319,VS0,VE0

GET
H2 200 sync Show response
eb2.3lift.com/ Frame C6FE 37 B
140 B 32ms
9ms Document
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672444800000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Sat, 31 Dec 2022 09:21:31 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 39B9 52 KB
17 KB 62ms
7ms Document
text/html 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672444800000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 50265
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sat, 31 Dec 2022 09:21:31 GMT
ETag: W/"623de86a-cf34"
Expires: Thu, 15 Dec 2022 19:23:16 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 9, 247645
X-Served-By: cache-lga13626-LGA, cache-hhn-etou8220037-HHN
X-Timer: S1672478492.946494,VS0,VE0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 9771 16 KB
6 KB 16ms
16ms Document
text/html 2.18.36.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672444800000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-36-193.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=92310
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Sat, 31 Dec 2022 09:21:31 GMT
expires: Sun, 01 Jan 2023 11:00:01 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 / Show response
csync.smilewanted.com/ Frame 5EC1 6 KB
2 KB 26ms
25ms Document
text/html 104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672444800000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40ea9ebf674af95d4e36cdd1648988a442e9a85d92d85da5fc36f17ecf86558c

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 7821f20e5f1b927d-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 31 Dec 2022 09:21:31 GMT
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 1EBB 281 B
554 B 50ms
7ms Document
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672444800000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 31 Dec 2022 09:21:31 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H3 200 pd Show response
u.openx.net/w/1.0/ Frame 5730 0
35 B 26ms
17ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1672444800000
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Sat, 31 Dec 2022 09:21:31 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H/1.1 200
OK prebid
b1h-euc1.zemanta.com/usersync/ 26 B
151 B 13ms
12ms Image
image/gif 213.227.153.221
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b1h-euc1.zemanta.com/usersync/prebid
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.227.153.221 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: v182.ce14.ams-01.nl.leaseweb.net
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sat, 31 Dec 2022 09:21:31 GMT
Connection: keep-alive
Content-Length: 26
Content-Type: image/gif

GET
H2 200 decode_consent.js Show response
static.smilewanted.com/js/decode_consent/ Frame 5EC1 48 KB
12 KB 20ms
20ms Script
application/javascript 104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.smilewanted.com/js/decode_consent/decode_consent.js

Requested by

Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://csync.smilewanted.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 3086276
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Thu, 15 Apr 2021 17:11:55 GMT
server: cloudflare
etag: W/"607873db-c1ce"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7821f20eaf92927d-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 1EBB 34 KB
10 KB 8ms
8ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 063cb8b3cb8d107c323f72ec97702f3a70a0d45b2f7e0cdaf5792582741cadb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sat, 31 Dec 2022 09:21:31 GMT
Content-Encoding: gzip
Last-Modified: Fri, 30 Dec 2022 17:59:58 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=31117
Connection: keep-alive
Content-Length: 10066
Expires: Sat, 31 Dec 2022 18:00:08 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 4B7C 0
853 B 15ms
15ms Script
text/html 185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 31 Dec 2022 09:21:31 GMT
AN-X-Request-Uuid: d1aaad16-91ba-4b50-8333-af914b56db41
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 81.95.5.35; 81.95.5.35; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 39B9 0
853 B 15ms
15ms Script
text/html 185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 31 Dec 2022 09:21:31 GMT
AN-X-Request-Uuid: 66548df2-51f0-4fcb-8c51-e7e5b6c09ab6
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 81.95.5.35; 81.95.5.35; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 drop_cookie_sw.php Show response
csync.smilewanted.com/ Frame ABFA 0
582 B 29ms
28ms Document
text/html 104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/drop_cookie_sw.php
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 7821f20ee80f927d-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 31 Dec 2022 09:21:32 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2 204 v1
match.sharethrough.com/universal/ Frame 0C14 0
0 10ms
9ms Document
text/plain 3.69.128.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.69.128.123 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-69-128-123.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

date: Sat, 31 Dec 2022 09:21:31 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 76ms
14ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sat, 31 Dec 2022 09:21:31 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 539826
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1 204
No Content smw888.gif
us.ck-ie.com/ Frame 95D5 0
0 88ms
88ms Document
text/plain 8.2.110.114
NATCOWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 8.2.110.114 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Type: text/plain
Date: Sat, 31 Dec 2022 09:21:32 GMT
Server: nginx

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 1EBB 70 B
264 B 40ms
37ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 31 Dec 2022 09:21:32 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 1EBB
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/NeOwYSYJ63TU6i_eD6dSb8n5EUdSAgOZEtemQ7w0kco?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-zKsdvIlE2oIXVtaIjJrfMKoLxmWYlnb.dtMNPg--~A

