urlscan.io logo urlscan.io
SecurityTrails logo

www.walla.co.il Open in urlscan Pro
13.224.189.75  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.walla.co.il/
Submission: On August 02 via manual from IL — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 120 IPs in 14 countries across 91 domains to perform 583 HTTP transactions. The main IP is 13.224.189.75, located in United States and belongs to AMAZON-02, US. The main domain is www.walla.co.il. The Cisco Umbrella rank of the primary domain is 151608.
TLS certificate: Issued by Amazon RSA 2048 M01 on March 27th 2023. Valid for: a year.
This is the only time www.walla.co.il was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
39 13.224.189.75 16509 (AMAZON-02)
13 2a00:1450:400... 15169 (GOOGLE)
1 205.185.216.42 20446 (STACKPATH...)
43 151.101.129.44 54113 (FASTLY)
2 2606:2800:234... 15133 (EDGECAST)
6 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
6 13.227.219.86 16509 (AMAZON-02)
2 2600:9000:205... 16509 (AMAZON-02)
12 34.160.198.118 396982 (GOOGLE-CL...)
2 2a02:6ea0:c70... 60068 (CDN77 ^_^)
1 52.21.223.114 14618 (AMAZON-AES)
1 104.19.150.54 13335 (CLOUDFLAR...)
1 2600:9000:205... 16509 (AMAZON-02)
1 2a04:4e42:400... 54113 (FASTLY)
3 2a03:2880:f08... 32934 (FACEBOOK)
1 18 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
19 52.71.47.12 14618 (AMAZON-AES)
2 142.250.186.130 15169 (GOOGLE)
2 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 51.77.64.70 16276 (OVH)
1 13.227.219.97 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 104.244.42.72 13414 (TWITTER)
1 10 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 34.96.70.87 396982 (GOOGLE-CL...)
1 65.9.66.68 16509 (AMAZON-02)
1 2600:9000:205... 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a02:2638:3::3 44788 (ASN-CRITE...)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 104.18.24.112 13335 (CLOUDFLAR...)
2 2001:4860:480... 15169 (GOOGLE)
1 34.120.218.58 396982 (GOOGLE-CL...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
5 2a02:6b8::90 208722 (GLOBAL_DC)
1 185.64.189.112 62713 (AS-PUBMATIC)
5 2602:803:c003... 26667 (RUBICONPR...)
1 35.227.252.103 15169 (GOOGLE)
3 9 185.89.211.84 29990 (ASN-APPNEX)
3 7 51.89.9.251 16276 (OVH)
1 2a02:2638:d::a 44788 (ASN-CRITE...)
5 34.149.20.76 396982 (GOOGLE-CL...)
1 104.18.24.185 13335 (CLOUDFLAR...)
8 5.135.209.97 16276 (OVH)
2 3 185.184.8.90 204995 (RTB-HOUSE...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 18.195.32.10 16509 (AMAZON-02)
1 17 104.22.69.131 13335 (CLOUDFLAR...)
5 9 216.52.2.86 32475 (SINGLEHOP...)
1 185.255.84.151 200271 (IGUANE-)
4 2a00:1450:400... 15169 (GOOGLE)
2 8 2a02:2638:d::d 44788 (ASN-CRITE...)
3 54.74.76.239 16509 (AMAZON-02)
4 2a03:2880:f17... 32934 (FACEBOOK)
1 2 34.120.135.53 396982 (GOOGLE-CL...)
2 35.190.39.111 15169 (GOOGLE)
1 162.19.138.119 16276 (OVH)
1 52.49.50.175 16509 (AMAZON-02)
2 178.250.7.13 44788 (ASN-CRITE...)
2 2a00:1450:400... 15169 (GOOGLE)
56 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:20e... 16509 (AMAZON-02)
1 1 18.66.97.111 16509 (AMAZON-02)
3 99.86.4.49 16509 (AMAZON-02)
49 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
23 2a00:1450:400... 15169 (GOOGLE)
4 35.244.159.8 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 23.213.164.238 16625 (AKAMAI-AS)
2 4 138.201.8.249 24940 (HETZNER-AS)
5 2607:f8b0:400... 15169 (GOOGLE)
1 74.125.206.157 15169 (GOOGLE)
9 9 46.228.174.117 56396 (AMOBEE)
3 4 2001:678:cb4:... 56396 (AMOBEE)
2 2 188.42.191.196 7979 (SERVERS-COM)
4 8.2.110.114 46636 (NATCOWEB)
5 7 37.157.6.233 198622 (ADFORM)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 2.16.202.99 20940 (AKAMAI-ASN1)
7 141.226.228.48 200478 (TABOOLA-AS)
2 3.68.130.198 16509 (AMAZON-02)
7 142.250.186.66 15169 (GOOGLE)
8 142.250.185.226 15169 (GOOGLE)
7 52.223.40.198 16509 (AMAZON-02)
2 6 2a05:d018:d29... 16509 (AMAZON-02)
2 5 18.196.113.49 16509 (AMAZON-02)
18 40 142.250.186.98 15169 (GOOGLE)
5 14 185.80.39.216 27381 (CASALE-MEDIA)
2 104.102.35.84 16625 (AKAMAI-AS)
1 2 35.204.158.49 396982 (GOOGLE-CL...)
1 34.96.105.8 396982 (GOOGLE-CL...)
5 7 185.64.190.78 62713 (AS-PUBMATIC)
1 52.58.63.153 16509 (AMAZON-02)
2 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 185.29.132.241 30419 (MEDIAMATH...)
1 2 151.101.130.49 54113 (FASTLY)
2 185.86.138.151 201081 (SMARTADSE...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42::300 54113 (FASTLY)
1 141.226.224.32 200478 (TABOOLA-AS)
1 13.248.245.213 16509 (AMAZON-02)
1 151.101.193.108 54113 (FASTLY)
2 104.18.11.47 13335 (CLOUDFLAR...)
2 95.101.149.233 16625 (AKAMAI-AS)
1 67.202.105.24 32748 (STEADFAST)
2 2 213.155.156.166 1299 (TWELVE99 ...)
6 198.47.127.205 62713 (AS-PUBMATIC)
1 1 193.0.160.131 54312 (ROCKETFUEL)
1 1 178.250.1.9 44788 (ASN-CRITE...)
6 185.64.191.210 62713 (AS-PUBMATIC)
3 5 52.94.222.140 16509 (AMAZON-02)
2 2 2620:116:800d... 16509 (AMAZON-02)
1 2 63.34.78.10 16509 (AMAZON-02)
2 2 34.111.129.221 396982 (GOOGLE-CL...)
1 34.111.131.239 396982 (GOOGLE-CL...)
3 4 54.172.28.235 14618 (AMAZON-AES)
3 5 209.54.182.161 16509 (AMAZON-02)
2 2 3.124.112.76 16509 (AMAZON-02)
1 1 34.111.151.213 396982 (GOOGLE-CL...)
3 3 69.173.144.138 26667 (RUBICONPR...)
3 6 69.173.144.139 26667 (RUBICONPR...)
1 198.47.127.20 62713 (AS-PUBMATIC)
1 1 85.114.159.118 ()
1 1 54.224.144.126 ()
5 5 52.212.242.190 ()
1 1 208.93.169.131 ()
1 1 185.86.138.155 ()
1 3 2606:4700:10:... ()
1 2 77.243.51.121 ()
4 4 146.59.148.16 ()
2 2 18.198.69.109 ()
1 3.71.149.231 ()
2 2 3.122.126.194 ()
583 120
39    13.224.189.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-75.fra2.r.cloudfront.net
www.walla.co.il
13    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
www.googletagservices.com
1    205.185.216.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net
cdn.valuad.cloud
43    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
pm-widget.taboola.com
trc.taboola.com
vidstat.taboola.com
images.taboola.com
imprammp.taboola.com
2    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
6    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
6    13.227.219.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-219-86.ams54.r.cloudfront.net
tags.dxmdp.com
2    2600:9000:2057:1a00:18:1fcd:353:c61 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
12    34.160.198.118 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.198.160.34.bc.googleusercontent.com
images.wcdn.co.il
2    2a02:6ea0:c700::19 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
web-sdk.smartlook.com
1    52.21.223.114 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-223-114.compute-1.amazonaws.com
ping.chartbeat.net
1    104.19.150.54 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.permutive.com
1    2600:9000:2057:aa00:4:1c73:c740:93a1 (United States)

ASN16509 (AMAZON-02, US)
d2r08ja41ypc0t.cloudfront.net
1    2a04:4e42:400::714 (United States)

ASN54113 (FASTLY, US)
mab.chartbeat.com
3    2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
18    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
4    2a00:1450:4001:827::2014 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
hb-dot-valuad.appspot.com
19    52.71.47.12 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-47-12.compute-1.amazonaws.com
mabping.chartbeat.net
2    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
www.googleadservices.com
2    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
12890047.adoric-om.com
static.adoric.com
1    51.77.64.70 (Germany)

ASN16276 (OVH, FR)
PTR: de-fra-1.pro.ip-api.com
pro.ip-api.com
1    13.227.219.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-219-97.ams54.r.cloudfront.net
dal.walla.co.il
1    2a00:1450:400c:c02::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    104.244.42.72 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
10    2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
1    65.9.66.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-68.fra56.r.cloudfront.net
tags.crwdcntrl.net
1    2600:9000:2057:c000:a:e047:753:be1 (United States)

ASN16509 (AMAZON-02, US)
cdn.prod.uidapi.com
1    2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
2    2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
3    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
1    104.18.24.112 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn-ima.33across.com
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    34.120.218.58 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 58.218.120.34.bc.googleusercontent.com
app.adoric-om.com
2    2606:4700:20::ac43:4bf1 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
1    2a02:fa8:8806:20::2100 (Singapore)

ASN41041 (VCLK-EU-SE, US)
web.hb.ad.cpe.dotomi.com
5    2a02:6b8::90 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
bs.yandex.ru
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
5    2602:803:c003:200::44 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
9    185.89.211.84 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
7    51.89.9.251 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu
onetag-sys.com
1    2a02:2638:d::a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
5    34.149.20.76 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 76.20.149.34.bc.googleusercontent.com
ssc.33across.com
1    104.18.24.185 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
8    5.135.209.97 (Oignies, France)

ASN16276 (OVH, FR)
PTR: ip97.ip-5-135-209.eu
prg.smartadserver.com
3    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
prebid-eu.creativecdn.com
creativecdn.com
1    2606:4700::6812:272 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
1    18.195.32.10 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-32-10.eu-central-1.compute.amazonaws.com
tlx.3lift.com
17    104.22.69.131 (None, )

ASN13335 (CLOUDFLARENET, US)
prebid.smilewanted.com
csync.smilewanted.com
static.smilewanted.com
9    216.52.2.86 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
1    185.255.84.151 (France)

ASN200271 (IGUANE-, FR)
hb-api.omnitagjs.com
4    2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com
8    2a02:2638:d::d (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
3    54.74.76.239 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-74-76-239.eu-west-1.compute.amazonaws.com
event.dxmdp.com
4    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    34.120.135.53 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com
oajs.openx.net
2    35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com
esp.rtbhouse.com
1    162.19.138.119 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu
id5-sync.com
1    52.49.50.175 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-50-175.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
2    178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
2    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
56    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2600:9000:20eb:c800:11:da61:a100:93a1 (United States)

ASN16509 (AMAZON-02, US)
cf.dxmcdn.com
1    18.66.97.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-111.fra56.r.cloudfront.net
cdn-uw2-prod.tsv2.amagi.tv
3    99.86.4.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-49.fra6.r.cloudfront.net
amg01742-walla-wallanews-ono-btlna.amagi.tv
49    2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
23    2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
4    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
google-bidout-d.openx.net
us-u.openx.net
pixelgroup-d.openx.net
2    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pubads.g.doubleclick.net
3    23.213.164.238 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-164-238.deploy.static.akamaitechnologies.com
ads.pubmatic.com
4    138.201.8.249 (Ergolding, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.249.8.201.138.clients.your-server.de
sync.richaudience.com
5    2607:f8b0:4001:c61::78 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
1    74.125.206.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wk-in-f157.1e100.net
bid.g.doubleclick.net
9    46.228.174.117 (United Kingdom)

ASN56396 (AMOBEE, GB)
sync.1rx.io
sync.targeting.unrulymedia.com
4    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
r.turn.com
2    188.42.191.196 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
4    8.2.110.114 (United States)

ASN46636 (NATCOWEB, US)
us.ck-ie.com
7    37.157.6.233 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
dmp.adform.net
c1.adform.net
1    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
gcdn.2mdn.net
1    2a00:1450:4001:6d::6 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
r1---sn-4g5edns6.c.2mdn.net
1    2.16.202.99 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-202-99.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
7    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
am-trc-events.taboola.com
am-match.taboola.com
am-vid-events.taboola.com
2    3.68.130.198 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-68-130-198.eu-central-1.compute.amazonaws.com
match.sharethrough.com
7    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
googleads4.g.doubleclick.net
8    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
ade.googlesyndication.com
7    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
6    2a05:d018:d29:3605:cb40:4a86:732c:5dc5 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
5    18.196.113.49 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-113-49.eu-central-1.compute.amazonaws.com
x.bidswitch.net
40    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
cm.g.doubleclick.net
14    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
dsum.casalemedia.com
2    104.102.35.84 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-35-84.deploy.static.akamaitechnologies.com
sync.teads.tv
2    35.204.158.49 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com
um.simpli.fi
1    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
7    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    52.58.63.153 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-63-153.eu-central-1.compute.amazonaws.com
red.vtracy.de
2    2a02:fa8:8806:20::2010 (Singapore)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
pubmatic-match.dotomi.com
2    2606:4700::6812:19ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    185.29.132.241 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    185.86.138.151 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
1    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2a04:4e42::300 (United States)

ASN54113 (FASTLY, US)
pips.taboola.com
1    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
1    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    151.101.193.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
2    104.18.11.47 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
2    95.101.149.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-233.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    67.202.105.24 (Palos Park, United States)

ASN32748 (STEADFAST, US)
PTR: ip24.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
2    213.155.156.166 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
6    198.47.127.205 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    193.0.160.131 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
6    185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
5    52.94.222.140 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
2    2620:116:800d:21:b314:a0ef:ab7c:d546 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
2    63.34.78.10 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-78-10.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
1    34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com
idsync.frontend.weborama.fr
4    54.172.28.235 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-172-28-235.compute-1.amazonaws.com
a.audrte.com
5    209.54.182.161 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
2    3.124.112.76 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-112-76.eu-central-1.compute.amazonaws.com
pm.w55c.net
1    34.111.151.213 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 213.151.111.34.bc.googleusercontent.com
dmp.brand-display.com
3    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
6    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    198.47.127.20 (United States)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
1    85.114.159.118 (None, )

ASN- ()
dsp.adfarm1.adition.com
1    54.224.144.126 (None, )

ASN- ()
sync.srv.stackadapt.com
5    52.212.242.190 (None, )

ASN- ()
match.prod.bidr.io
1    208.93.169.131 (None, )

ASN- ()
bh.contextweb.com
1    185.86.138.155 (None, )

ASN- ()
rtb-csync.smartadserver.com
3    2606:4700:10::6816:1857 (None, )

ASN- ()
mwzeom.zeotap.com
spl.zeotap.com
2    77.243.51.121 (None, )

ASN- ()
uipglob.semasio.net
4    146.59.148.16 (None, )

ASN- ()
pixel.onaudience.com
2    18.198.69.109 (None, )

ASN- ()
loada.exelator.com
1    3.71.149.231 (None, )

ASN- ()
ups.analytics.yahoo.com
2    3.122.126.194 (None, )

ASN- ()
ads.creative-serving.com
Apex Domain
Subdomains		 Transfer
91 googlesyndication.com
1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 130
tpc.googlesyndication.com — Cisco Umbrella Rank: 155
ade.googlesyndication.com — Cisco Umbrella Rank: 313
516 KB
77 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 204
googleads.g.doubleclick.net — Cisco Umbrella Rank: 55
stats.g.doubleclick.net — Cisco Umbrella Rank: 114
pubads.g.doubleclick.net — Cisco Umbrella Rank: 416
bid.g.doubleclick.net — Cisco Umbrella Rank: 719
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 347
cm.g.doubleclick.net — Cisco Umbrella Rank: 239
342 KB
52 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 861
pm-widget.taboola.com — Cisco Umbrella Rank: 3031
trc.taboola.com — Cisco Umbrella Rank: 616
vidstat.taboola.com — Cisco Umbrella Rank: 2544
am-trc-events.taboola.com — Cisco Umbrella Rank: 14198
images.taboola.com — Cisco Umbrella Rank: 1756
imprammp.taboola.com — Cisco Umbrella Rank: 13588
am-match.taboola.com — Cisco Umbrella Rank: 13614
am-vid-events.taboola.com — Cisco Umbrella Rank: 12767
pips.taboola.com — Cisco Umbrella Rank: 1537
cds.taboola.com — Cisco Umbrella Rank: 1770
955 KB
51 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 311
gcdn.2mdn.net — Cisco Umbrella Rank: 1145
r1---sn-4g5edns6.c.2mdn.net
8 MB
40 walla.co.il
www.walla.co.il — Cisco Umbrella Rank: 151608
dal.walla.co.il — Cisco Umbrella Rank: 136476
1 MB
24 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 577
ads.pubmatic.com — Cisco Umbrella Rank: 553
image6.pubmatic.com — Cisco Umbrella Rank: 767
image2.pubmatic.com — Cisco Umbrella Rank: 1021
simage2.pubmatic.com — Cisco Umbrella Rank: 763
simage4.pubmatic.com — Cisco Umbrella Rank: 1276
97 KB
20 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1202
mabping.chartbeat.net — Cisco Umbrella Rank: 5712
4 KB
17 smilewanted.com
prebid.smilewanted.com — Cisco Umbrella Rank: 6737
csync.smilewanted.com — Cisco Umbrella Rank: 3279
static.smilewanted.com — Cisco Umbrella Rank: 11659
32 KB
16 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 562
eus.rubiconproject.com — Cisco Umbrella Rank: 618
token.rubiconproject.com — Cisco Umbrella Rank: 613
pixel.rubiconproject.com — Cisco Umbrella Rank: 380
17 KB
15 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 645
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 624
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 477
dsum.casalemedia.com — Cisco Umbrella Rank: 1529
12 KB
12 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 704
gum.criteo.com — Cisco Umbrella Rank: 417
mug.criteo.com — Cisco Umbrella Rank: 2490
dis.criteo.com — Cisco Umbrella Rank: 623
16 KB
12 wcdn.co.il
images.wcdn.co.il — Cisco Umbrella Rank: 105093
1 MB
11 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1523
ssbsync.smartadserver.com — Cisco Umbrella Rank: 823
rtb-csync.smartadserver.com
12 KB
11 google.com
www.google.com — Cisco Umbrella Rank: 3
adservice.google.com — Cisco Umbrella Rank: 118
2 KB
10 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1121
s.amazon-adsystem.com — Cisco Umbrella Rank: 319
7 KB
10 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 245
acdn.adnxs.com — Cisco Umbrella Rank: 573
24 KB
9 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 725
9 KB
9 dxmdp.com
tags.dxmdp.com — Cisco Umbrella Rank: 39585
event.dxmdp.com — Cisco Umbrella Rank: 40121
130 KB
7 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 466
ups.analytics.yahoo.com
3 KB
7 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 379
2 KB
7 adform.net
cm.adform.net — Cisco Umbrella Rank: 1274
dmp.adform.net — Cisco Umbrella Rank: 3440
c1.adform.net — Cisco Umbrella Rank: 607
3 KB
7 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 762
1 KB
7 openx.net
rtb.openx.net — Cisco Umbrella Rank: 790
oajs.openx.net — Cisco Umbrella Rank: 1490
google-bidout-d.openx.net — Cisco Umbrella Rank: 1486
us-u.openx.net — Cisco Umbrella Rank: 482
pixelgroup-d.openx.net — Cisco Umbrella Rank: 80865
1 KB
7 33across.com
cdn-ima.33across.com — Cisco Umbrella Rank: 1338
ssc.33across.com — Cisco Umbrella Rank: 4312
ssc-cms.33across.com — Cisco Umbrella Rank: 1207
10 KB
6 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 590
3 KB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 58
region1.google-analytics.com — Cisco Umbrella Rank: 1914
21 KB
6 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 73
458 KB
5 bidr.io
match.prod.bidr.io
3 KB
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 213
281 KB
5 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 350
1 KB
5 gstatic.com
csi.gstatic.com
414 B
5 yandex.ru
bs.yandex.ru — Cisco Umbrella Rank: 17001
521 B
4 onaudience.com
pixel.onaudience.com
2 KB
4 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2823
3 KB
4 ck-ie.com
us.ck-ie.com — Cisco Umbrella Rank: 3380
4 turn.com
ad.turn.com — Cisco Umbrella Rank: 912
r.turn.com — Cisco Umbrella Rank: 3865
2 KB
4 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 2001
840 B
4 amagi.tv
cdn-uw2-prod.tsv2.amagi.tv — Cisco Umbrella Rank: 52746
amg01742-walla-wallanews-ono-btlna.amagi.tv — Cisco Umbrella Rank: 202721
5 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
249 B
4 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1034
bcp.crwdcntrl.net — Cisco Umbrella Rank: 869
sync.crwdcntrl.net — Cisco Umbrella Rank: 840
13 KB
4 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 1658
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 6557
creativecdn.com — Cisco Umbrella Rank: 514
2 KB
4 google.de
www.google.de — Cisco Umbrella Rank: 5772
690 B
4 appspot.com
hb-dot-valuad.appspot.com — Cisco Umbrella Rank: 57677
122 B
3 zeotap.com
mwzeom.zeotap.com
spl.zeotap.com
1 KB
3 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 26262
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 24044
897 B
3 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1371
2 KB
3 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 497
ajax.googleapis.com — Cisco Umbrella Rank: 415
356 KB
3 dotomi.com
web.hb.ad.cpe.dotomi.com — Cisco Umbrella Rank: 3393
dclk-match.dotomi.com — Cisco Umbrella Rank: 3556
pubmatic-match.dotomi.com
356 B
3 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1526
mp.4dex.io — Cisco Umbrella Rank: 2996
25 KB
3 criteo.net
static.criteo.net — Cisco Umbrella Rank: 599
73 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 170
241 KB
3 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1531
mab.chartbeat.com — Cisco Umbrella Rank: 2326
29 KB
3 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 1001
syndication.twitter.com — Cisco Umbrella Rank: 1206
132 KB
2 creative-serving.com
ads.creative-serving.com
1 KB
2 exelator.com
loada.exelator.com
2 KB
2 semasio.net
uipglob.semasio.net
1 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 980
1 KB
2 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 802
995 B
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 5207
562 B
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 682
cdn.indexww.com — Cisco Umbrella Rank: 1630
2 KB
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 746
796 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 801
s.tribalfusion.com — Cisco Umbrella Rank: 2021
1 KB
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 862
1 KB
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1361
326 B
2 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 578
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1708
1 KB
2 rtbhouse.com
esp.rtbhouse.com — Cisco Umbrella Rank: 1627
315 B
2 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 631
eb2.3lift.com — Cisco Umbrella Rank: 403
683 B
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 372
3 KB
2 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 837
id5-sync.com — Cisco Umbrella Rank: 423
25 KB
2 adoric-om.com
12890047.adoric-om.com — Cisco Umbrella Rank: 208649
app.adoric-om.com — Cisco Umbrella Rank: 32165
54 KB
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 163
20 KB
2 smartlook.com
web-sdk.smartlook.com — Cisco Umbrella Rank: 21547
20 KB
1 contextweb.com
bh.contextweb.com
664 B
1 stackadapt.com
sync.srv.stackadapt.com
1 KB
1 adition.com
dsp.adfarm1.adition.com
524 B
1 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 1833
349 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 859
795 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 1028
729 B
1 vtracy.de
red.vtracy.de — Cisco Umbrella Rank: 99490
17 KB
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 2157
174 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 563
591 B
1 dxmcdn.com
cf.dxmcdn.com — Cisco Umbrella Rank: 61212
62 KB
1 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 3867
1 KB
1 adoric.com
static.adoric.com — Cisco Umbrella Rank: 56024
15 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1581
8 KB
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 1633
2 KB
1 ip-api.com
pro.ip-api.com — Cisco Umbrella Rank: 6347
175 B
1 cloudfront.net
d2r08ja41ypc0t.cloudfront.net
463 B
1 permutive.com
cdn.permutive.com — Cisco Umbrella Rank: 2588
1 valuad.cloud
cdn.valuad.cloud — Cisco Umbrella Rank: 86623
273 KB
583 91
Domain Requested by
56 pagead2.googlesyndication.com securepubads.g.doubleclick.net
imasdk.googleapis.com
tpc.googlesyndication.com
1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
s0.2mdn.net
www.googletagservices.com
49 s0.2mdn.net imasdk.googleapis.com
www.walla.co.il
s0.2mdn.net
40 cm.g.doubleclick.net 18 redirects googleads.g.doubleclick.net
1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com
39 www.walla.co.il www.walla.co.il
28 images.taboola.com
23 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
imasdk.googleapis.com
1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com
www.walla.co.il
s0.2mdn.net
19 mabping.chartbeat.net www.walla.co.il
18 googleads.g.doubleclick.net 1 redirects www.googletagmanager.com
www.googleadservices.com
imasdk.googleapis.com
1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com
pagead2.googlesyndication.com
12 images.wcdn.co.il www.walla.co.il
10 dsum-sec.casalemedia.com 4 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
10 csync.smilewanted.com 1 redirects cdn.valuad.cloud
csync.smilewanted.com
10 www.google.com 1 redirects www.walla.co.il
tpc.googlesyndication.com
securepubads.g.doubleclick.net
1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com
9 ap.lijit.com 5 redirects cdn.valuad.cloud
csync.smilewanted.com
9 ib.adnxs.com 3 redirects cdn.valuad.cloud
googleads.g.doubleclick.net
acdn.adnxs.com
csync.smilewanted.com
9 cdn.taboola.com www.walla.co.il
cdn.taboola.com
8 ade.googlesyndication.com
8 gum.criteo.com 2 redirects cdn.taboola.com
static.criteo.net
cdn.valuad.cloud
8 prg.smartadserver.com cdn.valuad.cloud
8 securepubads.g.doubleclick.net www.walla.co.il
securepubads.g.doubleclick.net
www.googletagservices.com
7 image6.pubmatic.com 5 redirects ads.pubmatic.com
7 match.adsrvr.org am-match.taboola.com
imprammp.taboola.com
1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com
ads.pubmatic.com
ssum-sec.casalemedia.com
csync.smilewanted.com
7 googleads4.g.doubleclick.net www.walla.co.il
7 onetag-sys.com 3 redirects cdn.valuad.cloud
csync.smilewanted.com
6 pixel.rubiconproject.com 3 redirects
6 simage2.pubmatic.com ads.pubmatic.com
6 image2.pubmatic.com ads.pubmatic.com
6 pr-bh.ybp.yahoo.com 2 redirects am-match.taboola.com
imprammp.taboola.com
ssum-sec.casalemedia.com
6 sync.1rx.io 6 redirects
6 tags.dxmdp.com www.walla.co.il
tags.dxmdp.com
6 www.googletagmanager.com www.walla.co.il
www.googletagmanager.com
5 match.prod.bidr.io 5 redirects
5 s.amazon-adsystem.com 3 redirects ssum-sec.casalemedia.com
5 aax-eu.amazon-adsystem.com 3 redirects ads.pubmatic.com
5 www.googletagservices.com securepubads.g.doubleclick.net
1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com
5 x.bidswitch.net 2 redirects am-match.taboola.com
imprammp.taboola.com
5 am-trc-events.taboola.com cdn.taboola.com
5 csi.gstatic.com imasdk.googleapis.com
5 prebid.smilewanted.com cdn.valuad.cloud
5 ssc.33across.com cdn.valuad.cloud
5 fastlane.rubiconproject.com cdn.valuad.cloud
5 bs.yandex.ru cdn.valuad.cloud
4 pixel.onaudience.com 4 redirects
4 c1.adform.net 3 redirects ads.pubmatic.com
4 a.audrte.com 3 redirects ads.pubmatic.com
4 us.ck-ie.com csync.smilewanted.com
4 sync.richaudience.com 2 redirects csync.smilewanted.com
4 www.facebook.com www.walla.co.il
4 1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 www.google.de www.walla.co.il
4 hb-dot-valuad.appspot.com cdn.valuad.cloud
12890047.adoric-om.com
4 www.google-analytics.com www.walla.co.il
www.google-analytics.com
3 token.rubiconproject.com 3 redirects
3 ssum-sec.casalemedia.com 1 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
3 sync.targeting.unrulymedia.com 3 redirects
3 ad.turn.com 3 redirects
3 ads.pubmatic.com cdn.valuad.cloud
ads.pubmatic.com
3 amg01742-walla-wallanews-ono-btlna.amagi.tv www.walla.co.il
3 event.dxmdp.com tags.dxmdp.com
12890047.adoric-om.com
3 static.criteo.net securepubads.g.doubleclick.net
cdn.valuad.cloud
static.criteo.net
3 connect.facebook.net www.walla.co.il
connect.facebook.net
2 ads.creative-serving.com 2 redirects
2 loada.exelator.com 2 redirects
2 uipglob.semasio.net 1 redirects
2 mwzeom.zeotap.com
2 creativecdn.com 2 redirects
2 pm.w55c.net 2 redirects
2 cr.frontend.weborama.fr 2 redirects
2 sync.crwdcntrl.net 1 redirects ads.pubmatic.com
2 cms.quantserve.com 2 redirects
2 d5p.de17a.com 2 redirects
2 eus.rubiconproject.com cdn.valuad.cloud
eus.rubiconproject.com
2 ssbsync.smartadserver.com 1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com
ssum-sec.casalemedia.com
2 sync-tm.everesttech.net 1 redirects ads.pubmatic.com
2 um.simpli.fi 1 redirects ads.pubmatic.com
2 sync.teads.tv googleads.g.doubleclick.net
2 us-u.openx.net googleads.g.doubleclick.net
2 match.sharethrough.com csync.smilewanted.com
2 cm.adform.net 1 redirects csync.smilewanted.com
2 ads.betweendigital.com 2 redirects
2 static.smilewanted.com csync.smilewanted.com
2 trc.taboola.com cdn.taboola.com
2 pubads.g.doubleclick.net imasdk.googleapis.com
2 imasdk.googleapis.com www.walla.co.il
imasdk.googleapis.com
2 mug.criteo.com
2 esp.rtbhouse.com 12890047.adoric-om.com
2 oajs.openx.net 1 redirects
2 script.4dex.io cdn.valuad.cloud
12890047.adoric-om.com
2 region1.google-analytics.com www.googletagmanager.com
2 cdn.jsdelivr.net securepubads.g.doubleclick.net
cdn.valuad.cloud
2 pm-widget.taboola.com cdn.taboola.com
pm-widget.taboola.com
2 www.googleadservices.com www.googletagmanager.com
2 web-sdk.smartlook.com www.walla.co.il
web-sdk.smartlook.com
2 static.chartbeat.com www.walla.co.il
2 platform.twitter.com www.walla.co.il
platform.twitter.com
1 pubmatic-match.dotomi.com
1 ups.analytics.yahoo.com
1 spl.zeotap.com 1 redirects
1 rtb-csync.smartadserver.com 1 redirects
1 bh.contextweb.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 simage4.pubmatic.com ads.pubmatic.com
1 cdn.indexww.com ssum-sec.casalemedia.com
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 dmp.brand-display.com 1 redirects
1 dmp.adform.net 1 redirects
1 idsync.frontend.weborama.fr ads.pubmatic.com
1 dis.criteo.com 1 redirects
1 p.rfihub.com 1 redirects
1 ssc-cms.33across.com cdn.valuad.cloud
1 js-sec.indexww.com cdn.valuad.cloud
1 acdn.adnxs.com cdn.valuad.cloud
1 eb2.3lift.com cdn.valuad.cloud
1 pixelgroup-d.openx.net cdn.valuad.cloud
1 cds.taboola.com cdn.taboola.com
1 pips.taboola.com cdn.taboola.com
1 ajax.googleapis.com s0.2mdn.net
1 sync.mathtag.com 1 redirects
1 r.turn.com 1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com
1 s.tribalfusion.com
1 a.tribalfusion.com 1 redirects
1 dclk-match.dotomi.com 1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com
1 red.vtracy.de 1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com
1 tr.blismedia.com 1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com
1 am-vid-events.taboola.com
1 am-match.taboola.com vidstat.taboola.com
1 imprammp.taboola.com vidstat.taboola.com
1 vidstat.taboola.com cdn.taboola.com
1 ads.stickyadstv.com 1 redirects
1 r1---sn-4g5edns6.c.2mdn.net
1 gcdn.2mdn.net 1 redirects
1 bid.g.doubleclick.net imasdk.googleapis.com
1 google-bidout-d.openx.net oa.openxcdn.net
1 adservice.google.com imasdk.googleapis.com
1 cdn-uw2-prod.tsv2.amagi.tv 1 redirects
1 cf.dxmcdn.com tags.dxmdp.com
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 id5-sync.com cdn.id5-sync.com
1 hb-api.omnitagjs.com cdn.valuad.cloud
1 tlx.3lift.com cdn.valuad.cloud
1 mp.4dex.io cdn.valuad.cloud
1 prebid-eu.creativecdn.com cdn.valuad.cloud
1 htlb.casalemedia.com cdn.valuad.cloud
1 bidder.criteo.com cdn.valuad.cloud
1 rtb.openx.net cdn.valuad.cloud
1 hbopenbid.pubmatic.com cdn.valuad.cloud
1 web.hb.ad.cpe.dotomi.com cdn.valuad.cloud
1 app.adoric-om.com 12890047.adoric-om.com
1 static.adoric.com 12890047.adoric-om.com
1 cdn-ima.33across.com securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 cdn.id5-sync.com securepubads.g.doubleclick.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 syndication.twitter.com platform.twitter.com
1 stats.g.doubleclick.net www.google-analytics.com
1 dal.walla.co.il www.walla.co.il
1 pro.ip-api.com www.walla.co.il
1 12890047.adoric-om.com www.walla.co.il
1 mab.chartbeat.com static.chartbeat.com
1 d2r08ja41ypc0t.cloudfront.net tags.dxmdp.com
1 cdn.permutive.com tags.dxmdp.com
1 ping.chartbeat.net www.walla.co.il
1 cdn.valuad.cloud www.walla.co.il
583 165