0
239 B

10ms
10ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-zKsdvIlE2oIXVtaIjJrfMKoLxmWYlnb.dtMNPg--~A
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Sat, 31 Dec 2022 09:21:32 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-zKsdvIlE2oIXVtaIjJrfMKoLxmWYlnb.dtMNPg--~A
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1EBB
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NmJlY2VmNDNmMjMzZTE1ZDk1MzVmNzdlNTRhMGNmYmUxMzA1MmUzYQ

170 B
188 B

44ms
43ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NmJlY2VmNDNmMjMzZTE1ZDk1MzVmNzdlNTRhMGNmYmUxMzA1MmUzYQ

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NmJlY2VmNDNmMjMzZTE1ZDk1MzVmNzdlNTRhMGNmYmUxMzA1MmUzYQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 1EBB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOJ9L8JsbCmjZ2-6gr0ZXtk&google_cver=1

0
239 B

14ms
9ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOJ9L8JsbCmjZ2-6gr0ZXtk&google_cver=1
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:32 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOJ9L8JsbCmjZ2-6gr0ZXtk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 1EBB
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LCBQICXD-1X-6CV4

0
706 B

239ms
114ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LCBQICXD-1X-6CV4
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:31 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 4F97E6C685544F1BB621802DCA8EE889 Ref B: FRAEDGE1305 Ref C: 2022-12-31T09:21:32Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXxHD5tiD3H+DC4PWiLZA==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LCBQICXD-1X-6CV4
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 1EBB
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=47w7TWqFScuVwfVNvrrtsw&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=47w7TWqFScuVwfVNvrrtsw

43 B
479 B

36ms
35ms

Image
image/gif

54.239.38.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=47w7TWqFScuVwfVNvrrtsw

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

HTTP/1.1

Server

54.239.38.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 31 Dec 2022 09:21:32 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 0Z9YXB8NS2MGQ84775AH
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=47w7TWqFScuVwfVNvrrtsw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1EBB
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENCUUlDWEQtMVgtNkNWNA==

170 B
188 B

44ms
44ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENCUUlDWEQtMVgtNkNWNA==

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENCUUlDWEQtMVgtNkNWNA==
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 1EBB
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=sWzf5dGLSaG00dsWApRibQ&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=sWzf5dGLSaG00dsWApRibQ

43 B
479 B

96ms
95ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=sWzf5dGLSaG00dsWApRibQ

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 31 Dec 2022 09:21:32 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: J50V0JHPNXYBQ4HBM0KJ
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=sWzf5dGLSaG00dsWApRibQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

setuid Show response
ib.adnxs.com/prebid/ Frame 56AC
Redirect Chain

https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%...
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=24d5d2111c0b9b698ba36841a7691e64

43 B
1 KB

15ms
14ms

Document
image/gif

185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=24d5d2111c0b9b698ba36841a7691e64

Requested by

Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

AN-X-Request-Uuid: d33831d5-72cf-420c-8463-1f20e1d16cce
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Sat, 31 Dec 2022 09:21:32 GMT
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma: no-cache
Server: nginx/1.21.3
X-Proxy-Origin: 81.95.5.35; 81.95.5.35; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 7821f20f9923927d-FRA
content-type: text/html; charset=UTF-8
date: Sat, 31 Dec 2022 09:21:32 GMT
location: https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=24d5d2111c0b9b698ba36841a7691e64
server: cloudflare

GET
H3 200 connectmyusers.php Show response
cdn.connectad.io/ Frame 789B 1 KB
834 B 44ms
33ms Document
text/html 2606:4700:10::6816:36ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7821f20ffa51696a-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 31 Dec 2022 09:21:32 GMT
server: cloudflare

GET
H/1.1

200
OK

getuid Show response
sync.smartadserver.com/ Frame 8DD6
Redirect Chain

https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]
https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1

0
75 B

21ms
21ms

Document
text/plain

185.86.139.89
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.89 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
date: Sat, 31 Dec 2022 09:21:31 GMT

Redirect headers

cache-control: no-cache,no-store
content-length: 0
date: Sat, 31 Dec 2022 09:21:31 GMT
location: https://sync.smartadserver.com:443/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
pragma: no-cache

GET
H3 204 1
sync-eu.connectad.io/syncer/ Frame 4FE5 0
0 30ms
29ms Document
text/plain 2606:4700:10::6816:36ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by: Host: cdn.connectad.io
URL: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://cdn.connectad.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 7821f2104aba696a-FRA
date: Sat, 31 Dec 2022 09:21:32 GMT
server: cloudflare

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 67ms
66ms XHR
application/json 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120701&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071257