This site contains links to these domains. Also see Links.

Domain
weather.walla.co.il
mail.walla.co.il
mobile.walla.co.il
news.walla.co.il
sports.walla.co.il
e.walla.co.il
celebs.walla.co.il
finance.walla.co.il
food.walla.co.il
healthy.walla.co.il
travel.walla.co.il
fashion.walla.co.il
www.sheee.co.il
nadlan.walla.co.il
mekomi.walla.co.il
zoom.walla.co.il
cars.walla.co.il
tech.walla.co.il
home.walla.co.il
b.walla.co.il
marketing.walla.co.il
gaming.walla.co.il
mazaltov.walla.co.il
horoscope.walla.co.il
law.walla.co.il
judaism.walla.co.il
tld.walla.co.il
walla.co.il
calendar.walla.co.il
fun.walla.co.il
yoram.walla.co.il
vod.walla.co.il
viva.walla.co.il
www.wallashops.co.il
help.walla.co.il
dcx.walla.co.il
www.tiktok.com
www.instagram.com
twitter.com
www.facebook.com
beauty.walla.co.il
seniors.walla.co.il
doral.walla.co.il
stayinghealthy.walla.co.il
cannabis.walla.co.il
special.walla.co.il
b144.walla.co.il
galil.walla.co.il
showbiztip.walla.co.il
paisculture.walla.co.il
yarokkl.walla.co.il
sanofi.walla.co.il
103fm.maariv.co.il
eco99fm.maariv.co.il
www.maariv.co.il
wittyreporter.com
popup.taboola.com
sport1.maariv.co.il
magazine.shufersal.co.il
career.walla.co.il
www.b144.co.il
www.kamaze.co.il
www.hayoetzet.co.il
www.sugat.com
www.etzhazait.co.il
www.enaim.co.il
www.seolinks.co.il
slimmingtrk199.com
trc.taboola.com
www.pchelpsoft.com
secure.click42.online
app.goldentree.de
search.mynewsdealer.com
lhlrtvx.com
www.tipps-zum-reisen.de
bredings-person.com
www.aroundhome.de
credback-timenight.com
www.oref.org.il
Subject Issuer Validity Valid
*.walla.co.il
Amazon RSA 2048 M01		 2023-03-27 -
2024-04-24		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
valuad.cloud
E1		 2023-07-28 -
2023-10-26		 3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
*.twimg.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-28 -
2024-07-26		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
tags.dxmdp.com
Amazon RSA 2048 M02		 2023-01-22 -
2024-02-21		 a year crt.sh
*.chartbeat.com
Thawte TLS RSA CA G1		 2023-05-16 -
2024-06-06		 a year crt.sh
images.wcdn.co.il
R3		 2023-06-29 -
2023-09-27		 3 months crt.sh
1688964705.rsc.cdn77.org
R3		 2023-07-27 -
2023-10-25		 3 months crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2022-12-19 -
2023-12-30		 a year crt.sh
permutive.com
Cloudflare Inc ECC CA-3		 2023-01-26 -
2024-01-25		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-05-11 -
2023-08-09		 3 months crt.sh
*.appspot.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
adoric-om.com
E1		 2023-07-02 -
2023-09-30		 3 months crt.sh
*.ip-api.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-25 -
2023-12-26		 a year crt.sh
syndication.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-02-05 -
2024-02-05		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
invstatic101.creativecdn.com
GTS CA 1D4		 2023-06-27 -
2023-09-25		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2022-11-07 -
2023-12-06		 a year crt.sh
cdn.prod.uidapi.com
R3		 2023-05-18 -
2023-08-16		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-07 -
2024-05-06		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-27 -
2023-08-27		 3 months crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-07-27 -
2023-10-25		 3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-06 -
2023-09-30		 a year crt.sh
adoric.com
GTS CA 1P5		 2023-07-17 -
2023-10-15		 3 months crt.sh
*.adoric.com
R3		 2023-07-04 -
2023-10-02		 3 months crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2022-11-23 -
2023-11-22		 a year crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2023-06-09 -
2024-07-10		 a year crt.sh
bs.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2023-04-08 -
2023-10-07		 6 months crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-19 -
2023-10-18		 3 months crt.sh
ssc.33across.com
GTS CA 1D4		 2023-07-03 -
2023-10-01		 3 months crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.creativecdn.com
RapidSSL TLS RSA CA G1		 2023-03-29 -
2024-04-28		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-23 -
2024-07-22		 a year crt.sh
dxmdp.com
Amazon RSA 2048 M01		 2023-02-09 -
2024-02-16		 a year crt.sh
esp.rtbhouse.com
GTS CA 1D4		 2023-07-14 -
2023-10-12		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
*.google.de
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
*.id5-sync.com
R3		 2023-07-04 -
2023-10-02		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
cf.dxmcdn.com
Amazon RSA 2048 M02		 2023-03-27 -
2024-04-24		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
*.amagi.tv
Amazon RSA 2048 M02		 2023-02-21 -
2024-01-13		 a year crt.sh
*.richaudience.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-02-27 -
2024-02-26		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
ck-ie.com
Go Daddy Secure Certificate Authority - G2		 2022-11-12 -
2023-12-14		 a year crt.sh
*.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-25 -
2024-06-18		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-04-04 -
2023-09-27		 6 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
teads.tv
R3		 2023-06-26 -
2023-09-24		 3 months crt.sh
tr.blismedia.com
GTS CA 1D4		 2023-06-09 -
2023-09-07		 3 months crt.sh
vtracy.de
Amazon RSA 2048 M01		 2023-06-05 -
2024-07-02		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-08-09 -
2023-09-10		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-11-07 -
2023-12-09		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-07-18 -
2024-01-10		 6 months crt.sh

This page contains 80 frames:

Primary Page: https://www.walla.co.il/
Frame ID: 584CADD158FFF10AC3E7F7F56C72A53A
Requests: 237 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwww.walla.co.il
Frame ID: 468A3D517792E1EE5FC97842E5F61D30
Requests: 2 HTTP requests in this frame

Frame: https://www.walla.co.il/public/player.html?autoplay=true&imaAdUnit=43010785%2Fwallanews%2Fmain%2Fpre_desktop&imaKeyValues=%7B%22app_name%22%3Afalse%2C%22providerId%22%3A0%2C%22item_id%22%3A0%2C%22vertical_id%22%3A173%2C%22vertical_name%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94%22%2C%22category_id%22%3A0%2C%22item_type%22%3A%22%22%2C%22exclusive%22%3A%22not%22%2C%22login%22%3A%22no%22%2C%22isMobileApp%22%3Afalse%7D&muted=true&player=walla&stream=https%3A%2F%2Fcdn-uw2-prod.tsv2.amagi.tv%2Flinear%2Famg01742-walla-wallanews-ono%2Fplaylist.m3u8&url=https%3A%2F%2Fwww.walla.co.il%2F&ver=2023
Frame ID: 0EA182C9513F8E3B2EA2BB79D5A789CB
Requests: 18 HTTP requests in this frame

Frame: https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5328EC9857897FFAD48C12771B2BAB99
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.walla.co.il
Frame ID: D44B0337D36E7B76DB74C73BD1AA1E8F
Requests: 2 HTTP requests in this frame

Frame: https://cf.dxmcdn.com/dta/dmp-common-iframe.html?dmpid=&monitoringConfig=%7B%22uuid%22%3A%22bc8a7a32-7d98-4226-8af9-d2a43a8621cc%22%2C%22enabled%22%3Afalse%2C%22verboseMode%22%3A%22ERRORS%22%2C%22sampling%22%3Anull%2C%22observedUserId%22%3Anull%2C%22includeDatabase%22%3Afalse%2C%22includeLocalStorage%22%3Afalse%2C%22includeLoggerState%22%3Afalse%7D
Frame ID: BE9EFA2A75C63EF283CEA0D2BD8C1D1A
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.583.1_en.html
Frame ID: 174BB662A306FE4CAB9BBCD71C614474
Requests: 31 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 6C29F1DB84DE1B033D20F777D83346A3
Requests: 1 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 4B803F7D46946AEB165EE7B26AFDD01A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CC229E42F864B4AB7F41D804BFC14D16
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DE0AFAC2C809CC9F8D1280873E392485
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: AE6691EF0769AEF2B9C31B5D53332D90
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 4ACFF40EBB608C7595C46E3C483E4E5F
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: DE76E6EDCC6CB09F68ED349A77BC7329
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Frame ID: 1288E8A6B2D1AC9E15377179988E3A1A
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Frame ID: E6A3AEC0FCA8F1CAE2EE0F463B003A63
Requests: 1 HTTP requests in this frame

Frame: https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fwww.walla.co.il%2F
Frame ID: 4C83DE6276ACB899CE427869E8CE9965
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-7a457ebd-a963-49c3-b5a4-cd7d6143fdff-003
Frame ID: A2455693ED1D525E5AEF8B2AD88FA2B4
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/betweenx/537b61ae-e392-52d6-ba3c-23fedef66123
Frame ID: EDA2699F6FC61CAFA442745C324DD979
Requests: 1 HTTP requests in this frame

Frame: https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Frame ID: 9E237098E414317F790B46DACBBD419C
Requests: 1 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
Frame ID: CBCD6EA8822140F8FDEF11C31DE6CAA0
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/freewheel/75cdc6ed9ad4d621b942d3f039cccc2?gdpr_consent=&gdpr=0
Frame ID: 0D213AB473452901776D4726661E64CF
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Frame ID: AACE45D37185BCFDF156EE4A810B5567
Requests: 1 HTTP requests in this frame

Frame: https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Frame ID: A9633E7E3C64F3FCE3F74289E151CB28
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 205E0A91E63BCA998DB8B09FEE2546F4
Requests: 3 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8aAwCLAYA_4MpY_SMXRAA_gdTxugZuygAAABgYID-AAlOBivbaONcK2Ymm1u03I3cCsdwtJZ5Rs6Fa-ZZ-IaLISDByWBlG22ca8XMZHOLlruRW-EYjtYyz8i5cM08C99wMQUXxnKZDGqBkO92GR4-l0FFN5ldns8bYKDpdPhc93rd73fXPcxmh13jtyvNfjkAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BAIpDwv3NNqPD57L7AwAAAAAIAAAAABIACOK_JQBicCdP_P_________HGKDPvJHx____f8OgB8CDD4AHIQAAAB9DuDHLe_BdQAqIFIQWYQQAAAAgW04b48gknaBiUeX__7_fCsAVAICARNsKl6IsuoMSb2EAAAAAxAjBlxCN3PGgj1mgh8XvNzvsGr_bZf7_________zfyf-Ucj1MSVkiZowpVCzS8gAMCaX0AAADbjBgDgjQCckIOBptPhc93rdb_fXfcwmx12jd-uNPtFJyFWi8lkMJksVkchdsPZYjdbLCazAwAAAHDn____H48QfAnRyB0Puh6QWYwGm5VvtbBMhjPfbOZyzhymkcc0M25GHovNuD3UGckeXi9zj30ykO92GR4-l0FFN5ldns9BfNAwLCeDYH4mbDFaTSab5XC2XEwGw9FwNNqfgVisBmgiBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHQYGGxeCaztWxjGLlFg4ltrTAsTG7VyDTxLEa24Wa3WoteH9PF49kYVxsvEgwI2YvkaZFOFBvjYreZGCczw8hmGa1Gtt1isbK4BquNbWGc2CxiieZkkU5kl31nMRpsVr7VwjIZznyzmcs5c5hGHtPMuBl5LDbjvjRYWCyeyWwt2xhGbtFgYlsrDAuTWzUyTTyLkW242a3WotfHdPF4NsbVxt-YLQfL3Ww5HO4bs-VguZsth8N9h8n0TH3ORtct4_j4lItjzKG4OQ0Kl8Hi_UlMi2l3dhCdfEenzzpdFnVGv9_v9_v9fr_f7zdoPQezQeH7Xnbfak4ZO5Z7W8fBoIglgot0onuYzQ6n2a17mM0Oi1iiNF2kE33R73YZHj6XvyKWCE4X6UTod7ss6j9ykMVurliM5pLFcC4ZrRIAAAAAAAAAgCWYZroJAAAAgJNBDSebzWqdDmayGq4Wq-UCuICZ1PXTq7wCoqtctislUIlvuw5bolhjjzXcw2x2OM1u3cNsdlgZwIXLN7PNPiOItVotawAAAALYAAAAArjpxpsAsiju____fxwAAAAZOfQAAADo9wFN6fTAjV4r_ANQIdZqtbrdWKvVClhAq8VoM4EABDYj!&cmcv=&pix=undefined&cb=1690976989735&uv=3312&tms=1690976989735&abt=ll418_vB!nonrv_vA!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=820e64c9-1fdf-497d-a184-f3d9a5f3a781&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 8CB4261D381E70065A249F26A7976382
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8aAwCLAYA_4MpY_SMXRAA_gdTxugZuygAAABgYID-AAlOBivbaONcK2Ymm1u03I3cCsdwtJZ5Rs6Fa-ZZ-IaLISDByWBlG22ca8XMZHOLlruRW-EYjtYyz8i5cM08C99wMQUXxnKZDGqBkO92GR4-l0FFN5ldns8bYKDpdPhc93rd73fXPcxmh13jtyvNfjkAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BAIpDwv3NNqPD57L7AwAAAAAIAAAAABIACOK_JQBicCdP_P_________HGKDPvJHx____f8OgB8CDD4AHIQAAAB9DuDHLe_BdQAqIFIQWYQQAAAAgW04b48gknaBiUeX__7_fCsAVAICARNsKl6IsuoMSb2EAAAAAxAjBlxCN3PGgj1mgh8XvNzvsGr_bZf7_________zfyf-Ucj1MSVkiZowpVCzS8gAMCaX0AAADbjBgDgjQCckIOBptPhc93rdb_fXfcwmx12jd-uNPtFJyFWi8lkMJksVkchdsPZYjdbLCazAwAAAHDn____H48QfAnRyB0Puh6QWYwGm5VvtbBMhjPfbOZyzhymkcc0M25GHovNuD3UGckeXi9zj30ykO92GR4-l0FFN5ldns9BfNAwLCeDYH4mbDFaTSab5XC2XEwGw9FwNNqfgVisBmgiBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHQYGGxeCaztWxjGLlFg4ltrTAsTG7VyDTxLEa24Wa3WoteH9PF49kYVxsvEgwI2YvkaZFOFBvjYreZGCczw8hmGa1Gtt1isbK4BquNbWGc2CxiieZkkU5kl31nMRpsVr7VwjIZznyzmcs5c5hGHtPMuBl5LDbjvjRYWCyeyWwt2xhGbtFgYlsrDAuTWzUyTTyLkW242a3WotfHdPF4NsbVxt-YLQfL3Ww5HO4bs-VguZsth8N9h8n0TH3ORtct4_j4lItjzKG4OQ0Kl8Hi_UlMi2l3dhCdfEenzzpdFnVGv9_v9_v9fr_f7zdoPQezQeH7Xnbfak4ZO5Z7W8fBoIglgot0onuYzQ6n2a17mM0Oi1iiNF2kE33R73YZHj6XvyKWCE4X6UTod7ss6j9ykMVurliM5pLFcC4ZrRIAAAAAAAAAgCWYZroJAAAAgJNBDSebzWqdDmayGq4Wq-UCuICZ1PXTq7wCoqtctislUIlvuw5bolhjjzXcw2x2OM1u3cNsdlgZwIXLN7PNPiOItVotawAAAALYAAAAArjpxpsAsiju____fxwAAAAZOfQAAADo9wFN6fTAjV4r_ANQIdZqtbrdWKvVClhAq8VoM4EABDYj!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: B7C0375C647B7478734D1C5E0FE054A0
Requests: 4 HTTP requests in this frame

Frame: https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B0ED4B1B979D1879260537D698D7707A
Requests: 21 HTTP requests in this frame

Frame: https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7622517EB659F35A3A5BDDA6B473DE33
Requests: 23 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssnk9yCEwpEfZe7F_F_8mLuxoDFuq-XlU6HKpcufNWRKaQ3V4OhRPZb7icIPcH0iHCT2so_9Ox6uwqvZJP11GQ8StRT--laH2UFGxeo5FmrtPUcCt_H2lX5cTvdHei7JppD0gXzPHIdXcSclROdOSRTa6ntya9MFFTH8N-TwjDlRx6g0RZZQ9q-RPy1QhTOMvMZfGywuDogDhQsqE3X3lF0VK2yec-6F0pVizKH_Hbjb0mz9yOnNTY-suDdeTDizq59JQ81QpFQA20UQ2eNhtvKOg8kKfORAKsuV1A8QA0OO5cUptF6h4B5t0qFB3MzoDGz0ml9HgEasGkXL0uMEhoWnkCAEXq0r8PbOSW7ebXJ&sai=AMfl-YSY7sAjfqXCnBfTb5lkYgYEb72EsqRRb_-HxlqrfSuMJgqANzRDM_ThMYgHlh5o2RRY5NfwxsqjfiuaYCfy9_6eohLizjjmr18ai2ocNjlxvxCel0ChRo9vmAViPAw&sig=Cg0ArKJSzA1Po1caiaw2EAE&uach_m=[UACH]&adurl=
Frame ID: D8273F941FDE406F33A4DAFF5A9AEDC3
Requests: 8 HTTP requests in this frame

Frame: https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 55440BC7B7AF472B0F2A5A7D849A5ABD
Requests: 21 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvWRB-G0yPPFvclbyXN32C9MmEKs3XQnsoEl8bvcyKs-5udPdj1U8Wp-px75xCr_rn3mUF0xkGXzwQZZBRH958sffb-qaFFfMU24Hb4c_MgVThxeqaPcrtul55aUo5WqBWEyh1DAjCmWiLUSO-3WtmhXnAmVaajAS4KJw00ylLUhS8vzYQPWxvlMRC7UGGTIZyhB4CF1RcS1GCKiU4qb8X89xvy2PRni41gynHFMvVBP3YV1Ez3O8KHjHmBA9JY49sf772HcqB0-8Qdq-VWMWUp9jHKDj10__Asdk3-Ft4vNKuUUAVMqJruIJQJDrjVVt840Euu0tuTSd_LO6q-FUIe0pLS-q7lOa2AnSZBZw&sai=AMfl-YSPaQxQ86B5BL2OypmCHFOY-tsh5j8PQyC8pJENPq1xCFbV7uoFuDQU7wBL0shkRYwa9J-NwFVFOenQdrixDR5ms0r39BYWJrSjmNc8hGgFY-gV8cYh1LCvN8de8AY&sig=Cg0ArKJSzNFZtZ-2EWwVEAE&uach_m=[UACH]&adurl=
Frame ID: 12E2011A3805D2D1A9140F379B984697
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLO_UBCb3VAYn_iJ6gEwAQ&v=APEucNU-OEStg66X8nyeOAWy8tH_WZLtlbbCpV-2K333LmPwsrqLPtbJTeDq1FztpRe-UfJzuWBJtBKJP2AF6b15WQpOg0o1NvRBIwntcwpw2SjQpldKV9wNGAJGorm_3uwcCsdjCpgIn8bKlw_f6i6tGDWRgyqGYxiYdq2vf8dl6n1oktvzrEY
Frame ID: F5E359695C905BA5451D36284230A286
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYvd7jwAEwAQ&v=APEucNUWAOxz2ye827coPQLSzwVC5jUgYfdpwveI37t5c5SR1rumfbM-MEZNIOUNNp-KzoRm5hrUWPpA2EgJl2II1KQ5jFuNhSk4FklsYrcOIjJB87kOt-o_5L2ZqdjzcSW_sUoI1Jpm4cRX1H77X2DvA8Fek8KqR9SMQZujIfJRoUTwYbW0B0U
Frame ID: ED940A62602CA1D027783DB7C04938CA
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY5er4xgEwAQ&v=APEucNXJaaEhoKRLOFWNYxKSA7o_3qcwL_XAJE9M3Vb9WxcSV-YVaX4rip2TkzCr2bFBwu4wIYrnqLyBU3gov5tqlJHcGpZpqqDy8j1NQ4umuLO1cUFUFaCNfeMSG-1dktEsUbNj-dqsmrm09EV2fT8_WYXt17A-WzvtkELChSplrPR1BDtOkHs
Frame ID: 83A44EF837488EA0FA2B3351B3C5DC0C
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6E9C3CECCBB188B3303D35CF2CEC795D
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8077F0B460A4F9A7A04E19B9C410C4F2
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8B3E93E6E0F4B812EB0E7C7333E4D28A
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 235FACFCCB8BBC352410663AEC31ACBF
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 0FC8A8A052D8C2D73993DA9852140426
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/16325822350322053850/index.html?ev=01_250
Frame ID: 8D7BEEDC880A2393ED5F6760824DD99B
Requests: 13 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/16903489346352849191/index.html?e=69&leftOffset=0&topOffset=0&c=ceYuvTh8B1&t=1&renderingType=2&ev=01_250
Frame ID: A53CB7DF9C0CE9ACDCEC45DCEB140373
Requests: 15 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/6578138867263583433/index.html?e=69&leftOffset=0&topOffset=0&c=DxqKZwJqII&t=1&renderingType=2&ev=01_250
Frame ID: 58AA6B9F0330260FA1544FA35E571BCC
Requests: 22 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 5B7780CFF95BD86CFF5FB3F22D80106B
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.walla.co.il
Frame ID: C5E77097EE227E663530B60340CFC44C
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/fEcdG_B7pUQXAq0S1D0jGwFCW0QHifFmsZMHxcblrt4.js
Frame ID: 250D99FA169BDC0D4B5B9A765E4A115D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/fEcdG_B7pUQXAq0S1D0jGwFCW0QHifFmsZMHxcblrt4.js
Frame ID: 79CB131D6E45A875A1E6DCFE16A0C626
Requests: 1 HTTP requests in this frame

Frame: https://pixelgroup-d.openx.net/w/1.0/pd
Frame ID: 367ABEFFE59568E6A855DE6085BB46AE
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Frame ID: 38A1C16341FEBF96D2A660AC6BFEC7A2
Requests: 21 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13421168
Frame ID: F3D7717ACEB84F8C18811233277CFB6B
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: DDC2EEE693D533D0DC30485BB59B8623
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 5036E33B60D19A6615C9791381B22209
Requests: 3 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: 3592AB623353FEC6475D5628AC9CC9E3
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: B06984AA973CD49E83E394CE50D50ABE
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 21A4B10EEBDFFA409CD2462B1A340F92
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1690976988159
Frame ID: 9F4C9163447E2BCE44A7FEE6F05ED9E0
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=cR0USG9OKr6ykwaKkv7mNO&gdpr_consent=undefined&us_privacy=undefined&gpp=&gpp_sid=
Frame ID: 3106D858FBB98595DB989E4C9D6F0CF6
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6787409872298853058
Frame ID: EA5E67786C62DA4AF75EAEE20B9F165A
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5142336724495103824
Frame ID: 9D10998707332AD66106B43B534A52B7
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: F409520DD3B72F6DE811FDFEE7E38CDA
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=41AF2F61-DF1E-47AD-B75E-FCBEF85865DC&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: B41BEEFAE180B34D6B41DAE99A98D737
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=kevu25Pt6IqK77WMn-ug2JLnuo2Kub-MxuadYzew
Frame ID: B8BE0F97EEF4899D8D2CCE98DCEE5E77
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: B4B5EC1F6A4F43A57506AA03F9EB4F2A
Requests: 10 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: 11432C8481193AE1EE8F5C377B6DDA1B
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Frame ID: 162C88D2DCD1BEC54B58EBEFA8C18068
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Frame ID: F17DCDEA4023011233DF498014C5D8A6
Requests: 1 HTTP requests in this frame

Frame: https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
Frame ID: B0C5199D2F26EBB616CD2DF7616F1AEB
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5594854542
Frame ID: 9348277776F19E4DE1A1415575D7968C
Requests: 1 HTTP requests in this frame

Frame: https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Frame ID: 331EDDF0D91EE29F4E552EBDA356C8C0
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/adform/5010584359958224364
Frame ID: D2286238E15CD7E919A4F70714056B3B
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Frame ID: EEF014D594D58D9196AB979D6F3AE092
Requests: 1 HTTP requests in this frame

Frame: https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Frame ID: 84485C920F1C530467F26F521B9573BA
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/ev6oEwxfWd7YTbNoLO5b?pi=smilewanted&tc=1
Frame ID: 0F1FF7D46803EE06E47579B6E80E15C4
Requests: 1 HTTP requests in this frame

Frame: https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=c6780213fba4eaf93d58c3a20f3bf581
Frame ID: 71D418752A35F5AF97C6D23D7BB001BB
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=41AF2F61-DF1E-47AD-B75E-FCBEF85865DC&gdpr=0&gdpr_consent=
Frame ID: 781632BBC3C2BA19239AA1742EE7F953
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3834717352970909905&gdpr=0&gdpr_consent=
Frame ID: 89705305DB248DC922E77829CE0337BF
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7262690891818072211&gdpr=0&gdpr_consent=
Frame ID: A0304C19CAD50C11337A0DA38CCE4243
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=k1hVeDC4WaZja4O8TDTQD9ly2hg&gdpr=0&gdpr_consent=
Frame ID: 5BCFE024787BF825B363496E670B1A88
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: 0619F338C23847481F5011F993AC6526
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADpkU7JlIYAACcdkSDvdw&gdpr=0&gdpr_consent=
Frame ID: 8701FDD064EE8670283BCD4ABE9831A3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

וואלה! חדשות. ספורט. סלבס. אוכל - עדכונים ודיווחים שוטפים

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • chartbeat\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

583
Requests

90 %
HTTPS

33 %
IPv6

91
Domains

165
Subdomains

120
IPs

14
Countries

14514 kB
Transfer

26204 kB
Size

84
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 121
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/777956447/?random=844805792&cv=11&fst=1690976987202&bg=ffffff&guid=ON&async=1&gtm=45He37v0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.walla.co.il%2F&label=mZWsCNeTj4sYEN_Y-vIC&hn=www.googleadservices.com&frm=0&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D&value=0&auid=1150359355.1690976987&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=20LKZMeaErCm78EPmKaRSA&sscte=1&crd=&eitems=ChEI8P2npgYQ0rj6l7-EhvnvARIdAPvj3UNzLLAewgAkCS1jEWBBOVGTFjSr_EHEtMI&pscrd=Ek5DaEFJOFAybnBnWVFyNDdXamNYaWpiZGFFaVlBQkdxMlB2SVJDbWJLdGpCSUZsSVF4Ukcyei0ydjVWYzloYm9WTHRKR0s3WkpJNTFtS1EaWkNoRUk4UDJucGdZUXBMRFQyX3FNN2ZqZEFSSXVBTlpQRjJ0eGswU3lYY2RIRjFlODdVbUppWmRpSERnMExLTlpMajB1NUYxdDRHYUR5eG5iNUhPUVk5NHMtdyITCIf0mpX0vYADFTDTOwIdGFMECQ HTTP 302
  • https://www.google.com/pagead/1p-conversion/777956447/?random=844805792&cv=11&fst=1690976987202&bg=ffffff&guid=ON&async=1&gtm=45He37v0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.walla.co.il%2F&label=mZWsCNeTj4sYEN_Y-vIC&hn=www.googleadservices.com&frm=0&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D&value=0&auid=1150359355.1690976987&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOFAybnBnWVFyNDdXamNYaWpiZGFFaVlBQkdxMlB2SVJDbWJLdGpCSUZsSVF4Ukcyei0ydjVWYzloYm9WTHRKR0s3WkpJNTFtS1EaWkNoRUk4UDJucGdZUXBMRFQyX3FNN2ZqZEFSSXVBTlpQRjJ0eGswU3lYY2RIRjFlODdVbUppWmRpSERnMExLTlpMajB1NUYxdDRHYUR5eG5iNUhPUVk5NHMtdyITCIf0mpX0vYADFTDTOwIdGFMECQ&is_vtc=1&ocp_id=20LKZMeaErCm78EPmKaRSA&cid=CAQSKQBpAlJWoq2Quqb607BvHsW0WpD1Q_PUsET9C7V753fG8NINf2uoDe3T&eitems=ChEI8P2npgYQ0rj6l7-EhvnvARIdAPvj3UPohDMevj36mm48F-imBFfmPZfbYHybZW4&random=4044450528 HTTP 302
  • https://www.google.de/pagead/1p-conversion/777956447/?random=844805792&cv=11&fst=1690976987202&bg=ffffff&guid=ON&async=1&gtm=45He37v0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.walla.co.il%2F&label=mZWsCNeTj4sYEN_Y-vIC&hn=www.googleadservices.com&frm=0&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D&value=0&auid=1150359355.1690976987&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOFAybnBnWVFyNDdXamNYaWpiZGFFaVlBQkdxMlB2SVJDbWJLdGpCSUZsSVF4Ukcyei0ydjVWYzloYm9WTHRKR0s3WkpJNTFtS1EaWkNoRUk4UDJucGdZUXBMRFQyX3FNN2ZqZEFSSXVBTlpQRjJ0eGswU3lYY2RIRjFlODdVbUppWmRpSERnMExLTlpMajB1NUYxdDRHYUR5eG5iNUhPUVk5NHMtdyITCIf0mpX0vYADFTDTOwIdGFMECQ&is_vtc=1&ocp_id=20LKZMeaErCm78EPmKaRSA&cid=CAQSKQBpAlJWoq2Quqb607BvHsW0WpD1Q_PUsET9C7V753fG8NINf2uoDe3T&eitems=ChEI8P2npgYQ0rj6l7-EhvnvARIdAPvj3UPohDMevj36mm48F-imBFfmPZfbYHybZW4&random=4044450528&ipr=y
Request Chain 178
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.walla.co.il%2F&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.walla.co.il%2F&rid=esp&cc=1
Request Chain 190
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=walla.co.il&sn=ChromeSyncframe&so=0&topUrl=www.walla.co.il&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=a9CI2nxUbisrYjc5T2VvSkZtT1RWM1dBalZXeXh6ZFdDdTlhcmhTSE0yNUR6Rlg5MHdxUzl3RjBxemRMNnE4OWpick9STG5xdVJCZU1lcUpzUTNZdWFEOVZrSTVpRjhvc3MxZ3EvcE1meUpEbStvZHU4YURXcVBWVmlGeHhwTVJTQzFVelh2NzJ5ODdIMldVOVJqY3drOVkxeGU2QXNhSzR4emxvdFZ5WGRNaUo1eWFlOE81ejlNcERkWkFYR3FFTDBkZUVhZFVRL2FCQmlKcngwbTRNVHRrbmc3NzM1UE4vSCtYdUlyRjkzQ2taNXN5RW4xQ252Q3pZQWZNTTRoQi9BVUpMMTVqWitpSitKSWYxMmU2NUp1cTlMZz09fA&cppv=2
Request Chain 196
  • https://cdn-uw2-prod.tsv2.amagi.tv/linear/amg01742-walla-wallanews-ono/playlist.m3u8 HTTP 302
  • https://amg01742-walla-wallanews-ono-btlna.amagi.tv/playlist/amg01742-walla-wallanews-ono/playlist.m3u8
Request Chain 226
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fwww.walla.co.il%2F
Request Chain 230
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted&zcc=1&cb=1690976989224 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=6052684250 HTTP 302
  • https://sync.1rx.io/usersync/turn/8215906233994764765?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-7a457ebd-a963-49c3-b5a4-cd7d6143fdff-003?redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Funruly%2FRX-7a457ebd-a963-49c3-b5a4-cd7d6143fdff-003 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-7a457ebd-a963-49c3-b5a4-cd7d6143fdff-003
Request Chain 231
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID} HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}&crf=1&rts=389118523918266337 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/betweenx/537b61ae-e392-52d6-ba3c-23fedef66123
Request Chain 243
  • https://gcdn.2mdn.net/videoplayback/id/13c8b8091c6a7d44/itag/692/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3813660949/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/B22A5E0B277239AF4057849986A55C9C1B9C3B9C.2409F1F74837E41E557E680345022AC9621AE502/key/ck2/file/file.mp4?cpn=Ku8Rk5e3f7D3CFHP HTTP 302
  • https://r1---sn-4g5edns6.c.2mdn.net/videoplayback/id/13c8b8091c6a7d44/itag/692/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3813660949/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/17EA0A3D3D81D7E148C3F94B6DDDE75AEBFD4732.219DD696F120B1597C5AF488FD1766617D1D02CE/key/cms1/cms_redirect/yes/mh/qa/mip/2001:1b60:2:240:3247::11/mm/42/mn/sn-4g5edns6/ms/onc/mt/1690975879/mv/u/mvi/1/pl/29?cpn=Ku8Rk5e3f7D3CFHP&file=file.mp4
Request Chain 244
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent= HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/75cdc6ed9ad4d621b942d3f039cccc2?gdpr_consent=&gdpr=0
Request Chain 353
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOsM_sjSmAq6i9oi3MNB5iM&google_cver=1
Request Chain 354
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZMpC3hY46L.Ts4Y28pudWQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOsM_sjSmAq6i9oi3MNB5iM&google_cver=1&google_hm=2
Request Chain 355
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEAT_7VjrR6-LzRwaIwGN3mM&google_cver=1
Request Chain 356
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzgzNDcxNzM1Mjk3MDkwOTkwNQ%3D%3D
Request Chain 357
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOsM_sjSmAq6i9oi3MNB5iM&google_cver=1
Request Chain 358
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZMpC3hY46L.Ts4Y28pudWQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOsM_sjSmAq6i9oi3MNB5iM&google_cver=1&google_hm=2
Request Chain 359
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEAT_7VjrR6-LzRwaIwGN3mM&google_cver=1
Request Chain 360
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzgzNDcxNzM1Mjk3MDkwOTkwNQ%3D%3D
Request Chain 361
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENX6zVsd3Id1MCuW0SAhp2k&google_cver=1
Request Chain 363
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEBqPQCmqa3vEQksvDOlVtLU&google_cver=1
Request Chain 398
  • https://um.simpli.fi/gp_match?google_gid=CAESEIGDryXUOCBiIIB3YN15yKw&google_cver=1&google_push=AaAOQGG8AGSCJEzPBrntkngHl2qwJ9rHMXtNAxdNidbuNu2BD763FAKrNWEJU8dsXCODzTiqVNQx3htWuKee6i4vR1PzTVBbZPM2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2A7AD850A6354339B09C1E152051765E&google_push=AaAOQGG8AGSCJEzPBrntkngHl2qwJ9rHMXtNAxdNidbuNu2BD763FAKrNWEJU8dsXCODzTiqVNQx3htWuKee6i4vR1PzTVBbZPM2
Request Chain 401
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEBb9jLlQCTwbDjxjOCutPAE&google_cver=1&google_push=AaAOQGH92_Hslwj--r8i7FT9bQ5_zkQ9W27OXd1XRxy0DXxUquTfr38MUHbCzDFbqLVuXX27M5gMxza509Doie5Gad6BfAUPdkCZ HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEBb9jLlQCTwbDjxjOCutPAE&google_cver=1&google_push=AaAOQGH92_Hslwj--r8i7FT9bQ5_zkQ9W27OXd1XRxy0DXxUquTfr38MUHbCzDFbqLVuXX27M5gMxza509Doie5Gad6BfAUPdkCZ&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=8pFJwlAMQgytA9WXigkpKA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AaAOQGH92_Hslwj--r8i7FT9bQ5_zkQ9W27OXd1XRxy0DXxUquTfr38MUHbCzDFbqLVuXX27M5gMxza509Doie5Gad6BfAUPdkCZ
Request Chain 402
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEDVZHbieibr6ZMRRhY0e81c&google_cver=1&google_push=AaAOQGFa5-gmiYecu6SgGXOX3nLLitpFLReB_Ijt-MekKBelx-FRCl4C1KQxTfsp2nku6hgCnsMWmGR49A9NRabwZnHYAf8V2D5u HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEDVZHbieibr6ZMRRhY0e81c&google_cver=1&google_push=AaAOQGFa5-gmiYecu6SgGXOX3nLLitpFLReB_Ijt-MekKBelx-FRCl4C1KQxTfsp2nku6hgCnsMWmGR49A9NRabwZnHYAf8V2D5u&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AaAOQGFa5-gmiYecu6SgGXOX3nLLitpFLReB_Ijt-MekKBelx-FRCl4C1KQxTfsp2nku6hgCnsMWmGR49A9NRabwZnHYAf8V2D5u&google_hm=HFVlsGZHfXGRSmJESuGNAQTf
Request Chain 403
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEEprlCHTwu-CEgoHNke_Njk&google_cver=1&google_push=AaAOQGHHwW2BeKCu5yZSZaCbOfVWtLonz3k9iI5c6nrY-Enn5yWIjLHtANaHLXR1Unzi8OTav0U_98Bxm1MVT3CyPvFRQtgv1LDO HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGHHwW2BeKCu5yZSZaCbOfVWtLonz3k9iI5c6nrY-Enn5yWIjLHtANaHLXR1Unzi8OTav0U_98Bxm1MVT3CyPvFRQtgv1LDO
Request Chain 404
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEJIVYeBYVKwFZodeOtcmncc&google_cver=1&google_push=AaAOQGGi-mVyabhRuR5hLKeSiYSd-9lgdXVg83FWSjMUwx0GQwpZA1o21dxvoKjI3k1ut_dlC5TOJk6VNLqwrasIKhhrWhviz2cw HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-7a457ebd-a963-49c3-b5a4-cd7d6143fdff-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAaAOQGGi-mVyabhRuR5hLKeSiYSd-9lgdXVg83FWSjMUwx0GQwpZA1o21dxvoKjI3k1ut_dlC5TOJk6VNLqwrasIKhhrWhviz2cw%26google_hm%3DA3pFfr2pY0nDtaTNfWFD_f8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AaAOQGGi-mVyabhRuR5hLKeSiYSd-9lgdXVg83FWSjMUwx0GQwpZA1o21dxvoKjI3k1ut_dlC5TOJk6VNLqwrasIKhhrWhviz2cw&google_hm=A3pFfr2pY0nDtaTNfWFD_f8
Request Chain 411
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEOOCc0xdC76js04Dx1ItrFw&google_cver=1&google_push=AaAOQGHU8AFP0JgDySVd-4uKpmyNTwuUqzXosnTsf9IHzMXblalJ8rZF3YZQJ5n76N2FV8BECzBqLGkR9KftRSxiX8N4PWwr9w&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGHU8AFP0JgDySVd-4uKpmyNTwuUqzXosnTsf9IHzMXblalJ8rZF3YZQJ5n76N2FV8BECzBqLGkR9KftRSxiX8N4PWwr9w%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOOCc0xdC76js04Dx1ItrFw&google_cver=1&google_push=AaAOQGHU8AFP0JgDySVd-4uKpmyNTwuUqzXosnTsf9IHzMXblalJ8rZF3YZQJ5n76N2FV8BECzBqLGkR9KftRSxiX8N4PWwr9w&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGHU8AFP0JgDySVd-4uKpmyNTwuUqzXosnTsf9IHzMXblalJ8rZF3YZQJ5n76N2FV8BECzBqLGkR9KftRSxiX8N4PWwr9w%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 412
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEBb9jLlQCTwbDjxjOCutPAE&google_cver=1&google_push=AaAOQGFJCEipvg5bCkGFrzE0sllaN_pbuPOhkFx3ESQWGC2b9RXq2WTns4NI2rSpKuWNZWLf3-IkLv5g0eGN3CqATvd3zl-nw70 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEBb9jLlQCTwbDjxjOCutPAE&google_cver=1&google_push=AaAOQGFJCEipvg5bCkGFrzE0sllaN_pbuPOhkFx3ESQWGC2b9RXq2WTns4NI2rSpKuWNZWLf3-IkLv5g0eGN3CqATvd3zl-nw70&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Qa8vYd8eR623Xvy--Fhl3A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AaAOQGFJCEipvg5bCkGFrzE0sllaN_pbuPOhkFx3ESQWGC2b9RXq2WTns4NI2rSpKuWNZWLf3-IkLv5g0eGN3CqATvd3zl-nw70
Request Chain 413
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDYcvhJpJAHMDht6d2JtE8c&google_cver=1&google_push=AaAOQGFU6sN5i9z7_nWhSbPZlHUowLCZjvW_l0Jt74Xj5JgTTglEHgZunRQr4dRHQiRhzdWVJu5BurUZ92mNGlD1skmpAgbGRqc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDYcvhJpJAHMDht6d2JtE8c&google_hm=ZMpC3hY46L-Ts4Y28pudWQAADHgAAAAB&google_nid=index&google_push=AaAOQGFU6sN5i9z7_nWhSbPZlHUowLCZjvW_l0Jt74Xj5JgTTglEHgZunRQr4dRHQiRhzdWVJu5BurUZ92mNGlD1skmpAgbGRqc
Request Chain 414
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEDVZHbieibr6ZMRRhY0e81c&google_cver=1&google_push=AaAOQGF_O4-2YGKxMWQJhJxJQjFDzzgqUA0hUTIzZKS4UBR_yNKmWtLoxSkjumCvN1cJpTerpCszbQzFrpta-8Dsu2YGPn4k8g HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEDVZHbieibr6ZMRRhY0e81c&google_cver=1&google_push=AaAOQGF_O4-2YGKxMWQJhJxJQjFDzzgqUA0hUTIzZKS4UBR_yNKmWtLoxSkjumCvN1cJpTerpCszbQzFrpta-8Dsu2YGPn4k8g&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AaAOQGF_O4-2YGKxMWQJhJxJQjFDzzgqUA0hUTIzZKS4UBR_yNKmWtLoxSkjumCvN1cJpTerpCszbQzFrpta-8Dsu2YGPn4k8g&google_hm=HFVlsGZHfXGRSmJESuGNAQTf
Request Chain 415
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEEprlCHTwu-CEgoHNke_Njk&google_cver=1&google_push=AaAOQGEf4p4zK4VsU5dF-H9d3vYPSdQ0ImJ5GvzE9kvJ7ict64bcxmhfRp-mcR_08JZPmhejgHMo7_zsPTseH1duwiWMRz97ug HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGEf4p4zK4VsU5dF-H9d3vYPSdQ0ImJ5GvzE9kvJ7ict64bcxmhfRp-mcR_08JZPmhejgHMo7_zsPTseH1duwiWMRz97ug
Request Chain 416
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEJIVYeBYVKwFZodeOtcmncc&google_cver=1&google_push=AaAOQGEUExGRDHrxKvfl4zZwUWdnkyF4TEP46FNsxJfivH2Aa5QuilCUffWjyw-Bq7O4OmHNx_Roo3iGOY2AhsdMx-CgWZNpFLY HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-7a457ebd-a963-49c3-b5a4-cd7d6143fdff-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAaAOQGEUExGRDHrxKvfl4zZwUWdnkyF4TEP46FNsxJfivH2Aa5QuilCUffWjyw-Bq7O4OmHNx_Roo3iGOY2AhsdMx-CgWZNpFLY%26google_hm%3DA3pFfr2pY0nDtaTNfWFD_f8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AaAOQGEUExGRDHrxKvfl4zZwUWdnkyF4TEP46FNsxJfivH2Aa5QuilCUffWjyw-Bq7O4OmHNx_Roo3iGOY2AhsdMx-CgWZNpFLY&google_hm=A3pFfr2pY0nDtaTNfWFD_f8
Request Chain 432
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEFRNpvZnax1ZMRFZdts3BMI&google_cver=1&google_push=AaAOQGHS-66wNSqtHvW4naIEDK0xRj-f0ZnniHDI8o7eqzLRMSetIy7c3GXW376R17gbYKVNWbRh7ntHnB990s6BNTIyGxi52KQ9 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODIxNTkwNjIzMzk5NDc2NDc2NQ==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFRNpvZnax1ZMRFZdts3BMI&google_cver=1
Request Chain 433
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEKn5vTgZ67DhwWqMGFyeGFE&google_cver=1&google_push=AaAOQGFBbWE55xdvHXbCrj7EN30d0i08E9Ae6mLZWlX6crum36otSM0OjJ7cr73vr34oQFfls4hZHYzvnb1c5H4NUiLYNocsxd-a HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGFBbWE55xdvHXbCrj7EN30d0i08E9Ae6mLZWlX6crum36otSM0OjJ7cr73vr34oQFfls4hZHYzvnb1c5H4NUiLYNocsxd-a
Request Chain 434
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESENkR1s4gIetcYP5te-Z6sto&google_cver=1&google_push=AaAOQGHd7c08SSOYXl_VXiq55mjdoUjUWtrXBGzN58Vhbaz6oQQkJ7PhsUc3OySm5Y1159pNHgpj_mbQhFUeJFN4Z4Vb3lX5sdzz HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENkR1s4gIetcYP5te-Z6sto&google_push=AaAOQGHd7c08SSOYXl_VXiq55mjdoUjUWtrXBGzN58Vhbaz6oQQkJ7PhsUc3OySm5Y1159pNHgpj_mbQhFUeJFN4Z4Vb3lX5sdzz
Request Chain 435
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEEXKdZ-7kD4Schu9xy6zeTA&google_cver=1&google_push=AaAOQGHkNFtLZZr0T2uMvHdK2eT-Jx8cV6ieqgQuRMaodm011Qr1AYweIdsYnyKZ40fDeEa4SVI6rzHJ3DF5U--KUdHmH5ImBgLM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGHkNFtLZZr0T2uMvHdK2eT-Jx8cV6ieqgQuRMaodm011Qr1AYweIdsYnyKZ40fDeEa4SVI6rzHJ3DF5U--KUdHmH5ImBgLM&google_hm=eS1GY2VjMmFCRTJwRWF0N1lvdXFTUEtxZ1dhVWxjX2Jkb35B
Request Chain 436
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEDVZHbieibr6ZMRRhY0e81c&google_cver=1&google_push=AaAOQGH8CzdArx2K1MitwzUq9q738f0gkPUzwCsjPmqgSqHYIzgXwtiKvz-6dI3i0JmVkZSt83MQjfrgEf78ms5r1Lrk_Jxgn3ty HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AaAOQGH8CzdArx2K1MitwzUq9q738f0gkPUzwCsjPmqgSqHYIzgXwtiKvz-6dI3i0JmVkZSt83MQjfrgEf78ms5r1Lrk_Jxgn3ty&google_hm=HFVlsGZHfXGRSmJESuGNAQTf
Request Chain 437
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEEprlCHTwu-CEgoHNke_Njk&google_cver=1&google_push=AaAOQGGRxMCJNaD8ZvxnmQotP9gGIryWskOZ2zT0zzXUw_0Z8U9vYz1N2679eOzHueEKiDE-0vsOhkRNq7KBRxmQu0vzZsYtk_w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGGRxMCJNaD8ZvxnmQotP9gGIryWskOZ2zT0zzXUw_0Z8U9vYz1N2679eOzHueEKiDE-0vsOhkRNq7KBRxmQu0vzZsYtk_w
Request Chain 488
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=walla.co.il&sn=ChromeSyncframe&so=3&topUrl=www.walla.co.il&bundle=0an6819sd0E3MFptMUZ3aGR2NEFxYTFNeVd2UGRNVmxKNXNWMWpHTWpNdW5Nc0V3VnVnMjRrUHZZZjcwRjFtVXlFcjFrVXJ4d0ZsYWdVUmhYbEJPYUFRTUsyVXBIQWNOVjg1Zzd3QTg4Tm02ZXV0dGdTRWpKaG5yY0lPYkRLMGx6RjIlMkJUYVVoMiUyRkVZNTU2Z1BGSnRKTUZWczdBJTNEJTNE&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=Nlt_GHw5bXZURVVFeGc4WmRYUkREV1V5SFUvZzZqZmU2bzg0RDNhY1ZPNks2ZVpqSjhHMUVIT2c3T1BFWGlIbVZYOUljdEQ4QkE3Nml0QXFXQ0xKbEVlT2w2aXBkRjhPV3p0b1JGaWlqdzh3eUdtVnVwT2k3dUNLSUhYeW9IUlM0bDNwMWFoNW1mMWFjN1BRTjM3T0tvNnl2NjhUdGxTT1NsQTZVMFRIT0ZySFFCdndTalpEQnBubXZrNFl0N2FWRlVLNlR1M3l3OWNXR08yMG9Lb08rN0kzRk55b0o5MFBFRmliYm1BcG9XemhhcmJpeFR6eU5lY1pJWXROY3J0UGpTTXh0bUxuMUo3VVZxR3Jtc2xadzREK0xUQW53U3ZTdloxemc4UlZ1LzhHeGxyUT18&cppv=2
Request Chain 512
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6787409872298853058
Request Chain 513
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5142336724495103824
Request Chain 514
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 515
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=41AF2F61-DF1E-47AD-B75E-FCBEF85865DC&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=41AF2F61-DF1E-47AD-B75E-FCBEF85865DC&redir=true&gdpr=0&gdpr_consent=&dcc=t
Request Chain 516
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=kevu25Pt6IqK77WMn-ug2JLnuo2Kub-MxuadYzew
Request Chain 517
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Qa8vYd8eR623Xvy--Fhl3A%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 519
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=810402193 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=41AF2F61-DF1E-47AD-B75E-FCBEF85865DC
Request Chain 520
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=41AF2F61-DF1E-47AD-B75E-FCBEF85865DC HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=OWRoMjdXSG5jU3dTRk9odXc3MFRhMlR3UQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=5010584359958224364&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 521
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDFBRjJGNjEtREYxRS00N0FELUI3NUUtRkNCRUY4NTg2NURD&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 522
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOoxkNRQfetjY9h4Sm67Ca8&google_cver=1
Request Chain 525
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5010584359958224364
Request Chain 532
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZMpC3hY46L-Ts4Y28pudWQAADHgAAAAB&gpp=&gpp_sid= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZMpC3hY46L-Ts4Y28pudWQAADHgAAAAB&gpp=&gpp_sid=&dcc=t
Request Chain 533
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZMpC3hY46L-Ts4Y28pudWQAADHgAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEDYcvhJpJAHMDht6d2JtE8c&google_cver=1
Request Chain 535
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=U91oU8B11Qrams5
Request Chain 536
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=yO_OWMrpyAnT65UPxu-AW8vjmg7TvZ8Pn-L3G2k7
Request Chain 538
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=c33cc91b-fd30-36d8-9001da4b
Request Chain 540
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
Request Chain 541
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDczYjk3OWQ3M2VkMjQ0MmUzNWQ2ZjU4ZDkwYzUzYjE4NWE1MGI2Yg
Request Chain 542
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEP4FncFnhiCe4VorvQ69fO0&google_cver=1
Request Chain 543
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=oGsezUhdTgOvU01ef8z8rw&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=oGsezUhdTgOvU01ef8z8rw
Request Chain 545
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/vmlYx7WehPp2SrxvJY36bMn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-Q.Bxr85E2oLHUyeHNxZ8U5bkET.B6sK2oeFaiA--~A
Request Chain 546
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=waposvIcSjCv0dQaZZaSTg&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=waposvIcSjCv0dQaZZaSTg
Request Chain 547
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEtUTzFFSUEtMUQtTUVLUw== HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGt0ed7yHO_2JKVVtdK4wR0&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEtUTzFFSUEtMUQtTUVLUw==&google_push=
Request Chain 549
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5594854542
Request Chain 551
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID HTTP 303
  • https://csync.smilewanted.com/set_partner_userid_get/adform/5010584359958224364
Request Chain 554
  • https://creativecdn.com/cm-notify?pi=smilewanted HTTP 302
  • https://creativecdn.com/cm-notify?pi=smilewanted&tc=1 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/ev6oEwxfWd7YTbNoLO5b?pi=smilewanted&tc=1
Request Chain 557
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=c6780213fba4eaf93d58c3a20f3bf581
Request Chain 568
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3834717352970909905&gdpr=0&gdpr_consent=
Request Chain 569
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7262690891818072211&gdpr=0&gdpr_consent=
Request Chain 570
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=k1hVeDC4WaZja4O8TDTQD9ly2hg&gdpr=0&gdpr_consent=
Request Chain 572
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEcGtVN0psSVlBQUNjZGtTRHZkdw&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AADpkU7JlIYAACcdkSDvdw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AADpkU7JlIYAACcdkSDvdw&pid=558502&do=add&gdpr=0 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AADpkU7JlIYAACcdkSDvdw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=3986590336847046134&gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADpkU7JlIYAACcdkSDvdw&gdpr=0&gdpr_consent=
Request Chain 574
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=41AF2F61-DF1E-47AD-B75E-FCBEF85865DC&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=41AF2F61-DF1E-47AD-B75E-FCBEF85865DC&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 575
  • https://pixel.onaudience.com/?partner=214&mapped=41AF2F61-DF1E-47AD-B75E-FCBEF85865DC&gdpr=0&gdpr_consent= HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=d260a5231f26a803d248d3371d65a5ee&gdpr=0 HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=804cb39095bbdaf8/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1 HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=1242&redirect=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D68%26icm%26cver%26mapped%3D__ADFUID__%26gdpr%3D1 HTTP 302
  • https://pixel.onaudience.com/?partner=68&icm&cver&mapped=5010584359958224364&gdpr=1 HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=804cb39095bbdaf8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=88813a73-346f-4cef-5821-7e2d7347b981&reqId=779665fb-3a02-4480-6989-7eaccf5cd9be&zcluid=804cb39095bbdaf8&zdid=1332 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEAuWsv5aaltkSst6dNclwl0&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=88813a73-346f-4cef-5821-7e2d7347b981&reqId=779665fb-3a02-4480-6989-7eaccf5cd9be&zcluid=804cb39095bbdaf8&zdid=1332
Request Chain 578
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=a89279c2-b82c-4238-846a-41a30f2c2b62&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=a89279c2-b82c-4238-846a-41a30f2c2b62&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=63385e41-6f73-4254-84a3-feecfd04a8fe&ssp=pubmatic&expires=30&user_group=5&bsw_param=a89279c2-b82c-4238-846a-41a30f2c2b62
Request Chain 580
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8215906233994764765&gdpr=0&gdpr_consent=&us_privacy=

583 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.walla.co.il/ 		578 KB
267 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
6a6ed8fb7eb7237c120e697c7ad190ebcf04ad1f286ae4e09cc4bfd7eb063ff7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=30
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 02 Aug 2023 11:49:46 GMT
etag
W/"909d8-aEIVZreGR4TOl2bdCtMKMv/CEcA"
server
openresty/1.15.8.1
vary
Accept-Encoding
via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
x-amz-cf-id
T-3zFoR-qJjHCOjytDl0_2VVjqKpc_ChMlgFa2jbynBL8tZBRHBFrA==
x-amz-cf-pop
FRA2-C1
x-cache
Miss from cloudfront
x-cached
HIT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		84 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8f342b37e775567bee8dd3fb781154db5f4a1ade6130a46b85188876ded56531
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:46 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28336
x-xss-protection
0
server
cafe
etag
462 / 19571 / 31076660 / config-hash: 16630778728147501911
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 02 Aug 2023 11:49:46 GMT
wallacoil-prod.js
cdn.valuad.cloud/hb/ 		1000 KB
273 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1690934400000
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
e422901370f2b04ac1984fe73e0b31bf8a8e5d3264aab45e45586e3818657e5a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:46 GMT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
last-modified
Tue, 01 Aug 2023 19:02:28 GMT
x-amz-request-id
tx00000000000000685da10-0064c9571e-3afd56f0-fra1a
etag
"bf0209bec7a8c0ba89572bd1d5f964f3"
x-envoy-upstream-healthchecked-cluster
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw
1690976986.dop203.fr8.t,1690976986.cds225.fr8.hn,1690976986.cds207.fr8.c
content-type
application/javascript
x-rgw-object-type
Normal
cache-control
public, max-age=86400
accept-ranges
bytes
content-length
278664
loader.js
cdn.taboola.com/libtrc/wallail-walla/ 		798 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/wallail-walla/loader.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e253c035ba9ec55d5b9463864759e9b4519d5d24e2b3ed1f0b09199e662dbceb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id
YCfoYqmTCo__WElUjaCGJofk3Nh4iAWE
content-encoding
gzip
via
1.1 varnish
date
Wed, 02 Aug 2023 11:49:46 GMT
x-amz-request-id
47GSW3CJYK7P7A4G
age
106
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
FAILED
content-length
64462
x-amz-id-2
IB0M3rVGnGSNrhb3DBlSbO0LlvAxGY7hldNSAEiQfEq5SGAhWadaEJ5eYrP+Y+TvCU3MD2UB1Yc=
x-served-by
cache-cph2320025-CPH
last-modified
Tue, 01 Aug 2023 14:22:29 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1690976987.856591,VS0,VE1
etag
"44429a3ab669221283c6b06099f418ab"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
93
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
1
widgets.js
platform.twitter.com/ 		91 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B8A) /
Resource Hash
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Wed, 02 Aug 2023 11:49:46 GMT
Content-Encoding
gzip
Age
1188
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
27630
Last-Modified
Tue, 24 Jan 2023 21:41:51 GMT
Server
ECS (amb/6B8A)
Etag
"9e99725b7a4cd730a934afba2a438bb5+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=1800
gtm.js
www.googletagmanager.com/ 		468 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T728TH
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
afe8eb324ec4e60aa70cad58ceeb9630c7d7fb27d1e367c1bbb4338a9bb2fb33
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:46 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104013
x-xss-protection
0
last-modified
Wed, 02 Aug 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 02 Aug 2023 11:49:46 GMT
gtm.js
www.googletagmanager.com/ 		422 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WGMK7ZS
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3b6a9f2ffcdb9f912a7aedfcd1a86a159a38f7f592edec6f6d2623b079d94c5e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:46 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69141
x-xss-protection
0
last-modified
Wed, 02 Aug 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 02 Aug 2023 11:49:46 GMT
js
www.googletagmanager.com/gtag/ 		197 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-11170679829
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cd761999e95a96d74a3853a66f59b6c360d58e26f46d5bd382ba0660246e2832
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:46 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
71842
x-xss-protection
0
last-modified
Wed, 02 Aug 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 02 Aug 2023 11:49:46 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 02 Aug 2023 11:44:24 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
322
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 02 Aug 2023 13:44:24 GMT
dmp-provider.js
tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/ 		208 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/dmp-provider.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.219.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-219-86.ams54.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash
8a617d5238d3f9c742fe845ee5a9821bcb8f741d3dac12ad327dd86907822a8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 12:30:37 GMT
content-encoding
br
via
1.1 23776effa8a63b2e2dccd702e73b0c86.cloudfront.net (CloudFront)
server
nginx/1.20.0
x-amz-cf-pop
AMS54-C1
age
83949
vary
Accept-Encoding,Origin
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
x-amz-cf-id
M7GiJR7PqLpI4nq4cw9J3ulwQGMnKhi_S-WChuVCovibpBp2sj0wqQ==
chartbeat.js
static.chartbeat.com/js/ 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:1a00:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
0ca578004c17a038ab0b78306e6bf07a05fd2f4617cd4d2c9b774ef09b796a1e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 18:39:00 GMT
content-encoding
gzip
via
1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
last-modified
Wed, 28 Jun 2023 00:35:23 GMT
server
nginx
x-amz-cf-pop
FRA6-C1
age
61846
etag
W/"649b804b-9482"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
wxpUd-cHPd_7pt7hQmqzN78lElUDTG6tF_MV5ZX1ALYKsHUAFK356A==
expires
Wed, 02 Aug 2023 18:39:00 GMT
chartbeat_mab.js
static.chartbeat.com/js/ 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_mab.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:1a00:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
cb83af0eec1fb71fb35196225c4a4a8964b7e47b52f9a85679c808907abd2b09

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 01:21:05 GMT
content-encoding
gzip
via
1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
last-modified
Wed, 28 Jun 2023 00:37:14 GMT
server
nginx
x-amz-cf-pop
FRA6-C1
age
37721
etag
W/"649b80ba-5df1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
ttm6kdB8Pkxw5eqBmuigUvGh4UAP0tXKWrZeQBD4UhkfBgcg3ZWyiA==
expires
Thu, 03 Aug 2023 01:21:05 GMT
new-logo-mobile.svg
www.walla.co.il/public/assets/homepage2/ 		1 KB
967 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/homepage2/new-logo-mobile.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
a1cb876b8d4ac161aa3960063801ce2a3e1f893863524b9132de74867fe9d16b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:46 GMT
content-encoding
gzip
via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
last-modified
Wed, 02 Aug 2023 11:11:57 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"473-189b5f28448"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
baphQ8Gd1NZJfL2afpgIuVhD_dJHSHHI5Kxk-IqTeQhKOsaoaMk-MQ==
x-cached
HIT
icon-weather-mobile.svg
www.walla.co.il/public/assets/icons/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/icon-weather-mobile.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
fd3121a04a4b745f71058c38f7902b207de37f86aa3a9674eda80a2baf366382

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:46 GMT
content-encoding
gzip
via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
last-modified
Wed, 02 Aug 2023 11:11:57 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"7ee-189b5f28448"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
XVCz2dzfTDYnwhbzXsQIiabJZkE_bRTe1qosqHcCi1LtjAaoauiocA==
x-cached
HIT
icon-mail-no-bg.svg
www.walla.co.il/public/assets/homepage2/ 		464 B
821 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/homepage2/icon-mail-no-bg.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
50795dddaa17612e809ddf339489bc1fdff6f7bcc76115ba6eeb17eccb68eb47

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:46 GMT
via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
last-modified
Wed, 02 Aug 2023 11:11:57 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"1d0-189b5f28448"
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
464
x-cached
HIT
x-amz-cf-id
xIMf1bsiDNa5cRscXM5rbEecVzqEm6e925R7sATTyFI3IHQ4oy32Nw==
new-logo.svg
www.walla.co.il/public/assets/homepage2/ 		1 KB
990 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/homepage2/new-logo.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
a0321d7f4006d1ef24eb6f33f7252ab8bcbb9237a56c49aad5abe30b085ae3fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:46 GMT
content-encoding
gzip
via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
last-modified
Wed, 02 Aug 2023 11:11:57 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"492-189b5f28448"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
ebH16Ez2dfcCLeUqPO8l755F7926Qb8CQmzl_TvffwMQTncZIvg3Qw==
x-cached
HIT
allay-icon.svg
www.walla.co.il/public/assets/icons/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/allay-icon.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
06629d4561f4f5300f64a9bd017f09f07617d10fe67e3c82feabd39d52aad534

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:46 GMT
content-encoding
gzip
via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
last-modified
Wed, 02 Aug 2023 11:11:57 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"c00-189b5f28448"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
p6CEya7lKYbDRob6sYFmhGcRQjT3p7Mu9DgcbDRvh_KQodjo1cPZMA==
x-cached
HIT
tiktok.svg
www.walla.co.il/public/assets/navigation/ 		628 B
986 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/navigation/tiktok.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
40083197f6c3fad2ef5d99095c72f3a60072e92bdfcd920dd91299f3679027b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:46 GMT
via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
last-modified
Wed, 02 Aug 2023 11:11:57 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"274-189b5f28448"
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
628
x-cached
HIT
x-amz-cf-id
RIoWV8pZh-pNc_09o-CE0lXKdoXWiA0k1_faT5YHsoDiTZWMMPQG9Q==
insta.svg
www.walla.co.il/public/assets/navigation/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/navigation/insta.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
23e2409494818d5a7bbcf232f0818db8599da2d9c3c1856572f95ffc7b4b1d2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:46 GMT
content-encoding
gzip
via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
last-modified
Wed, 02 Aug 2023 11:11:57 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"79e-189b5f28448"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
RZAVgZBaf6lYHuEDKaLiN-IajoZz3dlf2Es5ch9C1hokXzVEVhMECQ==
x-cached
HIT
twitter.svg
www.walla.co.il/public/assets/navigation/ 		1004 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/navigation/twitter.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
d685d349bc446d06cf68755fd4dbd95bb51f8913ad08cea281e371aa1fc284eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:46 GMT
content-encoding
gzip
via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
last-modified
Wed, 02 Aug 2023 11:11:57 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"3ec-189b5f28448"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
nMU_PO2DYxyvj0p1El0iz0LAEvhjmJ_PtKl-0BIvV4XEGY5f7LJCmQ==
x-cached
HIT
facebook.svg
www.walla.co.il/public/assets/navigation/ 		471 B
830 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/navigation/facebook.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
5d2840fc0bf868ec7e60c9e2f14a0f623b865ee0a7f8459fbfb25881709f7838

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:46 GMT
via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
last-modified
Wed, 02 Aug 2023 11:11:57 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"1d7-189b5f28448"
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
471
x-cached
HIT
x-amz-cf-id
RwtYI5STTBz9-ZsMyoa5nMQVDbVsroEEdMBMzlFZi-JLU-Iy7oSMwA==
3559629-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_1000,t_18/3/5/5/9/ 		105 KB
105 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_1000,t_18/3/5/5/9/3559629-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
2dda23d88c847231d28401a1418c049d4b3bc3c136a958ffaaf2a19602a5db29

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 10:51:16 GMT
via
1.1 google
age
3510
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
107737
google.gif
www.walla.co.il/public/assets/icons/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/google.gif
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
a9556451882c7b86d689ee82a86c2b360cf0acea6d92a4165c80054371e52336

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:46 GMT
via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
last-modified
Wed, 02 Aug 2023 11:11:57 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"5b6-189b5f28448"
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
1462
x-cached
MISS
x-amz-cf-id
PRnlJYoo5w9EDrs5gxLgjqwbW0pE6jLNZa38YBrBgajIJKPPdyn1Dg==
icon-serch.svg
www.walla.co.il/public/assets/homepage2/ 		743 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/homepage2/icon-serch.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
b7ee2e2c1f36198a263d4d442d6752e78d61fecd54473cb5c1c3dbb8b6053817

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:46 GMT
via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
last-modified
Wed, 02 Aug 2023 11:11:57 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"2e7-189b5f28448"
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
743
x-cached
MISS
x-amz-cf-id
yga2T8M4B8Mlh7EEnXD4jXay1o0bQ8-BEUoOW1pdgEwfCGm5Cyql5g==
icon-5-g.svg
www.walla.co.il/public/assets/icons/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/icon-5-g.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
9e3035b7f5b0074bf8401e498b2160a29e3f13741f03e537ad98e9a1836a701f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:46 GMT
content-encoding
gzip
via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
last-modified
Wed, 02 Aug 2023 11:11:57 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"b30-189b5f28448"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
mP73biAaS_AQooW_ZNZXyNhf4PX1e2f6Kni9Q_8dfOeixBU4XtIftA==
x-cached
MISS
icon-wather.svg
www.walla.co.il/public/assets/icons/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/icon-wather.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
c2095f6920579eb6938ef2ddecc5652d5a9557555a32b019969e329a93731897

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:46 GMT
content-encoding
gzip
via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
last-modified
Wed, 02 Aug 2023 11:11:57 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"85c-189b5f28448"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
RimP4XcBOlHIsIfz1JVHzXCFdKblhQ8WO6-CTN-zhaNuK2KYVzgvdw==
x-cached
MISS
icon-mail-empty.svg
www.walla.co.il/public/assets/homepage2/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/homepage2/icon-mail-empty.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
56dc3f20e9bfd5faaa6cb74b9e2b1c4f6ef120732aa1f111b56e988123800fbd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:46 GMT
content-encoding
gzip
via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
last-modified
Wed, 02 Aug 2023 11:11:57 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"5f6-189b5f28448"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
xoDfgH5TSdTlvWI5IYBUanqxcysms3TiiF2yzA9T306FelDs_6Ob3w==
x-cached
MISS
almoni-neue-aaa-600.woff
www.walla.co.il/public/font/almoni/ 		58 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/font/almoni/almoni-neue-aaa-600.woff
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
963bd10345f70bf05d8735d5e33a7586d1c4b5e8a5b45861d36febe8be0d9af8

Request headers

Referer
https://www.walla.co.il/
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:46 GMT
via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
last-modified
Wed, 02 Aug 2023 11:11:57 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"e954-189b5f28448"
x-cache
Miss from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
59732
x-cached
HIT
x-amz-cf-id
mw0O2rmpLJqtfluYcGypXZLIDZbQ5twmuSQpmZifG-r_GT5JUPKeOw==
almoni-neue-aaa-700.woff
www.walla.co.il/public/font/almoni/ 		59 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/font/almoni/almoni-neue-aaa-700.woff
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
bfde7d8c3faf39da42713b587dbed55d088a5afc1664a79565a8391735c63df1

Request headers

Referer
https://www.walla.co.il/
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:46 GMT
via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
last-modified
Wed, 02 Aug 2023 11:11:57 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"ea00-189b5f28448"
x-cache
Miss from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
59904
x-cached
HIT
x-amz-cf-id
YcT4YSVPOlBmoG0m0GOD9lx_2G6P46TwKr1RAmxROcMaA_h0K9zNnw==
almoni-neue-aaa-400.woff
www.walla.co.il/public/font/almoni/ 		58 KB
58 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/font/almoni/almoni-neue-aaa-400.woff
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
5d571c24dd581cd84d7fb29cf1ca60872930eb09dec2678e282ddfd2b6091086

Request headers

Referer
https://www.walla.co.il/
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:46 GMT
via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
last-modified
Wed, 02 Aug 2023 11:11:57 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"e770-189b5f28448"
x-cache
Miss from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
59248
x-cached
HIT
x-amz-cf-id
eyi-X23P1k0Yvy-uEty1q4F1IGmWE5MEP6KvRkYIn7-NXwtigvofNw==
almoni-neue-aaa-500.woff
www.walla.co.il/public/font/almoni/ 		58 KB
58 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/font/almoni/almoni-neue-aaa-500.woff
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
3ce180dce4e114166047284e549a6dae0c28ec609c5539920da8fa3a0c6a9034

Request headers

Referer
https://www.walla.co.il/
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:46 GMT
via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
last-modified
Wed, 02 Aug 2023 11:11:57 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"e7c0-189b5f28448"
x-cache
Miss from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
59328
x-cached
HIT
x-amz-cf-id
4k9z8B1yBsvK6ZBqcIAt_x-bBRaHmWvs3Jxhnml48UtM9IuSP7AkEw==
invalid-name2.svg
www.walla.co.il/public/assets/shivuki/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/shivuki/invalid-name2.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
ce3152168290b1b92efe3a9ec4ee91acf3b91397b117aecaa158ae938bb826f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:46 GMT
content-encoding
gzip
via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
last-modified
Wed, 02 Aug 2023 11:11:57 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"834-189b5f28448"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
o0fL-MLFrOp7_vEg9y4v6R9jZy4didjAV_NVgBD3Yp0nmUk8OGcMxw==
x-cached
HIT
3576517-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/5/7/6/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/5/7/6/3576517-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
623fc8e358a6564dcebbe993a5feb5f624eddc9385997761e2fbcf7caf06732b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 23:01:42 GMT
via
1.1 google
age
46084
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16456
3562598-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/5/6/2/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/5/6/2/3562598-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
04af9b5f5e7d4140b6b8e4610c0f93714093f9f7bfe6df57766f70a4caf8c80d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 15:53:34 GMT
via
1.1 google
age
71772
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30042
3125231-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/1/2/5/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/1/2/5/3125231-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
188aae7cbef4f04bc49f96b816c3ca8e442f9c649d0318906ac30439706a3552

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 23:02:26 GMT
via
1.1 google
age
46040
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8409
logo_walla+.png
www.walla.co.il/public/assets/homepage2/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/homepage2/logo_walla+.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
301bf90c72cd880946376981a30c087ebfdb02bf1a96780e311b7c48a0ed03a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:46 GMT
via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
last-modified
Wed, 02 Aug 2023 11:11:57 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"26ba-189b5f28448"
x-cache
Miss from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
9914
x-cached
HIT
x-amz-cf-id
Nyd5Hp369eKDvdOyVBXwrxUDn0_M8EAYvnRLlAs_ntbRbfghnpmsnQ==
3564816-46.mp4
images.wcdn.co.il/q_auto,w_300,t_18/3/5/6/4/ 		833 KB
834 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/q_auto,w_300,t_18/3/5/6/4/3564816-46.mp4
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
69ccee7561324d62b56186f49876111b90537a9024fb41bc662c9ef11166fd34

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 13:36:53 GMT
via
1.1 google
age
79973
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
853482
3572038-46.mp4
images.wcdn.co.il/q_auto,w_300,t_18/3/5/7/2/ 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/q_auto,w_300,t_18/3/5/7/2/3572038-46.mp4
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
a59afcb6bf5166e0e0687c864e8e8141c61560e5ed467cd217c450c1cb459845

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 15:51:15 GMT
via
1.1 google
age
71911
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74084
3569683-46.jpeg
images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/5/6/9/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/5/6/9/3569683-46.jpeg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
bcb119f96a9e5068c249668908f679d111bbde0867559eb59673e5e2a0340dd5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 17:56:17 GMT
via
1.1 google
age
64409
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14654
3933_4af9f32aa5600d50a1e5_4af9f32aa5600d50a1e5_walla.js
www.walla.co.il/public/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/3933_4af9f32aa5600d50a1e5_4af9f32aa5600d50a1e5_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
0cbdcc7e5bc4af4fa7963965c349288c941fddde011311ab6e16a70a98df7dc4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:46 GMT
content-encoding
gzip
via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
last-modified
Wed, 02 Aug 2023 11:14:31 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"307b-189b5f4ddd8"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
jSs72H4B4iYI5u14YH5V-n-TqjZLZCSAwSegRikxK26pKYfQ3PjVdA==
x-cached
MISS
2415_1964ea1482fc9bb00b2a_1964ea1482fc9bb00b2a_walla.js
www.walla.co.il/public/ 		310 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/2415_1964ea1482fc9bb00b2a_1964ea1482fc9bb00b2a_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
fba5c7d3750000b669c9c3bd2d7fa3bd1eb6a1dc564a9752c4116ad0f7562c1b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:46 GMT
content-encoding
gzip
via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
last-modified
Wed, 02 Aug 2023 11:14:31 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"4d9e4-189b5f4ddd8"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
gV3Lb0blBUgEGbUhSv1xNG8RD8uwH_fphTElIR_P9BDKNL2JrYjGeQ==
x-cached
HIT
main_570878f1c34a63f3c703_570878f1c34a63f3c703_walla.js
www.walla.co.il/public/ 		995 KB
221 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/main_570878f1c34a63f3c703_570878f1c34a63f3c703_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
0266f1413b772dfa298d717f940a6a36ba5fc069c6bb2d19fcae93ee15d773fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:46 GMT
content-encoding
gzip
via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
last-modified
Wed, 02 Aug 2023 11:14:31 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"f8d87-189b5f4ddd8"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
Wuu19rhn8bk8bEbhPfiIRXMd296e2CZwM4OGgV_h_m2BoLD-Qv1Eiw==
x-cached
HIT
9561_a6cb45b79e6001ccc514_a6cb45b79e6001ccc514_walla.js
www.walla.co.il/public/ 		27 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/9561_a6cb45b79e6001ccc514_a6cb45b79e6001ccc514_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
801d6ff0dd3191cc7e44d8060ed2336706e8301bf4478df935f1ef87a82c11de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:46 GMT
content-encoding
gzip
via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
last-modified
Wed, 02 Aug 2023 11:14:31 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"6b6b-189b5f4ddd8"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
N_wvZKR-9dQ-V4ePwS25HizJM2-mOGvxUsih9aUXRk8QtqOM_6SyGg==
x-cached
HIT
homepage_63f4721d7ae5adac60b1_63f4721d7ae5adac60b1_walla.js
www.walla.co.il/public/ 		217 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/homepage_63f4721d7ae5adac60b1_63f4721d7ae5adac60b1_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
e6d6defa67b3b89cb20b719ccc49bf489ab3fc19a0426620b55d513859c5acca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:46 GMT
content-encoding
gzip
via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
last-modified
Wed, 02 Aug 2023 11:14:31 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"362a2-189b5f4ddd8"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
cXJbC0x8INYelyjGaFutwAyLmm1Yr0gdEshLDiEMrS-dE5k3QVuDAg==
x-cached
HIT
recorder.js
web-sdk.smartlook.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://web-sdk.smartlook.com/recorder.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
ef39d0d27b499b0fe070bd0961dbd9ca1aeb0ada339c62fe14dc65177d4c3f96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Wed, 02 Aug 2023 11:49:46 GMT
strict-transport-security
max-age=31536000, max-age=31536000
content-encoding
gzip
x-cache
HIT
x-77-cache
HIT
cross-origin-resource-policy
cross-origin
x-age
575
x-accel-date
1690976411
x-77-nzt
AcO1qhE/p9//PwIAAA
x-accel-expires
@1690977011
last-modified
Wed, 02 Aug 2023 09:33:40 GMT
server
CDN77-Turbo
etag
W/"64ca22f4-10f6"
x-77-nzt-ray
4c15622428de12cbda42ca647b7f7439
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=600
wallaicons.woff
www.walla.co.il/public/font/fonticon/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/font/fonticon/wallaicons.woff
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
5927b526dea517c6d58a54685beb027c35c2f7dfef38f318d487ff4275d3913a

Request headers

Referer
https://www.walla.co.il/
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:46 GMT
via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
last-modified
Wed, 02 Aug 2023 11:11:57 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"3bdc-189b5f28448"
x-cache
Miss from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
15324
x-cached
HIT
x-amz-cf-id
5WqpDvpxvPqJjIiPH0AZTVlRK5kJrGLe3qeQUvlwQvdVC41kB1fTwQ==
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=walla.co.il&p=%2F&u=Dj5g6eDO0eCdBTNNv1&d=walla.co.il&g=20047&g0=%D7%95%D7%95%D7%90%D7%9C%D7%94&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=11445&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.walla.co.il%2F&b=284&t=BOaChzDisRA0CMBS6CLO71VDj4XiO&V=140&i=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D%20%D7%A9%D7%95%D7%98%D7%A4%D7%99%D7%9D&tz=0&sn=1&sv=UcPd8DjhC7vBEVtTKBi0y7TEawSj&sd=1&im=067b2fff&_
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.223.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-223-114.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 02 Aug 2023 11:49:47 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
PRE
tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/snippets/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/snippets/PRE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.219.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-219-86.ams54.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.walla.co.il
access-control-max-age
1800
age
83909
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length
0
date
Tue, 01 Aug 2023 12:31:18 GMT
server
nginx/1.20.0
vary
Origin
via
1.1 a668b79ea8c4f6f5d611c57b44351ff0.cloudfront.net (CloudFront)
x-amz-cf-id
6qLXVDOijMAGRY2_-YbUGbajxKgETuGpgwldM3KrGEBm8xtmFWEkdg==
x-amz-cf-pop
AMS54-C1
x-cache
Hit from cloudfront
bdbae668-c577-4545-8fc2-4ad4eab52b2c-web.js
cdn.permutive.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.permutive.com/bdbae668-c577-4545-8fc2-4ad4eab52b2c-web.js?d=2023-08-02
Requested by
Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/dmp-provider.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.150.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers
kahoona-idx-live.js
d2r08ja41ypc0t.cloudfront.net/WALLA/ 		52 B
463 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d2r08ja41ypc0t.cloudfront.net/WALLA/kahoona-idx-live.js
Requested by
Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/dmp-provider.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:aa00:4:1c73:c740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ad9dc28caa0fca7a160f2f4c9907725629603a32a137934e5cdcc2652323f637

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id
ij0H4Ovav57a0UP4tyuRnZhuK0a2LmIu
date
Tue, 01 Aug 2023 14:53:13 GMT
via
1.1 507b5edb20d0e1a0b73c8687f53defa8.cloudfront.net (CloudFront)
last-modified
Mon, 23 Jan 2023 15:24:02 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
75397
x-amz-server-side-encryption
AES256
etag
"ac76f968cf4a4fbbb4cd41cc0f5c401c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
52
x-amz-cf-id
NNolNsQC7idRWvr7tupyoYhzVq78qDDXUpVHRy9-4CJ58sSFBlGlKw==
PRE
tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/snippets/ 		0
319 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/snippets/PRE
Requested by
Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/dmp-provider.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.219.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-219-86.ams54.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/javascript

Response headers

date
Tue, 01 Aug 2023 12:30:57 GMT
via
1.1 23776effa8a63b2e2dccd702e73b0c86.cloudfront.net (CloudFront)
server
nginx/1.20.0
x-amz-cf-pop
AMS54-C1
age
83930
vary
Origin
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
access-control-allow-credentials
true
content-length
0
x-amz-cf-id
PSAr6kAxLGmEeSkT0A_t-z6Lr03Ra0C-XITkhehkme5rGhYvi1QnYw==
POST
tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/snippets/ 		0
321 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/snippets/POST
Requested by
Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/dmp-provider.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.219.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-219-86.ams54.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/javascript

Response headers

date
Tue, 01 Aug 2023 12:30:57 GMT
via
1.1 23776effa8a63b2e2dccd702e73b0c86.cloudfront.net (CloudFront)
server
nginx/1.20.0
x-amz-cf-pop
AMS54-C1
age
83930
vary
Origin
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
access-control-allow-credentials
true
content-length
0
x-amz-cf-id
CVXFgjdG-hKpHc1cG82g3xV-BuSMIkxIDB6vOS7FRFXI2B8jHsGo7Q==
POST
tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/snippets/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/snippets/POST
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.219.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-219-86.ams54.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.walla.co.il
access-control-max-age
1800
age
83908
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length
0
date
Tue, 01 Aug 2023 12:31:19 GMT
server
nginx/1.20.0
vary
Origin
via
1.1 a668b79ea8c4f6f5d611c57b44351ff0.cloudfront.net (CloudFront)
x-amz-cf-id
-831KcBd-2uKyN3kO8YaEkHoPyolHc5VHfo5RwCmTCNlOkRheEdjzg==
x-amz-cf-pop
AMS54-C1
x-cache
Hit from cloudfront
/
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 		24 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=walla.co.il&domain=walla.co.il&path=%2F
Requested by
Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f2448fbc7bf766266d8b9053417d658c80147317e470c85cfab33de5970a7df0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-cache-hits
1
date
Wed, 02 Aug 2023 11:49:47 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.0), 1.1 varnish
age
6
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
3824
x-served-by
cache-fra-eddf8230037-FRA
x-timer
S1690976987.043714,VS0,VE1
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges
bytes
expires
Mon, 31 Jul 2023 11:49:40 GMT
fbevents.js
connect.facebook.net/en_US/ 		172 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c99ff58c3dc4deb821c87dc9c45aed4af66541ceb1b0f62ec208114ffc37dbf4
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 02 Aug 2023 11:49:47 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
47198
x-xss-protection
0
pragma
public
x-fb-debug
ZeJOX5E4B/kHiz8ZKqsXzBguMc76CN1XLfC3+R75TIu9Fp4/j52+xHzRoM+FlsZ8wwhcACgiRA/cYmyPu9+PbQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		197 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-11170679829&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WGMK7ZS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9117bb06a9e660dd06c258479ab33e8471275667432fe5c5349e6f2e68b0e673
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:47 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
71827
x-xss-protection
0
last-modified
Wed, 02 Aug 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 02 Aug 2023 11:49:47 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/ 		398 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js?cb=31076660
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8f7018f33777001d751d8c8d9107bb98e2b2dc3e6c6375a85518365653147c8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 10:36:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
4404
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
129167
x-xss-protection
0
server
cafe
etag
5057873641579568274
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 01 Aug 2024 10:36:23 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/11170679829/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11170679829/?random=1690976987086&cv=11&fst=1690976987086&bg=ffffff&guid=ON&async=1&gtm=45be37v0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.walla.co.il%2F&hn=www.googleadservices.com&frm=0&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D&auid=1150359355.1690976987&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11170679829
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d8df52b241467596315f4089dd46ce5cb7432aa39f10fd7fb913fa74a8e200f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:47 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1380
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
init
hb-dot-valuad.appspot.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/init
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-request-id,x-vad-version
Access-Control-Request-Method
POST
Origin
https://www.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-request-id,x-vad-version
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin
https://www.walla.co.il
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Wed, 02 Aug 2023 11:49:47 GMT
server
Google Frontend
x-cloud-trace-context
afe44ff1f878b5f260c17739569578bb
x-request-id
undefined
init
hb-dot-valuad.appspot.com/ 		38 B
87 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/init
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1690934400000
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
4fd404a3dd41ba5796289aa477fbab1ca6d8417713f348dc46088f0f304a4c86

Request headers

Content-Type
application/json
Accept
application/json
Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
x-request-id
b9f42ce7-e485-45df-b493-b22993b2d9a6
x-vad-version
0.13.7

Response headers

date
Wed, 02 Aug 2023 11:49:47 GMT
content-encoding
gzip
server
Google Frontend
etag
W/"26-mVNvu0agnvYcPb+7WMdjUD1kmNU"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
x-cloud-trace-context
69abb54288964a9c01ad61e328c1b485
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64
x-request-id
undefined
mab
mabping.chartbeat.net/ping/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=Dj5g6eDO0eCdBTNNv1&c=0&V=140&x=gmEac6NcDlB3a&v=A&ml=m&sl=DtkCPJ&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.47.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-47-12.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 02 Aug 2023 11:49:47 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
mab
mabping.chartbeat.net/ping/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=Dj5g6eDO0eCdBTNNv1&c=0&V=140&x=5kL2gh5jAfaHI&v=A&ml=m&sl=BZKHyA&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.47.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-47-12.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 02 Aug 2023 11:49:47 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
mab
mabping.chartbeat.net/ping/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=Dj5g6eDO0eCdBTNNv1&c=0&V=140&x=C6IvCUrUQ0IFI&v=A&ml=m&sl=DQnir6&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.47.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-47-12.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 02 Aug 2023 11:49:47 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
mab
mabping.chartbeat.net/ping/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=Dj5g6eDO0eCdBTNNv1&c=0&V=140&x=FoFHoMcjoR0Kl&v=B&ml=m&sl=DaM_qv,tmu_u&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.47.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-47-12.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 02 Aug 2023 11:49:47 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
mab
mabping.chartbeat.net/ping/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=Dj5g6eDO0eCdBTNNv1&c=0&V=140&x=iM7KNyn9aRGdm&v=B&ml=m&sl=DgSW_v&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.47.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-47-12.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 02 Aug 2023 11:49:47 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
mab
mabping.chartbeat.net/ping/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=Dj5g6eDO0eCdBTNNv1&c=0&V=140&x=eJbHmNnNs20GC&v=B&ml=m&sl=DGOivD&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.47.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-47-12.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 02 Aug 2023 11:49:47 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
mab
mabping.chartbeat.net/ping/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=Dj5g6eDO0eCdBTNNv1&c=0&V=140&x=B2uk5iF825wsb&v=B&ml=m&sl=BbO3x3&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.47.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-47-12.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 02 Aug 2023 11:49:47 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
mab
mabping.chartbeat.net/ping/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=Dj5g6eDO0eCdBTNNv1&c=0&V=140&x=01rasLLYltkCz&v=A&ml=m&sl=CVXHKS&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.47.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-47-12.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 02 Aug 2023 11:49:47 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
mab
mabping.chartbeat.net/ping/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=Dj5g6eDO0eCdBTNNv1&c=0&V=140&x=TZHNS9Vo1p356&v=A&ml=m&sl=q_SnD&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.47.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-47-12.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 02 Aug 2023 11:49:47 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
mab
mabping.chartbeat.net/ping/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=Dj5g6eDO0eCdBTNNv1&c=0&V=140&x=NSczno3rBXqYU&v=A&ml=m&sl=o9Ev7&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.47.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-47-12.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 02 Aug 2023 11:49:47 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
mab
mabping.chartbeat.net/ping/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=Dj5g6eDO0eCdBTNNv1&c=0&V=140&x=MBWevr6ZfUrXP&v=A&ml=m&sl=-22eh&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.47.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-47-12.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 02 Aug 2023 11:49:47 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
mab
mabping.chartbeat.net/ping/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=Dj5g6eDO0eCdBTNNv1&c=0&V=140&x=S9hpfDjdCttYD&v=C&ml=m&sl=BPLh_S&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.47.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-47-12.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 02 Aug 2023 11:49:47 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
mab
mabping.chartbeat.net/ping/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=Dj5g6eDO0eCdBTNNv1&c=0&V=140&x=ewzlCgeBM1VFB&v=A&ml=m&sl=BGCnLg&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.47.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-47-12.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 02 Aug 2023 11:49:47 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
mab
mabping.chartbeat.net/ping/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=Dj5g6eDO0eCdBTNNv1&c=0&V=140&x=KBpjxi2VTo9fp&v=C&ml=m&sl=CHLr0J&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.47.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-47-12.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 02 Aug 2023 11:49:47 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
mab
mabping.chartbeat.net/ping/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=Dj5g6eDO0eCdBTNNv1&c=0&V=140&x=VMh646AKA2anN&v=B&ml=m&sl=D_3n_Y&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.47.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-47-12.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 02 Aug 2023 11:49:47 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
mab
mabping.chartbeat.net/ping/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=Dj5g6eDO0eCdBTNNv1&c=0&V=140&x=ztmk2fe8rxKWf&v=A&ml=m&sl=B5HNky,CTntTQ&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.47.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-47-12.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 02 Aug 2023 11:49:47 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
mab
mabping.chartbeat.net/ping/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=Dj5g6eDO0eCdBTNNv1&c=0&V=140&x=mobatJAvfThpv&v=A&ml=m&sl=BkqKo-&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.47.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-47-12.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 02 Aug 2023 11:49:47 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
mab
mabping.chartbeat.net/ping/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=Dj5g6eDO0eCdBTNNv1&c=0&V=140&me=3&ml=m&x=l0V0tJc1fSU5P
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.47.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-47-12.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 02 Aug 2023 11:49:47 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
mab
mabping.chartbeat.net/ping/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=Dj5g6eDO0eCdBTNNv1&c=0&V=140&me=3&ml=m&x=BiiAErlnnE7mO
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.47.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-47-12.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 02 Aug 2023 11:49:47 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
collect
www.google-analytics.com/j/ 		4 B
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=144338807&t=pageview&_s=1&dl=https%3A%2F%2Fwww.walla.co.il%2F&ul=en-us&de=UTF-8&dt=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D%20%D7%A9%D7%95%D7%98%D7%A4%D7%99%D7%9D&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABEAAAACAAI~&jid=1864989507&gjid=1622475021&cid=2119126147.1690976987&tid=UA-4780630-1&_gid=1300387108.1690976987&_r=1&_slc=1&gtm=45He37v0n71T728TH&cd1=&cd2=173&cd3=&cd4=&cd6=&cd7=&cd8=&cd24=0&cd26=&cd27=&cd28=&cd29=&cd30=&cd31=&cd32=%D7%95%D7%95%D7%90%D7%9C%D7%94&cd33=not&cd34=&cd51=&cd53=&cd54=&cd55=&cd56=&cd59=&cd62=&cd63=&cd65=no&cd69=0&cd76=&cd98=&cd107=&cd108=no&cd109=no&cd110=&cd113=1&cd115=https%3A%2F%2Fwww.walla.co.il&cd116=0&cd117=&cd118=&cd119=&cd120=&cd121=&cd122=gtm.js&cd123=https%3A%2F%2Fwww.walla.co.il%2F&cd124=&z=2052221229
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/conversion/777956447/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/777956447/?random=1690976987202&cv=11&fst=1690976987202&bg=ffffff&guid=ON&async=1&gtm=45He37v0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.walla.co.il%2F&label=mZWsCNeTj4sYEN_Y-vIC&hn=www.googleadservices.com&frm=0&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D&value=0&bttype=purchase&auid=1150359355.1690976987&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T728TH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
6fea3890606d1f2885c18e3675b18d1219297ee5cdc16847d9a66598b88fcf8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:47 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1684
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
conversion.js
www.googleadservices.com/pagead/ 		49 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WGMK7ZS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
8ff0571e454b75517b28b02b1749dbcafa80d1cf6c4786c8fc45ee6f3fd13bcc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:47 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18398
x-xss-protection
0
server
cafe
etag
17414105932935890869
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 02 Aug 2023 11:49:47 GMT
adoric.js
12890047.adoric-om.com/ 		194 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://12890047.adoric-om.com/adoric.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4bfea87f3fe4c0b0a5d33c60faa33b58eca3268bd26fd58cd300bef6f0833ae
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:47 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
via
1.1 google
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
564
x-dns-prefetch-control
off
content-range
bytes 50-10000/*
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-adoric-api-version
9.0.1
server
cloudflare
etag
W/"3090e-1EbMsK3eYKhvriHZIgACI2Ja1zQ"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
movetogcp2020.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7EyD7nVWJiR%2Fal%2B14BaIU8xIhWzzkx1W3rnVW%2BXWNXXF0jfUgbMiXrwBijYN8km1pnud3d6pfh9YD2m2U9Y3MR0H7sex6gS0t8BDyJEkNmr8AEQlhQXlYC3FYuqBTfzdpbgUdU9whFl99SRQox2E1xUKEp6e"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=14400
access-control-allow-credentials
*
vary
Accept-Encoding
cf-ray
7f06197a7ca11a6d-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Credentials
js
www.googletagmanager.com/gtag/ 		218 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-RYD7X7E8VN&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T728TH
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6871e1e6f366d0b46b9cc9beceaa98d41f0915196224700fcc5ca8a5006a330b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:47 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
78718
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 02 Aug 2023 11:49:47 GMT
js
www.googletagmanager.com/gtag/ 		192 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-TSQY5YTYZ0&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T728TH
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
eac5e525a8d45ece425cf093c119ef849bed34c925860a53c9120ac544bb6190
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:47 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
72120
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 02 Aug 2023 11:49:47 GMT
widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html
platform.twitter.com/widgets/ Frame 468A 		320 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwww.walla.co.il
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BB8) /
Resource Hash
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
418805
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105435
Content-Type
text/html; charset=utf-8
Date
Wed, 02 Aug 2023 11:49:47 GMT
Etag
"95e1b50b0c179aefb47b5b211bb347b5+gzip"
Last-Modified
Tue, 24 Jan 2023 21:41:13 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (amb/6BB8)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ
dmp-main.js
tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/ 		221 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/dmp-main.js
Requested by
Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/dmp-provider.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.219.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-219-86.ams54.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash
52d4d3b3926d9a304dbf75982d78cb25f5242c4a2e87906724f0db762d87ff01

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 12:30:36 GMT
content-encoding
br
via
1.1 23776effa8a63b2e2dccd702e73b0c86.cloudfront.net (CloudFront)
server
nginx/1.20.0
x-amz-cf-pop
AMS54-C1
age
83951
vary
Accept-Encoding,Origin
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
x-amz-cf-id
89_PZzEvbZQMHCKzctaSLIJH0yOZgj1-RHjnz-lpmcMZp9LwTdNQWw==
json
pro.ip-api.com/ 		20 B
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pro.ip-api.com/json?key=ay3FPSS6OcBXPHg&fields=countryCode
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/2415_1964ea1482fc9bb00b2a_1964ea1482fc9bb00b2a_walla.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS
de-fra-1.pro.ip-api.com
Software
/
Resource Hash
f37d1ad4ff54c0819a950c6bf692c4294e593e2df41f3ad3f2cd11d281ebead0

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 02 Aug 2023 11:49:47 GMT
Content-Length
20
Content-Type
application/json; charset=utf-8
3452_28c1808d0814a46feaca_28c1808d0814a46feaca_walla.js
www.walla.co.il/public/ 		123 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/3452_28c1808d0814a46feaca_28c1808d0814a46feaca_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/main_570878f1c34a63f3c703_570878f1c34a63f3c703_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
6dba6e329dfb9cefab40d65bd87209b0f98f585e82f455bff4ffb75e99573a23

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:47 GMT
content-encoding
gzip
via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
last-modified
Wed, 02 Aug 2023 11:14:31 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"1eb65-189b5f4ddd8"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
PKHOpAKQgTuBFJL96NNFeUFL9CxHA65hjXPTNFnLqPMqLkWYy657SA==
x-cached
HIT
PikudInner_2e1eca4b5cb115902ee9_2e1eca4b5cb115902ee9_walla.js
www.walla.co.il/public/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/PikudInner_2e1eca4b5cb115902ee9_2e1eca4b5cb115902ee9_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/main_570878f1c34a63f3c703_570878f1c34a63f3c703_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
55e1bb5ac96493124163d21acdc1a9e620d826d6654f94a9fab30cd8a648c0b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:47 GMT
content-encoding
gzip
via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
last-modified
Wed, 02 Aug 2023 11:14:31 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"cfe-189b5f4ddd8"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
0oC0Zf_mpPLDM22drSgLzrf4zEpZ_1-uDibaiRJopGoFkVziJd-53w==
x-cached
MISS
load.js
pm-widget.taboola.com/wallail-walla/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pm-widget.taboola.com/wallail-walla/load.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/wallail-walla/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ef9f4e5595c87f7bab17859c9e649bc27a66aae8e407d0c72b179a336f6be282

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id
Nc3GQX_FPWE4JJa4d6ElLMboprgduwrj
content-encoding
gzip
via
1.1 varnish
date
Wed, 02 Aug 2023 11:49:47 GMT
x-amz-request-id
X4847TPR9PNHCBV4
age
1108
x-cache
HIT
fastly-restarts
1
x-amz-id-2
73VtQszz6KZNpC0lNAFh+u4hZNP8e6kX5HPQrwANnZ6yyKeSZ+ZJr8qg+kyzSH/UsQwbQiQRUO0=
x-served-by
cache-cph2320025-CPH
content-length
1107
last-modified
Tue, 18 Apr 2023 12:24:46 GMT
server
AmazonS3
x-timer
S1690976988.656928,VS0,VE1
etag
"ba233cf579e81e13395451d440481864"
vary
Accept-Encoding,
content-type
application/javascript; charset=utf-8
cache-control
max-age=3600
accept-ranges
bytes
x-cache-hits
1
impl.20230731-6-RELEASE.js
cdn.taboola.com/libtrc/ 		790 KB
164 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20230731-6-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/wallail-walla/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
893b8c01f38f7d5ba1525463505f7c6301efdf0cd7489f1e5d35e89553cb3799

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id
Ex.K7FFozEmS_WDLe_IOzXVJF5RsvOX7
content-encoding
br
via
1.1 varnish
date
Wed, 02 Aug 2023 11:49:47 GMT
x-amz-request-id
8VP3NH7EFFP8DN04
age
8825
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
167366
x-amz-id-2
H7MDiioYlgcmftljF2SRnaWBEU3rkMz/MPoYlXHsuB/4K0nTc73F9g/P8LCFqjhy0hgjdJFSsJE=
x-served-by
cache-cph2320025-CPH
last-modified
Mon, 31 Jul 2023 09:22:39 GMT
server
AmazonS3-br
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1690976988.650874,VS0,VE0
etag
"16731059c2be671607df18f11e63f027"
vary
Accept-Encoding
content-type
application/javascript
abp
86
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
536
2323
dal.walla.co.il/editor/ 		7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dal.walla.co.il/editor/2323?from=www.walla.co.il
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/2415_1964ea1482fc9bb00b2a_1964ea1482fc9bb00b2a_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.219.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-219-97.ams54.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
98170f42a67dfc5eaba4006c5070ceb7898869e05dd4e99c4b79607ca44c5cd2

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:17 GMT
content-encoding
gzip
via
1.1 b619a16f6f8fe9793bf642d2a8434284.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS54-C1
age
30
x-srkey
9ca383bf7f5c06689b373a08cfd03266
x-cache
Hit from cloudfront
x-cached
HIT
pragma
cache
server
openresty/1.15.8.1
x-speed
0.0345940590
vary
Accept-Encoding
x-hostname
6b64c09fac30
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
x-ip-x
74.101.99.112, 64.252.66.189
x-ip-r
10.30.21.128
cache-control
max-age=60
x-amz-cf-id
zLFyEo1VaEqVVNAZm-igi-niry15Q1Q_XJ6bQtZlnPOqSRcIz_PNLg==
expires
Wed, 02 Aug 2023 11:49:41 GMT
7309_9e237d99c75cf4f9de9e_9e237d99c75cf4f9de9e_walla.js
www.walla.co.il/public/ 		44 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/7309_9e237d99c75cf4f9de9e_9e237d99c75cf4f9de9e_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/main_570878f1c34a63f3c703_570878f1c34a63f3c703_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
02b9a34773ec700d23a92657536ca41b37bdd6012f2604ed935ebc25b5cbccd0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:47 GMT
content-encoding
gzip
via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
last-modified
Wed, 02 Aug 2023 11:14:31 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"ae04-189b5f4ddd8"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
zjO9Zy0J3fPcZwIYVjYQovG1XCXXx_fDHRqyzhwakGkeoikVOzoCRA==
x-cached
MISS
player.html
www.walla.co.il/public/ Frame 0EA1 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/player.html?autoplay=true&imaAdUnit=43010785%2Fwallanews%2Fmain%2Fpre_desktop&imaKeyValues=%7B%22app_name%22%3Afalse%2C%22providerId%22%3A0%2C%22item_id%22%3A0%2C%22vertical_id%22%3A173%2C%22vertical_name%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94%22%2C%22category_id%22%3A0%2C%22item_type%22%3A%22%22%2C%22exclusive%22%3A%22not%22%2C%22login%22%3A%22no%22%2C%22isMobileApp%22%3Afalse%7D&muted=true&player=walla&stream=https%3A%2F%2Fcdn-uw2-prod.tsv2.amagi.tv%2Flinear%2Famg01742-walla-wallanews-ono%2Fplaylist.m3u8&url=https%3A%2F%2Fwww.walla.co.il%2F&ver=2023
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/2415_1964ea1482fc9bb00b2a_1964ea1482fc9bb00b2a_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
359771d066a0d128f3cd23649852281933721b7af09cd672b096fbdc6fae98b2

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=2592000
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 02 Aug 2023 11:49:47 GMT
etag
W/"b90-189b5f4ddd8"
last-modified
Wed, 02 Aug 2023 11:14:31 GMT
server
openresty/1.15.8.1
vary
Accept-Encoding
via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
x-amz-cf-id
mZ1aG3wgkJma5bKrrTRCcA_kcOX5ZpX83ZLZikCnHHQ65NEPDL2teQ==
x-amz-cf-pop
FRA2-C1
x-cache
Miss from cloudfront
x-cached
MISS
video.webp
www.walla.co.il/public/assets/icons/homepage3/ 		930 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/homepage3/video.webp
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
8cce178d2af1945d796fb0f59a956e2d51086ed8d5dd8152efc951c05ecf1f6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:47 GMT
via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
last-modified
Wed, 02 Aug 2023 11:11:57 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"3a2-189b5f28448"
x-cache
Miss from cloudfront
content-type
image/webp
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
930
x-cached
HIT
x-amz-cf-id
8B7MSaVN4Xx9oMAN8ye3gD-k0YWzCqR-N-me6atBGv6H-r4uRZg0fw==
1626_f5f3b35c90a142b6399c_f5f3b35c90a142b6399c_walla.js
www.walla.co.il/public/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/1626_f5f3b35c90a142b6399c_f5f3b35c90a142b6399c_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/main_570878f1c34a63f3c703_570878f1c34a63f3c703_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
b3eac0550b379114427c1361eccd17319ca02132838d4f93b2d39666c2ba53a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:47 GMT
content-encoding
gzip
via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
last-modified
Wed, 02 Aug 2023 11:14:31 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"c35-189b5f4ddd8"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
DjccOsCspJAp4I3LTWGUnpOR9cvI2AXoT4AXtcUbT27E-m0BkGqQNw==
x-cached
MISS
close.png
www.walla.co.il/public/assets/ads/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/ads/close.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
526570790fb55c7376917efb0561bac7302c8946d3cfb0daf15e3669c6ee1ee5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:47 GMT
via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
last-modified
Wed, 02 Aug 2023 11:11:57 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"46c-189b5f28448"
x-cache
Miss from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
1132
x-cached
MISS
x-amz-cf-id
AUnpbSYMEUXr00K_OdjO2p5Cb-xJuaiwBdArwEQyfpgmRs1eITdwHw==
3277672-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/2/7/7/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/2/7/7/3277672-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
ff1c52f99eac10c8308421f138f6220b2efb8dbb3627e48a694a0d49170fff3b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 03:33:42 GMT
via
1.1 google
age
29765
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43916
3579630-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/5/7/9/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/5/7/9/3579630-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
e95eb0ba4673316cb69bd8c40117241231ed026963e9cb5bd3b877308f8d8763

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:06:36 GMT
via
1.1 google
age
2591
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7672
3579494-46.jpeg
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/5/7/9/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/5/7/9/3579494-46.jpeg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
f6473010cd957f90c8cd325638af7ca00d5fc3375d74dff6df8b99df4b7eb3b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 10:16:30 GMT
via
1.1 google
age
5597
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4490
3576738-46.jpeg
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/5/7/6/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/5/7/6/3576738-46.jpeg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
6e280428a44bc882ae26b470a2db85b137a53cbc4dbc44e29f83b813f66cb22c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 08:12:12 GMT
via
1.1 google
age
13055
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6252
3573571-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/5/7/3/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/5/7/3/3573571-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
e2bd61e16123fb9afc53c76006634fa509a1a41547523f66f07e562e72926efb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 07:35:49 GMT
via
1.1 google
age
15238
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7710
init.74946084e8628b267740.js
web-sdk.smartlook.com/es6/ 		61 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://web-sdk.smartlook.com/es6/init.74946084e8628b267740.js
Requested by
Host: web-sdk.smartlook.com
URL: https://web-sdk.smartlook.com/recorder.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
d5c2f46f6fa1c65285c59762ea527a94eae3baa7e84969e11dcc2b8000bc79dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000

Request headers

Referer
https://www.walla.co.il/
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Wed, 02 Aug 2023 11:49:47 GMT
strict-transport-security
max-age=31536000, max-age=31536000
content-encoding
gzip
x-cache
HIT
x-77-cache
HIT
cross-origin-resource-policy
cross-origin
x-age
5214
x-accel-date
1690971773
x-77-nzt
AcO1qhE+PYz/XhQAAA
x-accel-expires
@1722507773
last-modified
Wed, 02 Aug 2023 09:33:40 GMT
server
CDN77-Turbo
etag
W/"64ca22f4-f2aa"
x-77-nzt-ray
4c156224c3e9c8dcdb42ca64e89b9b2a
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
170717926997655
connect.facebook.net/signals/config/ 		378 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/170717926997655?v=2.9.120&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4db5d5660210b1bc58a19565f20f97404656f988862ee06b4e3578c5a3b8085b
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 02 Aug 2023 11:49:47 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
110316
x-xss-protection
0
pragma
public
x-fb-debug
grN7UmHbpgScm8WZhCrB4AU/F14fHFI7rS8qIET0KUeVS52PD5QCoKPijx5lSCBw3Jy7sPlV7aO885bYY7C8tA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
349 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-4780630-1&cid=2119126147.1690976987&jid=1864989507&gjid=1622475021&_gid=1300387108.1690976987&_u=aEBAAEAAEAAAACAAI~&z=1799521993
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c02::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 02 Aug 2023 11:49:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
settings
syndication.twitter.com/ Frame 468A 		869 B
659 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=a2f8f77a79481907677737f6c02820751292fe5b
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwww.walla.co.il
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.72 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-response-time
114
date
Wed, 02 Aug 2023 11:49:47 GMT
content-encoding
gzip
strict-transport-security
max-age=631138519
last-modified
Wed, 02 Aug 2023 11:49:47 GMT
server
tsa_o
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
x-transaction-id
c60c734175b059d1
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
perf
7626143928
x-connection-hash
a9108acdc4da179f2365d6b179073c7353c30bdd873389838c858b5671ef1707
content-length
337
3933_4af9f32aa5600d50a1e5_4af9f32aa5600d50a1e5_walla.js
www.walla.co.il/public/ Frame 0EA1 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/3933_4af9f32aa5600d50a1e5_4af9f32aa5600d50a1e5_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/player.html?autoplay=true&imaAdUnit=43010785%2Fwallanews%2Fmain%2Fpre_desktop&imaKeyValues=%7B%22app_name%22%3Afalse%2C%22providerId%22%3A0%2C%22item_id%22%3A0%2C%22vertical_id%22%3A173%2C%22vertical_name%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94%22%2C%22category_id%22%3A0%2C%22item_type%22%3A%22%22%2C%22exclusive%22%3A%22not%22%2C%22login%22%3A%22no%22%2C%22isMobileApp%22%3Afalse%7D&muted=true&player=walla&stream=https%3A%2F%2Fcdn-uw2-prod.tsv2.amagi.tv%2Flinear%2Famg01742-walla-wallanews-ono%2Fplaylist.m3u8&url=https%3A%2F%2Fwww.walla.co.il%2F&ver=2023
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
0cbdcc7e5bc4af4fa7963965c349288c941fddde011311ab6e16a70a98df7dc4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/public/player.html?autoplay=true&imaAdUnit=43010785%2Fwallanews%2Fmain%2Fpre_desktop&imaKeyValues=%7B%22app_name%22%3Afalse%2C%22providerId%22%3A0%2C%22item_id%22%3A0%2C%22vertical_id%22%3A173%2C%22vertical_name%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94%22%2C%22category_id%22%3A0%2C%22item_type%22%3A%22%22%2C%22exclusive%22%3A%22not%22%2C%22login%22%3A%22no%22%2C%22isMobileApp%22%3Afalse%7D&muted=true&player=walla&stream=https%3A%2F%2Fcdn-uw2-prod.tsv2.amagi.tv%2Flinear%2Famg01742-walla-wallanews-ono%2Fplaylist.m3u8&url=https%3A%2F%2Fwww.walla.co.il%2F&ver=2023
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:46 GMT
content-encoding
gzip
via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
last-modified
Wed, 02 Aug 2023 11:14:31 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
age
1
etag
W/"307b-189b5f4ddd8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
b6WTZDZPcc1VFqVMNWv678bJ9pgfb4bNONw-drmDf6R6Wz55LkJehw==
x-cached
MISS
9330_f4446c29729bfb4db823_f4446c29729bfb4db823_walla.js
www.walla.co.il/public/ Frame 0EA1 		725 KB
199 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/9330_f4446c29729bfb4db823_f4446c29729bfb4db823_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/player.html?autoplay=true&imaAdUnit=43010785%2Fwallanews%2Fmain%2Fpre_desktop&imaKeyValues=%7B%22app_name%22%3Afalse%2C%22providerId%22%3A0%2C%22item_id%22%3A0%2C%22vertical_id%22%3A173%2C%22vertical_name%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94%22%2C%22category_id%22%3A0%2C%22item_type%22%3A%22%22%2C%22exclusive%22%3A%22not%22%2C%22login%22%3A%22no%22%2C%22isMobileApp%22%3Afalse%7D&muted=true&player=walla&stream=https%3A%2F%2Fcdn-uw2-prod.tsv2.amagi.tv%2Flinear%2Famg01742-walla-wallanews-ono%2Fplaylist.m3u8&url=https%3A%2F%2Fwww.walla.co.il%2F&ver=2023
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
795a830b0b31bbb525291b12e54586cc1a04986b913e6354a10cf03a17189e2d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/public/player.html?autoplay=true&imaAdUnit=43010785%2Fwallanews%2Fmain%2Fpre_desktop&imaKeyValues=%7B%22app_name%22%3Afalse%2C%22providerId%22%3A0%2C%22item_id%22%3A0%2C%22vertical_id%22%3A173%2C%22vertical_name%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94%22%2C%22category_id%22%3A0%2C%22item_type%22%3A%22%22%2C%22exclusive%22%3A%22not%22%2C%22login%22%3A%22no%22%2C%22isMobileApp%22%3Afalse%7D&muted=true&player=walla&stream=https%3A%2F%2Fcdn-uw2-prod.tsv2.amagi.tv%2Flinear%2Famg01742-walla-wallanews-ono%2Fplaylist.m3u8&url=https%3A%2F%2Fwww.walla.co.il%2F&ver=2023
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:47 GMT
content-encoding
gzip
via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
last-modified
Wed, 02 Aug 2023 11:14:31 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"b558b-189b5f4ddd8"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
iI64KAv89-cZO6QmsEhKYW9KYFPnNB2VL7K6otgZAPAlggF7KFsyHg==
x-cached
HIT
player_445607a52df06e395055_445607a52df06e395055_walla.js
www.walla.co.il/public/ Frame 0EA1 		30 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/player_445607a52df06e395055_445607a52df06e395055_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/player.html?autoplay=true&imaAdUnit=43010785%2Fwallanews%2Fmain%2Fpre_desktop&imaKeyValues=%7B%22app_name%22%3Afalse%2C%22providerId%22%3A0%2C%22item_id%22%3A0%2C%22vertical_id%22%3A173%2C%22vertical_name%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94%22%2C%22category_id%22%3A0%2C%22item_type%22%3A%22%22%2C%22exclusive%22%3A%22not%22%2C%22login%22%3A%22no%22%2C%22isMobileApp%22%3Afalse%7D&muted=true&player=walla&stream=https%3A%2F%2Fcdn-uw2-prod.tsv2.amagi.tv%2Flinear%2Famg01742-walla-wallanews-ono%2Fplaylist.m3u8&url=https%3A%2F%2Fwww.walla.co.il%2F&ver=2023
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
d5cd01e2ad16f34488c095f6c25f3c891c6a29419368f96fba0b28cab42789f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/public/player.html?autoplay=true&imaAdUnit=43010785%2Fwallanews%2Fmain%2Fpre_desktop&imaKeyValues=%7B%22app_name%22%3Afalse%2C%22providerId%22%3A0%2C%22item_id%22%3A0%2C%22vertical_id%22%3A173%2C%22vertical_name%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94%22%2C%22category_id%22%3A0%2C%22item_type%22%3A%22%22%2C%22exclusive%22%3A%22not%22%2C%22login%22%3A%22no%22%2C%22isMobileApp%22%3Afalse%7D&muted=true&player=walla&stream=https%3A%2F%2Fcdn-uw2-prod.tsv2.amagi.tv%2Flinear%2Famg01742-walla-wallanews-ono%2Fplaylist.m3u8&url=https%3A%2F%2Fwww.walla.co.il%2F&ver=2023
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:47 GMT
content-encoding
gzip
via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
last-modified
Wed, 02 Aug 2023 11:14:31 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"7724-189b5f4ddd8"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
VxAOh2jiB5jFXe51C6Mcxk4pWCMXWVBJd_7_R02Aqa3PvWapsSCaIg==
x-cached
MISS
/
www.google.com/pagead/1p-user-list/11170679829/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/11170679829/?random=1690976987086&cv=11&fst=1690974000000&bg=ffffff&guid=ON&async=1&gtm=45be37v0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.walla.co.il%2F&frm=0&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1000935356&rmt_tld=0&ipr=y
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:47 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/11170679829/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/11170679829/?random=1690976987086&cv=11&fst=1690974000000&bg=ffffff&guid=ON&async=1&gtm=45be37v0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.walla.co.il%2F&frm=0&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1000935356&rmt_tld=1&ipr=y
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:47 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js?cb=31076660
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
1c54b9d1b579c59f8245fd21a021725c0dbde06ec90f44df1bbc03458f40dfe8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:47 GMT
via
1.1 google, 1.1 google
last-modified
Wed, 05 Jul 2023 19:08:57 GMT
server
Google Frontend
etag
6c49a4094d9a446bdc7fe3d19d23b4c7
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
641693fc3e556234fc82ee4ffad7f491
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1311
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js?cb=31076660
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-68.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 02:34:21 GMT
content-encoding
gzip
via
1.1 5ab5e654a3dc7079aad7ac64ec697d82.cloudfront.net (CloudFront)
last-modified
Wed, 31 May 2023 20:34:33 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
33327
x-amz-server-side-encryption
AES256
etag
W/"550ead3a95bd6cfcd917d45c5f8f4553"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
6-Mv2UjzgFI_oJlvnDQUqd2lZG9zTlC85UL6U3TnSMsL9-wsFEZwaw==
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js?cb=31076660
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:c000:a:e047:753:be1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id
null
Date
Wed, 02 Aug 2023 02:42:23 GMT
Via
1.1 baa5702f7bd64fcbae1e3bd950d9a244.cloudfront.net (CloudFront)
Last-Modified
Thu, 04 May 2023 00:14:06 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA6-C1
Age
37402
x-amz-server-side-encryption
AES256
ETag
"4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1858
X-Amz-Cf-Id
xnZUI3uAkwxS6hTW5fGEn67ftrBMqgH-ZnXWYkUM-Qkmk6rsqHtEZQ==
esp.js
cdn.id5-sync.com/api/1.0/ 		102 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js?cb=31076660
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4924e12a30059184d9bd1c36294dcdf957f5f2da452209448b35a93aa785cca5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:47 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 22 Jun 2023 08:35:03 GMT
server
cloudflare
x-amz-request-id
KQFF0FWPP4C17CP6
age
2950
etag
W/"9b8b8eb50e4814cbdc325ce477c96910"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7f06197e198c37c6-FRA
x-amz-id-2
8HczqSS59NC5+bMgvklOJToJ5CbRskupftalLHCw5wQPI4bAuQkMqhcD6kfepdHSTAjOpZlv/QM=
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js?cb=31076660
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
11443
x-jsd-version
master
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230037-FRA, cache-yyz4557-YYZ
x-jsd-version-type
branch
server
cloudflare
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MeXMj5E9QuFwio%2F3V8dnm0q%2FjbjlID%2BVw6roUK7GtgEPCmIQhSUDRexdAb%2FovxqxvgI5BYHIN93Cv%2BRp2Br33o9sZzfuiL%2BHW8D%2BP2DUPOIEoXTV8zEdnH53MQqIYxfgMWgGGtBv4NZaTGNzmqk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7f06197e1f1e9052-FRA
publishertag.ids.js
static.criteo.net/js/ld/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js?cb=31076660
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b118568858df50612fa3591132d6d6bb41ddf00f8c74ad8cccd16e5510691aad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:47 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Jul 2023 13:25:47 GMT
server
nginx
etag
W/"64ad585b-a980"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 03 Aug 2023 11:49:47 GMT
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js?cb=31076660
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 02:29:26 GMT
content-encoding
gzip
age
465621
x-guploader-uploadid
ADPycdtgQcQ5-IXNGnj-bizVFPypnO5rWXUHHepVnzEiAeMz7KZUZ57OqZuzfW-lDA7aFwUvM3c09LWW8P8XbazHPZIusw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Sat, 27 Jul 2024 02:29:26 GMT
ob.js
cdn-ima.33across.com/ 		40 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ob.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js?cb=31076660
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.112 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca372f1d4ced7e2a37e83eb5b880159ba569a4fbf613b9cc2894a6c8726c13f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:47 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 20 Jul 2023 17:46:36 GMT
server
cloudflare
age
62469
etag
W/"64b972fc-a13f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86400
cf-ray
7f06197e295e9bf4-FRA
expires
Thu, 03 Aug 2023 11:49:47 GMT
collect
region1.google-analytics.com/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-RYD7X7E8VN&gtm=45je37v0&_p=144338807&cid=2119126147.1690976987&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dp=%2F&sid=1690976987&sct=1&seg=0&dl=https%3A%2F%2Fwww.walla.co.il%2F&dt=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D%20%D7%A9%D7%95%D7%98%D7%A4%D7%99%D7%9D&en=page_view&_fv=1&_ss=1&ep.ga_client_id=&epn.vertical_id=173&ep.vertical_name=%D7%95%D7%95%D7%90%D7%9C%D7%94&ep.category_id=&ep.item_id=&ep.item_type=&ep.item_publication_date=&ep.item_last_update=&ep.content_provider=&ep.item_title=&ep.item_author=&ep.hostname=walla.co.il&ep.item_sections_words_count=&ep.tags=&ep.editor=
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RYD7X7E8VN&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:47 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-TSQY5YTYZ0&gtm=45je37v0&_p=144338807&cid=2119126147.1690976987&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1690976987&sct=1&seg=0&dl=https%3A%2F%2Fwww.walla.co.il%2F&dt=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D%20%D7%A9%D7%95%D7%98%D7%A4%D7%99%D7%9D&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TSQY5YTYZ0&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:47 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-conversion/777956447/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/777956447/?random=844805792&cv=11&fst=1690976987202&bg=ffffff&guid=ON&async=1&gtm=45He37v0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.w...
  • https://www.google.com/pagead/1p-conversion/777956447/?random=844805792&cv=11&fst=1690976987202&bg=ffffff&guid=ON&async=1&gtm=45He37v0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.walla.co.il%2F&label=m...
  • https://www.google.de/pagead/1p-conversion/777956447/?random=844805792&cv=11&fst=1690976987202&bg=ffffff&guid=ON&async=1&gtm=45He37v0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.walla.co.il%2F&label=mZ...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/777956447/?random=844805792&cv=11&fst=1690976987202&bg=ffffff&guid=ON&async=1&gtm=45He37v0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.walla.co.il%2F&label=mZWsCNeTj4sYEN_Y-vIC&hn=www.googleadservices.com&frm=0&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D&value=0&auid=1150359355.1690976987&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOFAybnBnWVFyNDdXamNYaWpiZGFFaVlBQkdxMlB2SVJDbWJLdGpCSUZsSVF4Ukcyei0ydjVWYzloYm9WTHRKR0s3WkpJNTFtS1EaWkNoRUk4UDJucGdZUXBMRFQyX3FNN2ZqZEFSSXVBTlpQRjJ0eGswU3lYY2RIRjFlODdVbUppWmRpSERnMExLTlpMajB1NUYxdDRHYUR5eG5iNUhPUVk5NHMtdyITCIf0mpX0vYADFTDTOwIdGFMECQ&is_vtc=1&ocp_id=20LKZMeaErCm78EPmKaRSA&cid=CAQSKQBpAlJWoq2Quqb607BvHsW0WpD1Q_PUsET9C7V753fG8NINf2uoDe3T&eitems=ChEI8P2npgYQ0rj6l7-EhvnvARIdAPvj3UPohDMevj36mm48F-imBFfmPZfbYHybZW4&random=4044450528&ipr=y
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:48 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:48 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.de/pagead/1p-conversion/777956447/?random=844805792&cv=11&fst=1690976987202&bg=ffffff&guid=ON&async=1&gtm=45He37v0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.walla.co.il%2F&label=mZWsCNeTj4sYEN_Y-vIC&hn=www.googleadservices.com&frm=0&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D&value=0&auid=1150359355.1690976987&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOFAybnBnWVFyNDdXamNYaWpiZGFFaVlBQkdxMlB2SVJDbWJLdGpCSUZsSVF4Ukcyei0ydjVWYzloYm9WTHRKR0s3WkpJNTFtS1EaWkNoRUk4UDJucGdZUXBMRFQyX3FNN2ZqZEFSSXVBTlpQRjJ0eGswU3lYY2RIRjFlODdVbUppWmRpSERnMExLTlpMajB1NUYxdDRHYUR5eG5iNUhPUVk5NHMtdyITCIf0mpX0vYADFTDTOwIdGFMECQ&is_vtc=1&ocp_id=20LKZMeaErCm78EPmKaRSA&cid=CAQSKQBpAlJWoq2Quqb607BvHsW0WpD1Q_PUsET9C7V753fG8NINf2uoDe3T&eitems=ChEI8P2npgYQ0rj6l7-EhvnvARIdAPvj3UPohDMevj36mm48F-imBFfmPZfbYHybZW4&random=4044450528&ipr=y
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/964224610/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/964224610/?random=1690976987843&cv=9&fst=1690976987843&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.walla.co.il%2F&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8f64ba588cf6d908d3aa14724b4e34ccce4e6d6eb29e5767839659b766e11981
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:47 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1442
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adoric.v9.min.css
static.adoric.com/ 		163 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.adoric.com/adoric.v9.min.css
Requested by
Host: 12890047.adoric-om.com
URL: https://12890047.adoric-om.com/adoric.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ecf4282b8bf7972fef393a13e12bf34447d1020801384e2ce514e7013b0e653

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:47 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
139
x-guploader-uploadid
ADPycdt_vT--1w6tzpin7tIMAvMz-J_84sz-d8apFWBZv49SmQ2TiKhiUbHytALOFwQji8ZAw5k1Aja6wiMWZ_nMVcGdPA
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 27 Jul 2023 12:50:58 GMT
server
cloudflare
etag
W/"2a08f190e2ba4887ce2a7c8a2178a2df"
vary
Accept-Encoding
x-goog-hash
crc32c=VyNHLw==, md5=KgjxkOK6SIfOKnyKIXii3w==
x-goog-generation
1690462258129040
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E6jlgxhx6NN0ml660M45SeRBlJNW0bWvJqk3xe2Zya8XO27zbHeuF%2BxEf0KUmyDQvkFiLkWkcdTApC%2FsdpfmVXbHtgfwq%2B9Twwpm%2Bl0jBzwkG0l21FylZmbuuFZXxW79uKk6k%2B0DAGEDSBTVRZp19g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
13762
cf-ray
7f06197eaa502c2e-FRA
expires
Wed, 02 Aug 2023 11:52:23 GMT
/
app.adoric-om.com/v1/campaigns/ 		746 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.adoric-om.com/v1/campaigns/?u=9cf2e1a44ca72a3fec13c925568a4883&l=en&cc=0&b=chrome&os=win&h=https%3A%2F%2Fwww.walla.co.il%2F&d=desktop&lsps=0&pd=A&nv=true&tz=0&cIds=%5B%5D
Requested by
Host: 12890047.adoric-om.com
URL: https://12890047.adoric-om.com/adoric.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.218.58 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
58.218.120.34.bc.googleusercontent.com
Software
/
Resource Hash
d182f478bc4a639270ddb0e6eca77f38efe03edd4162395bfdf6a5441f19fc6e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
date
Wed, 02 Aug 2023 11:49:47 GMT
x-content-type-options
nosniff
via
1.1 google
x-dns-prefetch-control
off
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
746
x-xss-protection
1; mode=block
x-adoric-api-version
9.0.1
etag
W/"2ea-mYVjEx7MZXRRIyIqGokXTn53ZWU"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
access-control-allow-credentials
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Credentials
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-4780630-1&cid=2119126147.1690976987&jid=1864989507&_u=aEBAAEAAEAAAACAAI~&z=1972496124
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-4780630-1&cid=2119126147.1690976987&jid=1864989507&_u=aEBAAEAAEAAAACAAI~&z=1972496124
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230802
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1690934400000
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91db1e1d3a016da0ff257d8d7d5a83137152fdb169ba28ba9f5cbf60f2381fe9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 02 Aug 2023 11:49:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
28141
x-jsd-version
1.0.1769
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230103-FRA, cache-bma1651-BMA
x-jsd-version-type
version
server
cloudflare
etag
W/"637-frkR6lm3hSrNLF/sHLco7vS2FwQ"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZlRJs3QBqPDyleZiyNOF%2FV506NFddjdQuOPlxemhj7zRBR5qL%2B7GOwy8OFQpGBBqfWezU8mlcS%2Fb8yBDTQuvydxOniNlowaODCmizSD9cUBU%2FoInflaJWUM43h1etYt2Yli7cxPKZDx8og0NB4E%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7f06197e8df13642-FRA
localstore.js
script.4dex.io/ 		483 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1690934400000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Wed, 02 Aug 2023 11:49:47 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Tue, 06 Jun 2023 12:52:55 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
2240728
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=va8BUVUyMLn1GV4toN2JS3llELnhZOhxRJ%2BC50VmIxWwSlmTzMd9kjD24IXSzz5bgFnY%2FkFx36%2BhTR8TbT45vA%2By2Qw9%2FXSF9ot4ypemeqWQJXojOC7OKo2%2Bc%2FI64H8BX4%2B2m531bTimhtzN"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
7f06197edf601970-FRA
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 		0
149 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1690934400000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fa8:8806:20::2100 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.walla.co.il
pragma
no-cache
date
Wed, 02 Aug 2023 11:49:48 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
expires
0
2214040
bs.yandex.ru/prebid/ 		0
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bs.yandex.ru/prebid/2214040?imp-id=1&target-ref=www.walla.co.il&ssp-id=10500&ssp-cur=USD
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1690934400000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:48 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 02 Aug 2023 11:49:48 GMT
uniformat
true
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://www.walla.co.il
content-type
application/json; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
content-length
0
uniformat-product-type
None
x-xss-protection
1; mode=block
expires
Wed, 02 Aug 2023 11:49:48 GMT
2214040
bs.yandex.ru/prebid/ 		0
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bs.yandex.ru/prebid/2214040?imp-id=1&target-ref=www.walla.co.il&ssp-id=10500&ssp-cur=USD
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1690934400000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:48 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 02 Aug 2023 11:49:48 GMT
uniformat
true
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://www.walla.co.il
content-type
application/json; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
content-length
0
uniformat-product-type
None
x-xss-protection
1; mode=block
expires
Wed, 02 Aug 2023 11:49:48 GMT
2214040
bs.yandex.ru/prebid/ 		0
421 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bs.yandex.ru/prebid/2214040?imp-id=1&target-ref=www.walla.co.il&ssp-id=10500&ssp-cur=USD
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1690934400000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:48 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 02 Aug 2023 11:49:48 GMT
uniformat
true
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://www.walla.co.il
content-type
application/json; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
content-length
0
uniformat-product-type
None
x-xss-protection
1; mode=block
expires
Wed, 02 Aug 2023 11:49:48 GMT
2214040
bs.yandex.ru/prebid/ 		0
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bs.yandex.ru/prebid/2214040?imp-id=1&target-ref=www.walla.co.il&ssp-id=10500&ssp-cur=USD
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1690934400000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:48 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 02 Aug 2023 11:49:48 GMT
uniformat
true
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://www.walla.co.il
content-type
application/json; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
content-length
0
uniformat-product-type
None
x-xss-protection
1; mode=block
expires
Wed, 02 Aug 2023 11:49:48 GMT
2214040
bs.yandex.ru/prebid/ 		0
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bs.yandex.ru/prebid/2214040?imp-id=1&target-ref=www.walla.co.il&ssp-id=10500&ssp-cur=USD
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1690934400000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:48 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 02 Aug 2023 11:49:48 GMT
uniformat
true
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://www.walla.co.il
content-type
application/json; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
content-length
0
uniformat-product-type
None
x-xss-protection
1; mode=block
expires
Wed, 02 Aug 2023 11:49:48 GMT
translator
hbopenbid.pubmatic.com/ 		0
113 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1690934400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.walla.co.il
date
Wed, 02 Aug 2023 11:49:48 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ 		380 B
897 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=9&alt_size_ids=8&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.domain=walla.co.il&tg_i.page=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.pbadslot=43010785%2Fwallanews%2Fmain%2Fskyscraper_desktop&tk_flint=pbjs_lite_v8.5.0&l_pb_bid_id=26fc15510951f2e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Fmain%2Fskyscraper_desktop&slots=1&rand=0.3559412419982573
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1690934400000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::44 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
73f1fabecfcc042f6fae535add4ebef47bc1ce579375f2374f4ddfbb1ca4f673

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:48 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
380
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		377 B
720 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=2&alt_size_ids=55%2C57&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.domain=walla.co.il&tg_i.page=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.pbadslot=43010785%2Fwallanews%2Fmain%2Ftop_desktop&tk_flint=pbjs_lite_v8.5.0&l_pb_bid_id=276b351268a3f74&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Fmain%2Ftop_desktop&slots=1&rand=0.1399555807491213
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1690934400000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::44 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
461115fd9b3f8467130edbf4925cec1642e5a618edfce50a4822472d066991ed

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:48 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
377
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		365 B
708 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=15&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.domain=walla.co.il&tg_i.page=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.pbadslot=43010785%2Fwallanews%2Fmain%2Frectangle_hp3_desktop&tk_flint=pbjs_lite_v8.5.0&l_pb_bid_id=28cadf92bbff34a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Fmain%2Frectangle_hp3_desktop&slots=1&rand=0.6247193697626139
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1690934400000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::44 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
e22dac599cac42d62e365402826c06ff27c951788330b14a07046b0828598666

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:48 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
365
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		370 B
713 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=15&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.domain=walla.co.il&tg_i.page=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.pbadslot=43010785%2Fwallanews%2Fmain%2Fpremium_rectangle1_desktop&tk_flint=pbjs_lite_v8.5.0&l_pb_bid_id=29e88d8692cead&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Fmain%2Fpremium_rectangle1_desktop&slots=1&rand=0.0970342927300416
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1690934400000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::44 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
b1b4b9e3c6649d7edbc5429ccd5dac23804ae4b00f962f2bc3e799b6a0304a2c

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:48 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
370
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		366 B
709 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=15&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.domain=walla.co.il&tg_i.page=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.pbadslot=43010785%2Fwallanews%2Fmain%2Fyad2_rectangle_desktop&tk_flint=pbjs_lite_v8.5.0&l_pb_bid_id=30ff3eb7bad965&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Fmain%2Fyad2_rectangle_desktop&slots=1&rand=0.26639446757423424
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1690934400000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::44 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
fad60f8f97110470e488bdd7537487da13e8064a84df56ad9d98769b839f9778

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:48 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
366
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebidjs
rtb.openx.net/openrtbb/ 		53 B
258 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1690934400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
5fe4e4cc0eea4ffb607d0fa93af2d37504a7278361eb212e7a58c870c466dd8b

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 02 Aug 2023 11:49:48 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.walla.co.il
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
prebid
ib.adnxs.com/ut/v3/ 		594 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1690934400000
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
52ee32b27f94df028a6aee40831f88de1a49ebaeaacf58f69f7188f85b7bdfa3
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:48 GMT
content-encoding
gzip
an-x-request-uuid
a5e6b223-1ba9-404e-9f0a-37053bec3707
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
217.114.218.24; 217.114.218.24; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid-request
onetag-sys.com/ 		15 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1690934400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.walla.co.il
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
cdb
bidder.criteo.com/ 		0
194 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.5.0&cb=81010873033&lsavail=1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1690934400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.walla.co.il
date
Wed, 02 Aug 2023 11:49:47 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
hb
ssc.33across.com/api/v1/ 		66 B
330 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=cR0USG9OKr6ykwaKkv7mNO
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1690934400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
fc42a5746ed064ac32f39cfd040b703f65e1c6a31276289a41995e45c87d4ad0

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 02 Aug 2023 11:49:48 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://www.walla.co.il
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		66 B
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=cR0USG9OKr6ykwaKkv7mNO
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1690934400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
fc42a5746ed064ac32f39cfd040b703f65e1c6a31276289a41995e45c87d4ad0

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 02 Aug 2023 11:49:48 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://www.walla.co.il
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		66 B
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=cR0USG9OKr6ykwaKkv7mNO
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1690934400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
fc42a5746ed064ac32f39cfd040b703f65e1c6a31276289a41995e45c87d4ad0

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 02 Aug 2023 11:49:48 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://www.walla.co.il
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		66 B
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=cR0USG9OKr6ykwaKkv7mNO
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1690934400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
fc42a5746ed064ac32f39cfd040b703f65e1c6a31276289a41995e45c87d4ad0

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 02 Aug 2023 11:49:48 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://www.walla.co.il
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		66 B
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=cR0USG9OKr6ykwaKkv7mNO
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1690934400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
fc42a5746ed064ac32f39cfd040b703f65e1c6a31276289a41995e45c87d4ad0

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 02 Aug 2023 11:49:48 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://www.walla.co.il
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
545 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=715831
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1690934400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8bc4ce6c78f9cd603252404512ad07fc23c89a15c7a6dc0d049f2b431aa23c6

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:48 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=liTk2fsf1AAQVp0BsDjxOcn%2BSAFsF0ZlaCOGpQyaBs74hD2CR9Ru78NUb%2FBqJpuB5rCU2Iakv838P3CKUAPWJ3T216SvfKvgFL58am9kbRgbgpbnZNPBk5JbxZhLgy9%2F4LGCWg1e"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7f06197f1876381a-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
v1
prg.smartadserver.com/prebid/ 		171 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1690934400000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.135.209.97 Oignies, France, ASN16276 (OVH, FR),
Reverse DNS
ip97.ip-5-135-209.eu
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:47 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		171 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1690934400000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.135.209.97 Oignies, France, ASN16276 (OVH, FR),
Reverse DNS
ip97.ip-5-135-209.eu
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:47 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		10 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1690934400000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.135.209.97 Oignies, France, ASN16276 (OVH, FR),
Reverse DNS
ip97.ip-5-135-209.eu
Software
/
Resource Hash
c389d207da73b5d7be9fa49df70526c5dbf2d1063ba29341d76569b7505ef82b

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:48 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		10 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1690934400000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.135.209.97 Oignies, France, ASN16276 (OVH, FR),
Reverse DNS
ip97.ip-5-135-209.eu
Software
/
Resource Hash
bbf48c7d5cd81b2a68a89d00e0adba17b74f3c1eeeac398f24f7f63a9f27368b

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:47 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		171 B
562 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1690934400000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.135.209.97 Oignies, France, ASN16276 (OVH, FR),
Reverse DNS
ip97.ip-5-135-209.eu
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:48 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1690934400000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.walla.co.il
date
Wed, 02 Aug 2023 11:49:48 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
prebid
mp.4dex.io/ 		60 B
530 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1690934400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Wed, 02 Aug 2023 11:49:48 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Floors. 3 inventory rules not found for mediatype: banner and adUnitCode: adSlot-2, Process Seats Booster. unable to get the seat booster engine for organization: 1241
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7f06197f1a6e91e3-FRA
expires
0
auction
tlx.3lift.com/header/ 		19 B
543 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.5.0&referrer=https%3A%2F%2Fwww.walla.co.il%2F&tmax=3000
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1690934400000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.32.10 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-32-10.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:48 GMT
accept-ch
sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version
x-auction-status
29
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
/
prebid.smilewanted.com/ 		0
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1690934400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 02 Aug 2023 11:49:48 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
7f06197f1deb18ef-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
35 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1690934400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 02 Aug 2023 11:49:48 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
7f06197f1ded18ef-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1690934400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 02 Aug 2023 11:49:48 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
7f06197f1df218ef-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1690934400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 02 Aug 2023 11:49:48 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
7f06197f1def18ef-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1690934400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 02 Aug 2023 11:49:48 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
7f06197f1df118ef-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
bid
ap.lijit.com/rtb/ 		11 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.5.0
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1690934400000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.86 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
d602ef42deb77f6a8ba9c57b5635bfb211ce49f19f1b5700baa6d434a5a9742d

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 02 Aug 2023 11:49:48 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.walla.co.il
Transfer-Encoding
chunked
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.walla.co.il%2F&PageUrl=https%3A%2F%2Fwww.walla.co.il%2F&PageReferrer=https%3A%2F%2Fwww.walla.co.il%2F&CanonicalUrl=https%3A%2F%2Fwww.walla.co.il%2F
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1690934400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.151 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
0df359c453dcc2f746597f52d28a7c6166aaf0cda018960a79643e8526de141b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:48 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
755
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
content-length
1076
expires
0
v1
prg.smartadserver.com/prebid/ 		0
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1690934400000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.135.209.97 Oignies, France, ASN16276 (OVH, FR),
Reverse DNS
ip97.ip-5-135-209.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:47 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/ 		171 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1690934400000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.135.209.97 Oignies, France, ASN16276 (OVH, FR),
Reverse DNS
ip97.ip-5-135-209.eu
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:47 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		0
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1690934400000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.135.209.97 Oignies, France, ASN16276 (OVH, FR),
Reverse DNS
ip97.ip-5-135-209.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:47 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
ads
securepubads.g.doubleclick.net/gampad/ 		9 KB
523 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=994942117946805&correlator=12164990826467&eid=31076660&output=ldjh&gdfp_req=1&vrg=202308010101&ptt=17&impl=fifs&iu_parts=43010785%2Cwallanews%2Cmain%2Crm1_desktop%2Crm2_desktop%2Crm3_desktop%2Crm4_desktop%2Crm5_desktop%2Crm6_desktop%2Crm7_desktop%2Crm8_desktop%2Crm9_desktop%2Crm10_desktop%2Crm11_desktop%2Crm12_desktop%2Crm13_desktop%2Crm14_desktop%2Crm15_desktop%2Cnickbar_desktop%2Cdontmiss_strip_desktop&enc_prev_ius=0%2F1%2F2%2F3%2C0%2F1%2F2%2F4%2C0%2F1%2F2%2F5%2C0%2F1%2F2%2F6%2C0%2F1%2F2%2F7%2C0%2F1%2F2%2F8%2C0%2F1%2F2%2F9%2C0%2F1%2F2%2F10%2C0%2F1%2F2%2F11%2C0%2F1%2F2%2F12%2C0%2F1%2F2%2F13%2C0%2F1%2F2%2F14%2C0%2F1%2F2%2F15%2C0%2F1%2F2%2F16%2C0%2F1%2F2%2F17%2C0%2F1%2F2%2F18%2C0%2F1%2F2%2F19&prev_iu_szs=1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1200x40%2C320x50%7C865x190&fluid=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2Cheight&ifi=1&adks=3574292238%2C3281790396%2C98111979%2C284161084%2C2694544435%2C99995744%2C2663655591%2C1832766528%2C3711358991%2C3169800366%2C3148243285%2C211575734%2C3583292036%2C2042096236%2C3658430203%2C1750305995%2C3185403617&didk=1909289936~4078182110~845420629~2737176580~3757563159~2051796368~2459729993~3096182529~3770086168~3931141563~3707026742~2555613071~45217321~479599996~2547616871~1193244743~1193245117&sfv=1-0-40&ists=131068&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1690976987964&lmt=1690976987&adxs=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C200%2C535&adys=11462%2C11462%2C11462%2C11462%2C11462%2C11462%2C11462%2C11462%2C11462%2C11462%2C11462%2C11462%2C11462%2C11462%2C11462%2C1200%2C2723&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7C10%7C11%7C12%7C13%7C14%7C15%7C16%7C17&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf%7Cg%7Ch&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.walla.co.il%2F&frm=20&vis=1&psz=1600x11462%7C1600x11462%7C1600x11462%7C1600x11462%7C1600x11462%7C1600x11462%7C1600x11462%7C1600x11462%7C1600x11462%7C1600x11462%7C1600x11462%7C1600x11462%7C1600x11462%7C1600x11462%7C1600x11462%7C0x-1%7C864x0&msz=1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1200x-1%7C865x0&fws=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C644%2C132&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C864&ga_vid=2119126147.1690976987&ga_sid=1690976988&ga_hid=144338807&ga_fc=true&dlt=1690976986739&idt=1017&prev_scp=slot_name%3Drm1_desktop%7Cslot_name%3Drm2_desktop%7Cslot_name%3Drm3_desktop%7Cslot_name%3Drm4_desktop%7Cslot_name%3Drm5_desktop%7Cslot_name%3Drm6_desktop%7Cslot_name%3Drm7_desktop%7Cslot_name%3Drm8_desktop%7Cslot_name%3Drm9_desktop%7Cslot_name%3Drm10_desktop%7Cslot_name%3Drm11_desktop%7Cslot_name%3Drm12_desktop%7Cslot_name%3Drm13_desktop%7Cslot_name%3Drm14_desktop%7Cslot_name%3Drm15_desktop%7Cslot_name%3Dnickbar_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Ddontmiss_strip_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1&cust_params=permutive%3D
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js?cb=31076660
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
308162ab6182eb0cfc70a372cf450a31cb07c86c2a4a53650e7c9e4784f56330
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:48 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
493
x-xss-protection
0
google-lineitem-id
-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5328 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js?cb=31076660
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 02 Aug 2023 11:49:48 GMT
expires
Thu, 01 Aug 2024 11:49:48 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sync
gum.criteo.com/ 		46 B
288 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230731-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:47 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
226793
expires
60
logo.png
www.walla.co.il/public/assets/pikud/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/pikud/logo.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
76d0d144cab37ceb245da2686fc8b5188508a91aee42773c8caba340dd7e4309

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:48 GMT
via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
last-modified
Wed, 02 Aug 2023 11:11:57 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"558e-189b5f28448"
x-cache
Miss from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
21902
x-cached
HIT
x-amz-cf-id
WmHQ5OTciIlLV6OWKnGPb_dZpV1-iVXIvAGT5zkHSwToGSqahc64dg==
state
event.dxmdp.com/rest/api/v1/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://event.dxmdp.com/rest/api/v1/state
Requested by
Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/dmp-main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.74.76.239 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-74-76-239.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers
pmk-20220605.1.js
pm-widget.taboola.com/wallail-walla/ 		115 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pm-widget.taboola.com/wallail-walla/pmk-20220605.1.js
Requested by
Host: pm-widget.taboola.com
URL: https://pm-widget.taboola.com/wallail-walla/load.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c7e3e2281e670435dd46492437a30bcf0c59368d824ac1aa591571d35c81d88b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id
YaUoVhRXeV8pgb7fnBF6NLXk_e7KSGb2
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Wed, 02 Aug 2023 11:49:48 GMT
x-amz-request-id
1ZRF9AZMSP1MXZKY
age
1309801
x-cache
HIT, HIT
content-length
31819
x-amz-id-2
OUckhCCBQyRlZ54uGukfAk+IL/wJcaCb6S8Qtf8Omgh3owsecWM0riI5KUBsohxeZh5TodRrLw4=
x-served-by
cache-sjc10027-SJC, cache-cph2320025-CPH
last-modified
Tue, 18 Apr 2023 12:24:45 GMT
server
AmazonS3
x-timer
S1690976988.097713,VS0,VE1
etag
"4bbfdfa56e1850f61d8804a24a682324"
vary
Accept-Encoding,,
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
accept-ranges
bytes
x-cache-hits
5373, 1
1616785908557850
connect.facebook.net/signals/config/ 		300 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1616785908557850?v=2.9.120&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
45b7902783ce43139eabd352b624b5e927de7a034d180f37be25ef9652661612
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 02 Aug 2023 11:49:48 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88022
x-xss-protection
0
pragma
public
x-fb-debug
md3L0HUVhAo6gyiicYH8WwcNxEhDN3JXnsKjg5Q0M8k2RMlGiGaqcSkkOaf86lp1eilhMv4DQTYSbLPhWrOebA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=170717926997655&ev=PageView&dl=https%3A%2F%2Fwww.walla.co.il%2F&rl=&if=false&ts=1690976988098&sw=1600&sh=1200&v=2.9.120&r=stable&ec=0&o=30&fbp=fb.2.1690976988096.1681039165&cs_est=true&it=1690976987678&coo=false&exp=a3&rqm=GET
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 02 Aug 2023 11:49:48 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
walla.json
www.walla.co.il/public/player-config/ Frame 0EA1 		111 B
482 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/player-config/walla.json?cache=1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/player_445607a52df06e395055_445607a52df06e395055_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
51f3359dfda7f7e3bb7ca5440eba096f6b170c38da65853d53fc56bdd65f396a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/public/player.html?autoplay=true&imaAdUnit=43010785%2Fwallanews%2Fmain%2Fpre_desktop&imaKeyValues=%7B%22app_name%22%3Afalse%2C%22providerId%22%3A0%2C%22item_id%22%3A0%2C%22vertical_id%22%3A173%2C%22vertical_name%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94%22%2C%22category_id%22%3A0%2C%22item_type%22%3A%22%22%2C%22exclusive%22%3A%22not%22%2C%22login%22%3A%22no%22%2C%22isMobileApp%22%3Afalse%7D&muted=true&player=walla&stream=https%3A%2F%2Fcdn-uw2-prod.tsv2.amagi.tv%2Flinear%2Famg01742-walla-wallanews-ono%2Fplaylist.m3u8&url=https%3A%2F%2Fwww.walla.co.il%2F&ver=2023
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:48 GMT
via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
last-modified
Wed, 02 Aug 2023 11:11:57 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"6f-189b5f28448"
x-cache
Miss from cloudfront
content-type
application/json; charset=UTF-8
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
111
x-cached
MISS
x-amz-cf-id
kK6Ne5rCF2haSjjhPmZoMQK9L6CBfRYworhpNI7cDLeKd1FK6WVV8A==
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.walla.co.il%2F&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.walla.co.il%2F&rid=esp&cc=1
85 B
203 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.walla.co.il%2F&rid=esp&cc=1
Protocol
H2
Server
34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
53.135.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
f42ab8c066e4920fe750d485cae44e623efa7d824b48f8b56128be8edec7adf2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:48 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-45iR1uKqpatbdKmBAFXDxCkRJyQ"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Wed, 02 Aug 2023 11:49:48 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://www.walla.co.il
location
/esp?url=https%3A%2F%2Fwww.walla.co.il%2F&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
encrypt
esp.rtbhouse.com/ 		221 B
315 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://esp.rtbhouse.com/encrypt
Requested by
Host: 12890047.adoric-om.com
URL: https://12890047.adoric-om.com/adoric.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.39.190.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
41dbddff878f15fcd19149ebcf4606b69a80c42a080699e84e48eaf143dcc3f8

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 02 Aug 2023 11:49:48 GMT
via
1.1 google, 1.1 google
server
Google Frontend
content-type
application/json
access-control-allow-origin
*
x-cloud-trace-context
d222e4777b82b76fb55394d5a219a307
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
221
encrypt
esp.rtbhouse.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://esp.rtbhouse.com/encrypt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.39.190.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST, GET
access-control-allow-origin
https://www.walla.co.il
access-control-max-age
600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
content-type
text/plain; charset=utf-8
date
Wed, 02 Aug 2023 11:49:48 GMT
server
Google Frontend
vary
Origin
via
1.1 google, 1.1 google
x-cloud-trace-context
fdabc1000e5e3e3f9e4401d5249cb740
/
www.google.com/pagead/1p-user-list/964224610/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/964224610/?random=1690976987843&cv=9&fst=1690974000000&num=1&guid=ON&eid=375603260%2C466465925%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.walla.co.il%2F&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D&fmt=3&is_vtc=1&random=1043546467&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:48 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/964224610/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/964224610/?random=1690976987843&cv=9&fst=1690974000000&num=1&guid=ON&eid=375603260%2C466465925%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.walla.co.il%2F&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D&fmt=3&is_vtc=1&random=1043546467&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:48 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
increment
id5-sync.com/api/esp/ 		0
324 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.walla.co.il
date
Wed, 02 Aug 2023 11:49:47 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
syncframe
gum.criteo.com/ Frame D44B 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.walla.co.il
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 02 Aug 2023 11:49:47 GMT
server
Kestrel
server-processing-duration-in-ticks
229699
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
map
bcp.crwdcntrl.net/6/ 		60 B
334 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.50.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-50-175.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
6b80bbf7ae265b520fa60847fdfd3e9f8099a99a37941b27ea673f65f024f459

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:48 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache
x-server
10.45.6.151
access-control-allow-credentials
true
content-length
60
expires
0
adagio.js
script.4dex.io/ 		74 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: 12890047.adoric-om.com
URL: https://12890047.adoric-om.com/adoric.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28eac36479c83ab5c1d7881ae078eff90ba02be1ac4f082b75505830e323b0be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Wed, 02 Aug 2023 11:49:48 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
2240723
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Tue, 06 Jun 2023 12:52:54 GMT
Server
cloudflare
ETag
W/"845b176368f98c92daf7aa531dcbc491"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QFVOvNrz1c%2BqM%2FvGNHME9W4ngYgsPOMahNxwW%2B31pbnB1667J8D0KLb1mNn%2BnmTr2P1cPzYev1YxZyeZ2LDDUwvcRm10NyBf6qHiu%2BCSbUf1XsimuIit0KBv1DN2KmMIJabKFte1dyQ34CQq"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
7f061980ab3e9016-FRA
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1616785908557850&ev=PageView&dl=https%3A%2F%2Fwww.walla.co.il%2F&rl=&if=false&ts=1690976988231&sw=1600&sh=1200&v=2.9.120&r=stable&ec=0&o=30&fbp=fb.2.1690976988096.1681039165&it=1690976987678&coo=false&exp=a3&rqm=GET
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 02 Aug 2023 11:49:48 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
sync
event.dxmdp.com/rest/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.dxmdp.com/rest/api/v1/sync
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.74.76.239 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-74-76-239.eu-west-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,POST
access-control-allow-origin
https://www.walla.co.il
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length
0
date
Wed, 02 Aug 2023 11:49:48 GMT
server
nginx/1.20.0
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
sync
event.dxmdp.com/rest/api/v1/ 		13 B
326 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.dxmdp.com/rest/api/v1/sync
Requested by
Host: 12890047.adoric-om.com
URL: https://12890047.adoric-om.com/adoric.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.74.76.239 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-74-76-239.eu-west-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
d658d875fc3585c4c508c403d9d0843e192845b6e101a09e887b757a895b1790

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.walla.co.il
date
Wed, 02 Aug 2023 11:49:48 GMT
access-control-allow-credentials
true
server
nginx/1.20.0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json
sid
mug.criteo.com/ Frame D44B
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=walla.co.il&sn=ChromeSyncframe&so=0&topUrl=www.walla.co.il&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=a9CI2nxUbisrYjc5T2VvSkZtT1RWM1dBalZXeXh6ZFdDdTlhcmhTSE0yNUR6Rlg5MHdxUzl3RjBxemRMNnE4OWpick9STG5xdVJCZU1lcUpzUTNZdWFEOVZrSTVpRjhvc3MxZ3EvcE1meUpEbStvZHU4YURXcVBWVmlGeH...
419 B
648 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=a9CI2nxUbisrYjc5T2VvSkZtT1RWM1dBalZXeXh6ZFdDdTlhcmhTSE0yNUR6Rlg5MHdxUzl3RjBxemRMNnE4OWpick9STG5xdVJCZU1lcUpzUTNZdWFEOVZrSTVpRjhvc3MxZ3EvcE1meUpEbStvZHU4YURXcVBWVmlGeHhwTVJTQzFVelh2NzJ5ODdIMldVOVJqY3drOVkxeGU2QXNhSzR4emxvdFZ5WGRNaUo1eWFlOE81ejlNcERkWkFYR3FFTDBkZUVhZFVRL2FCQmlKcngwbTRNVHRrbmc3NzM1UE4vSCtYdUlyRjkzQ2taNXN5RW4xQ252Q3pZQWZNTTRoQi9BVUpMMTVqWitpSitKSWYxMmU2NUp1cTlMZz09fA&cppv=2
Protocol
H2
Server
178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
3d51281c48855e72491ac211f85647013e608b1eadd4033f235d26f7ef38a6b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:48 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1326661
expires
0

Redirect headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:47 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=a9CI2nxUbisrYjc5T2VvSkZtT1RWM1dBalZXeXh6ZFdDdTlhcmhTSE0yNUR6Rlg5MHdxUzl3RjBxemRMNnE4OWpick9STG5xdVJCZU1lcUpzUTNZdWFEOVZrSTVpRjhvc3MxZ3EvcE1meUpEbStvZHU4YURXcVBWVmlGeHhwTVJTQzFVelh2NzJ5ODdIMldVOVJqY3drOVkxeGU2QXNhSzR4emxvdFZ5WGRNaUo1eWFlOE81ejlNcERkWkFYR3FFTDBkZUVhZFVRL2FCQmlKcngwbTRNVHRrbmc3NzM1UE4vSCtYdUlyRjkzQ2taNXN5RW4xQ252Q3pZQWZNTTRoQi9BVUpMMTVqWitpSitKSWYxMmU2NUp1cTlMZz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
266386
content-length
0
expires
0
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 0EA1 		345 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/player_445607a52df06e395055_445607a52df06e395055_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ebbe84e55b388c782babbc38e8460a1841ee9fe7d9f871bcc1002476c395c119
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
121900
x-xss-protection
0
expires
Wed, 02 Aug 2023 11:49:48 GMT
truncated
/ Frame 0EA1 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Referer
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308010101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js?cb=31076660
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
13c880788c665edaa8d59fcae64edadba378c13bcdeb0860d835f4faeb0a83c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:48 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11868
x-xss-protection
0
dmp-common-iframe.html
cf.dxmcdn.com/dta/ Frame BE9E 		193 KB
62 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cf.dxmcdn.com/dta/dmp-common-iframe.html?dmpid=&monitoringConfig=%7B%22uuid%22%3A%22bc8a7a32-7d98-4226-8af9-d2a43a8621cc%22%2C%22enabled%22%3Afalse%2C%22verboseMode%22%3A%22ERRORS%22%2C%22sampling%22%3Anull%2C%22observedUserId%22%3Anull%2C%22includeDatabase%22%3Afalse%2C%22includeLocalStorage%22%3Afalse%2C%22includeLoggerState%22%3Afalse%7D
Requested by
Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/dmp-main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:c800:11:da61:a100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
62db05cbc08f8a152afa78e6c309221aac46be5a9927d700dc5dcd79b694af7d

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
8703
content-encoding
gzip
content-type
text/html
date
Wed, 02 Aug 2023 09:24:46 GMT
etag
W/"26fac2aab0da1220dfb31537337da864"
last-modified
Thu, 27 Jul 2023 07:10:40 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
x-amz-cf-id
ZwELEZphS_GF98S19vjnL-ozM0BLn5iw2NeV1bbLLLs4OqfhphbgqQ==
x-amz-cf-pop
FRA2-C1
x-amz-server-side-encryption
AES256
x-amz-version-id
qHjCUfZm1tQdGgBJuTqxtyNTpiQNb5ro
x-cache
Hit from cloudfront
2f53e68c-5028-4c26-9480-35b833587c48
https://www.walla.co.il/ Frame 0EA1 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://www.walla.co.il/2f53e68c-5028-4c26-9480-35b833587c48
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
playlist.m3u8
amg01742-walla-wallanews-ono-btlna.amagi.tv/playlist/amg01742-walla-wallanews-ono/ Frame 0EA1
Redirect Chain
  • https://cdn-uw2-prod.tsv2.amagi.tv/linear/amg01742-walla-wallanews-ono/playlist.m3u8
  • https://amg01742-walla-wallanews-ono-btlna.amagi.tv/playlist/amg01742-walla-wallanews-ono/playlist.m3u8
5 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://amg01742-walla-wallanews-ono-btlna.amagi.tv/playlist/amg01742-walla-wallanews-ono/playlist.m3u8
Protocol
H2
Server
99.86.4.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-49.fra6.r.cloudfront.net
Software
/
Resource Hash
a809e97013b56c1fcf48f4c59d3bd5ed1c40aced0212a4eb1f463ba0788cc1db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:48 GMT
via
1.1 google, 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Wed, 02 Aug 2023 11:49:48 GMT
x-amz-cf-pop
FRA6-C1
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/x-mpegURL
access-control-allow-origin
null
x-cache
Miss from cloudfront
cache-control
max-age=0
access-control-allow-credentials
true
x-amz-cf-id
0ItC9msHykyexqSANeG1dapomYUZH2e6fRQH51si7H4NL0WzcNpxpQ==

Redirect headers

date
Wed, 02 Aug 2023 11:49:48 GMT
via
1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
vary
origin
x-cache
Miss from cloudfront
content-type
text/html; charset=utf-8
location
https://amg01742-walla-wallanews-ono-btlna.amagi.tv/playlist/amg01742-walla-wallanews-ono/playlist.m3u8
access-control-allow-origin
https://www.walla.co.il
access-control-expose-headers
WWW-Authenticate,Server-Authorization
cache-control
no-cache
access-control-allow-credentials
true
content-length
0
x-amz-cf-id
TVWTxCpcCmAYzKo_gdXSZPtGkOsfW5ysm5bqytqjV0Ddh8vjn6857A==
bridge3.583.1_en.html
imasdk.googleapis.com/js/core/ Frame 174B 		718 KB
230 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.583.1_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
233ea4a6b15a4c0190686852b27706807fe2fec270d3c9f3e8167d4dddaa0250
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
20067
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
235726
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Wed, 02 Aug 2023 06:15:21 GMT
expires
Thu, 01 Aug 2024 06:15:21 GMT
last-modified
Wed, 26 Jul 2023 19:51:25 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame 0EA1 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 02 Aug 2023 11:49:48 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 6C29 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ea555c1e979c28e1d20d729c64ff36b267b83dcabdefe96460d9ae860e4082f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:36:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
811
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13681
x-xss-protection
0
last-modified
Wed, 05 Jul 2023 22:37:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 02 Aug 2023 12:36:17 GMT
integrator.js
adservice.google.com/adsid/ Frame 0EA1 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.walla.co.il
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js?cb=31076660
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 02 Aug 2023 11:49:48 GMT
6e55e82c-e274-49de-baea-91e7e346c450
https://www.walla.co.il/ Frame 0EA1 		6 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.walla.co.il/6e55e82c-e274-49de-baea-91e7e346c450
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
443343d25e80e7e80b0ed2f16bb6aeab2fa933b1ec58470234ef3505eb56e73e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Length
5872
Content-Type
application/javascript
f2d7ed71-50ac-44b3-8772-00ed0925dbbc
https://www.walla.co.il/ Frame 0EA1 		78 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.walla.co.il/f2d7ed71-50ac-44b3-8772-00ed0925dbbc
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
31f4c5a62160b5b5551d04087e5b4d28a320414b826e210c82030e179badfcfd

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Length
80351
Content-Type
application/javascript
be74e48b-2596-4165-a670-59e348ebfe24
https://www.walla.co.il/ Frame 0EA1 		78 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.walla.co.il/be74e48b-2596-4165-a670-59e348ebfe24
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
31f4c5a62160b5b5551d04087e5b4d28a320414b826e210c82030e179badfcfd

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Length
80351
Content-Type
application/javascript
pd
google-bidout-d.openx.net/w/1.0/ Frame 4B80 		0
176 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Wed, 02 Aug 2023 11:49:48 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CC22 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
979
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 02 Aug 2023 11:33:29 GMT
expires
Thu, 01 Aug 2024 11:33:29 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame DE0A 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6d7450d9086a4837270fcc85baa255570d4c60dbbd9288bc64aa5aa2ff04c059
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-lgTyNNcI6zXi0ldhewkOzA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-lgTyNNcI6zXi0ldhewkOzA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 02 Aug 2023 11:49:48 GMT
expires
Wed, 02 Aug 2023 11:49:48 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
ads
pubads.g.doubleclick.net/gampad/ Frame 174B 		45 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=43010785%2Fwallanews%2Fmain%2Fpre_desktop&sz=635x360%7C640x480%7C640x480%7C640x360%7C635x360&url=https%3A%2F%2Fwww.walla.co.il%2F&description_url=https%3A%2F%2Fwww.walla.co.il%2F&cust_params=app_name%3Dfalse%26providerId%3D0%26item_id%3D0%26vertical_id%3D173%26vertical_name%3D%D7%95%D7%95%D7%90%D7%9C%D7%94%26category_id%3D0%26item_type%3D%26exclusive%3Dnot%26login%3Dno%26isMobileApp%3Dfalse&output=xml_vmap1&vpi=1&gdfp_req=1&env=vp&unviewed_position_start=1&vpa=click&vpmute=1&sdkv=h.3.583.1&osd=2&frm=1&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=2054437229&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.583.1&media_url=blob%3Ahttps%253a%2F%2Fwww.walla.co.il%2F422e78ee-a7ff-4124-9d89-a9ca63b50278&sid=D5DA468A-AECE-449B-99E4-D72B2EA78585&a3p=EhsKDDMzYWNyb3NzLmNvbRiW1dSwmzFIAFICCGQSGQoKdWlkYXBpLmNvbRiW1dSwmzFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGPjY1LCbMUgAUgIIahIcCg1jcndkY250cmwubmV0GJbV1LCbMUgAUgIIZBIZCgpwdWJjaWQub3JnGLHY1LCbMUgAUgIIahLCAQoIcnRiaG91c2USrAFhcC9PQzdHdzVoVlpNbEhFdlU0QUd3SHdGMFhvKzN3OUlRbUhEN1ptUG5mMXFqbHpHOWtYVHI5d3pMZXQ3bWRNSHpscFg5WXUzdzRpaDdJQWtobDJkRG1DSWZGVW5jV2VuVjdxUURvZ2xHbVliOUFhR25DclZrcUxCWFF2bnZkRWtyaDVacUowcW0vU1BSVXNROTE4eW1QbFZkc1BFd1FUM1dEUkFuMERDbDA9GKzZ1LCbMUgAEh0KDmVzcC5jcml0ZW8uY29tGJbV1LCbMUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2lNVVpQVWpSdVJGZFVjV2xQY0ZGM09VcHhiV3BNUVQwOUluMD0YwdrUsJsxSAA.&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44793912&ref=https%3A%2F%2Fwww.walla.co.il%2F&top=https%3A%2F%2Fwww.walla.co.il%2F&loc=https%3A%2F%2Fwww.walla.co.il%2Fpublic%2Fplayer.html%3Fautoplay%3Dtrue%26imaAdUnit%3D43010785%252Fwallanews%252Fmain%252Fpre_desktop%26imaKeyValues%3D%257B%2522app_name%2522%253Afalse%252C%2522providerId%2522%253A0%252C%2522item_id%2522%253A0%252C%2522vertical_id%2522%253A173%252C%2522vertical_name%2522%253A%2522%25D7%2595%25D7%2595%25D7%2590%25D7%259C%25D7%2594%2522%252C%2522category_id%2522%253A0%252C%2522item_type%2522%253A%2522%2522%252C%2522exclusive%2522%253A%2522not%2522%252C%2522login%2522%253A%2522no%2522%252C%2522isMobileApp%2522%253Afalse%257D%26muted%3Dtrue%26player%3Dwalla%26stream%3Dhttps%253A%252F%252Fcdn-uw2-prod.tsv2.amagi.tv%252Flinear%252Famg01742-walla-wallanews-ono%252Fplaylist.m3u8%26url%3Dhttps%253A%252F%252Fwww.walla.co.il%252F%26ver%3D2023&dlt=1690976987747&idt=823&dt=1690976988614&cookie=ID%3Dd3a3a5791364b0b2%3AT%3D1690976988%3ART%3D1690976988%3AS%3DALNI_MZPLojV7kc2FRD0p4dg4SG5AVAiXg&gpic=UID%3D00000c754fd627ea%3AT%3D1690976988%3ART%3D1690976988%3AS%3DALNI_MZvbOflay9kZEjQnyU2LPH3g2QtPg&correlator=4270668480669012&scor=1881098667606194&ged=ve4_td1_er1700.200.1700.200_vi0.0.1200.1600_vp0_eb16616
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.583.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
589df44fa16ed9d7d62f3531245ecad8890ed1f7847b24e72ec76093165ddc88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:49 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7972
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ Frame AE66 		0
18 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.walla.co.il
Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.walla.co.il
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Wed, 02 Aug 2023 11:49:48 GMT
priority
u=0,i
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
sync
gum.criteo.com/ 		73 B
314 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230731-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
0be100794564bd3b902d1ab407bb9662940060c057c7669eb03bb1cbd69db8f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:47 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
1024157
expires
60
json
trc.taboola.com/wallail-walla/trc/3/ 		100 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/wallail-walla/trc/3/json?tim=11%3A49%3A48.652&lti=deflated&data=%7B%22id%22%3A623%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1690899744704%2C%22vi%22%3A1690976988650%2C%22cv%22%3A%2220230731-6-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.walla.co.il%2F%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.walla.co.il%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22e%22%3A%22https%3A%2F%2Fwww.walla.co.il%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A11447%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Left%20Rail%20Homepage%22%2C%22orig_uip%22%3A%22Left%20Rail%20Homepage%22%2C%22cd%22%3A1106.484375%2C%22mw%22%3A298%7D%2C%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A4%2C%22uim%22%3A%22thumbnails-g%3Aabp%3D0%22%2C%22uip%22%3A%22Mid%20Homepage%201%22%2C%22orig_uip%22%3A%22Mid%20Homepage%201%22%2C%22cd%22%3A4298.984375%2C%22mw%22%3A864%7D%2C%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A4%2C%22uim%22%3A%22thumbnails-g%3Aabp%3D0%22%2C%22uip%22%3A%22Mid%20Homepage%202%22%2C%22orig_uip%22%3A%22Mid%20Homepage%202%22%2C%22cd%22%3A5465.984375%2C%22mw%22%3A864%7D%2C%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A4%2C%22uim%22%3A%22thumbnails-g%3Aabp%3D0%22%2C%22uip%22%3A%22Homepage%20Endless%22%2C%22orig_uip%22%3A%22Homepage%20Endless%22%2C%22cd%22%3A11447.265625%2C%22mw%22%3A863%7D%5D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CHomepage%20Endless%3Dthumbnails-g%3Aabp%3D0%2C%2CLeft%20Rail%20Homepage%3Dthumbnails-a%3Aabp%3D0%2C%2CMid%20Homepage%201%3Dthumbnails-g%3Aabp%3D0%2C%2CMid%20Homepage%202%3Dthumbnails-g%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230731-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0c2dc4c75f65029c557cd0f5e0ceefbb5152a2fe91b81a7e32de1107f91a05f3

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
641
date
Wed, 02 Aug 2023 11:49:49 GMT
content-encoding
gzip
via
1.1 varnish
x-fastly-to-nlb-rtt
13640
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-cph2320025-CPH
server
nginx
x-timer
S1690976989.683022,VS0,VE641
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
sodar
pagead2.googlesyndication.com/pagead/ Frame DE0A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308010101&jk=994942117946805&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers
fEcdG_B7pUQXAq0S1D0jGwFCW0QHifFmsZMHxcblrt4.js
pagead2.googlesyndication.com/bg/ Frame CC22 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/fEcdG_B7pUQXAq0S1D0jGwFCW0QHifFmsZMHxcblrt4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c471d1bf07ba5441702ad12d43d231b01425b440789f166b19307c5c6e5aede
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 09:08:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
9699
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14619
x-xss-protection
0
last-modified
Mon, 24 Jul 2023 13:39:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 01 Aug 2024 09:08:09 GMT
/
www.facebook.com/tr/ Frame 4ACF 		0
15 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.walla.co.il
Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.walla.co.il
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Wed, 02 Aug 2023 11:49:48 GMT
priority
u=0,i
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
generate_204
tpc.googlesyndication.com/ Frame CC22 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?a0GyhA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:48 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
analytics
hb-dot-valuad.appspot.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/analytics
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-request-id,x-vad-version
Access-Control-Request-Method
POST
Origin
https://www.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-request-id,x-vad-version
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin
https://www.walla.co.il
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Wed, 02 Aug 2023 11:49:48 GMT
server
Google Frontend
x-cloud-trace-context
2e2ca86662fda4654cd9b4a0dfccbe55
x-request-id
undefined
analytics
hb-dot-valuad