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7367256f0fcd51d6419727a40c1701666e9037629a3fdbc15d6f63e3b74ae809

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11089
x-xss-protection: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame F762 15 KB
6 KB 20ms
19ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.walla.co.il

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 31 Dec 2022 09:21:32 GMT
server: Kestrel
server-processing-duration-in-ticks: 962843
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 73FD 0
0 9ms
9ms Document
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache,no-store,must-revalidate
Content-Type: image/gif
Expires: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52

GET
H2

200

sid Show response
mug.criteo.com/ Frame F762
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=walla.co.il&sn=ChromeSyncframe&so=3&topUrl=www.walla.co.il&bundle=ek2RK19nOTF1MTkwWDBUMkp4SkFFODdKJTJGejVJb0JGNmxZVWFlTVpEVkFDMVN2UGl0QUpy...
https://mug.criteo.com/sid?cpp=l8X5THxTckdJZG9tcXJXMDR2dHlJb1BPRlpIQ0x4NWc2WTVhMUlKMnMwZGJVOURCVVZmcHhXL3daTHJGWjU0dG9WUmNmVFYrSDlpTUdaUFBUNGJIN2U0eHNYNXhXNjlQWUZWdFlDL2ozZm5xUlhwNmpFTk16T2pLdEtzST...

417 B
650 B

15ms
15ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=l8X5THxTckdJZG9tcXJXMDR2dHlJb1BPRlpIQ0x4NWc2WTVhMUlKMnMwZGJVOURCVVZmcHhXL3daTHJGWjU0dG9WUmNmVFYrSDlpTUdaUFBUNGJIN2U0eHNYNXhXNjlQWUZWdFlDL2ozZm5xUlhwNmpFTk16T2pLdEtzSTduWDczbTRrNEQ3Zm9ndUhBcHIvb2hpRWc0OGx3YndjMFdaTGI5QXpnMTJSaVhvem1hUHJkZ25yVUxTT3JNR1JwdjRKcXE1ZlZzc016RStDUUw2K2Nad3pjakd0Y3BGaEVzY2hEYkFSVDFsZmFiVmcyOXlHZnFPUGxjOCtBVEo0ZzREWTZqdExsR0t6WWJoZGdGYTNWc2hOQm4wUHhEQT09fA&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

866b1150eef0c08d3399733c57e422d3ad1b4ac183f37a0a89158f2012f04943

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:31 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1401582
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 31 Dec 2022 09:21:32 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=l8X5THxTckdJZG9tcXJXMDR2dHlJb1BPRlpIQ0x4NWc2WTVhMUlKMnMwZGJVOURCVVZmcHhXL3daTHJGWjU0dG9WUmNmVFYrSDlpTUdaUFBUNGJIN2U0eHNYNXhXNjlQWUZWdFlDL2ozZm5xUlhwNmpFTk16T2pLdEtzSTduWDczbTRrNEQ3Zm9ndUhBcHIvb2hpRWc0OGx3YndjMFdaTGI5QXpnMTJSaVhvem1hUHJkZ25yVUxTT3JNR1JwdjRKcXE1ZlZzc016RStDUUw2K2Nad3pjakd0Y3BGaEVzY2hEYkFSVDFsZmFiVmcyOXlHZnFPUGxjOCtBVEo0ZzREWTZqdExsR0t6WWJoZGdGYTNWc2hOQm4wUHhEQT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 799011
content-length: 0
expires: 0

GET
H2

200

Y6--GX4k0RL85DpHIYUDBgAA%263192 Show response
csync.smilewanted.com/set_partner_userid_get/indexexchange/ Frame C7DA
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=193216&cb=https://csync.smilewanted.com/set_partner_userid_get/indexexchange/
https://csync.smilewanted.com/set_partner_userid_get/indexexchange/Y6--GX4k0RL85DpHIYUDBgAA%263192

0
606 B

25ms
25ms

Document
text/html

104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/indexexchange/Y6--GX4k0RL85DpHIYUDBgAA%263192
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 7821f2110b97927d-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 31 Dec 2022 09:21:32 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7821f210dae52bf1-FRA
content-length: 0
date: Sat, 31 Dec 2022 09:21:32 GMT
expires: 0
location: https://csync.smilewanted.com/set_partner_userid_get/indexexchange/Y6--GX4k0RL85DpHIYUDBgAA%263192
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NDsmtMcruOA4%2F%2BdHCJ5xf1RcQaw6LGR6juTJFnlOr9PvsLMM7vmHyrWaTE9h1AAwZvg4g1Tc4boFtpPOzBeWxWyZcNhCTBL4BjdJ3lYAF5UYruCx%2BWM%2FGR%2BxT7lKh3uDiq65ShjVZkcDYw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071257

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 31 Dec 2022 09:21:32 GMT

GET
H2

200

83e34231-88ec-11ed-967f-1ee5b9e10106 Show response
csync.smilewanted.com/set_partner_userid_get/spotx/ Frame 3D86
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID&__user_check__=1&sync_id=83e34276-88ec-11ed-967f-1ee5b9e10106
https://csync.smilewanted.com/set_partner_userid_get/spotx/83e34231-88ec-11ed-967f-1ee5b9e10106

0
849 B

29ms
29ms

Document
text/html

104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/spotx/83e34231-88ec-11ed-967f-1ee5b9e10106
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 7821f2122d56927d-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 31 Dec 2022 09:21:32 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection: keep-alive
Content-Length: 0
Content-Type: text/plain
Date: Sat, 31 Dec 2022 09:21:32 GMT
Location: https://csync.smilewanted.com/set_partner_userid_get/spotx/83e34231-88ec-11ed-967f-1ee5b9e10106
Server: nginx
X-fe: 62

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8F6B 13 KB
5 KB 10ms
8ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 554
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 31 Dec 2022 09:12:18 GMT
expires: Sun, 31 Dec 2023 09:12:18 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4BB3 783 B
534 B 44ms
43ms Document
text/html 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

170b00e289d3fb04069b7069d2e6701d852d72f64bdc53a918b19bb998e520df

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Gxu00dn5pKiyQnuav8jtlQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-Gxu00dn5pKiyQnuav8jtlQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 31 Dec 2022 09:21:32 GMT
expires: Sat, 31 Dec 2022 09:21:32 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2

200

/ Show response
csync.smilewanted.com/set_partner_userid_get/outbrain/ Frame 88BA
Redirect Chain

https://b1sync.zemanta.com/usersync/smilewanted?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Foutbrain%2F__ZUID__
https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0

0
80 B

26ms
26ms

Document
text/html

104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 7821f213f858927d-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 31 Dec 2022 09:21:32 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 92
Content-Type: text/html; charset=utf-8
Date: Sat, 31 Dec 2022 09:21:32 GMT
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Location: https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
Pragma: no-cache

GET
H3 200 QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js Show response
pagead2.googlesyndication.com/bg/ Frame 8F6B 36 KB
16 KB 20ms
20ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 20:49:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 304328
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15878
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Dec 2023 20:49:24 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4BB3 0
0 52ms
51ms Image
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022120701&jk=3720060284199408&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H2

200

7655e3f8-dad5-4f2a-8a26-a4c3fac78a7b Show response
csync.smilewanted.com/set_partner_userid_get/loopme/ Frame E7FE
Redirect Chain

https://csync.loopme.me/?redirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Floopme%2F%7Bdevice_id%7D&gdpr=0&gdpr_consent=
https://csync.smilewanted.com/set_partner_userid_get/loopme/7655e3f8-dad5-4f2a-8a26-a4c3fac78a7b?gdpr_consent=null&gdpr=0

0
649 B

30ms
29ms

Document
text/html

104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/loopme/7655e3f8-dad5-4f2a-8a26-a4c3fac78a7b?gdpr_consent=null&gdpr=0
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 7821f2124d95927d-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 31 Dec 2022 09:21:32 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

content-length: 0
date: Sat, 31 Dec 2022 09:21:32 GMT
location: https://csync.smilewanted.com/set_partner_userid_get/loopme/7655e3f8-dad5-4f2a-8a26-a4c3fac78a7b?gdpr_consent=null&gdpr=0
server: _

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 8F6B 0
12 B 8ms
7ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?oIU2nQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:32 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame 8E2A 0
260 B 117ms
13ms Script
text/plain 198.47.127.20
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=158810&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 09:21:32 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 204 unip Show response
trc-events.taboola.com/1245572/log/3/ 0
246 B 18ms
17ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1245572/log/3/unip?en=pre_d_eng_tb&tos=4632&scd=9&ssd=1&est=1672478488269&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1672478492902&vi=1672478488266&ri=92aeb478625cca712a4fbb72060db785&ref=null&cv=20221227-23-RELEASE&item-url=https%3A%2F%2Fwww.walla.co.il%2F
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1245572/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: https://www.walla.co.il
pragma: no-cache
date: Sat, 31 Dec 2022 09:21:32 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 4B7C 0
853 B 16ms
16ms Script
text/html 185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 31 Dec 2022 09:21:32 GMT
AN-X-Request-Uuid: 3d23109e-a40c-44e4-a225-c6024c46d549
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 81.95.5.35; 81.95.5.35; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 39B9 0
853 B 15ms
15ms Script
text/html 185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS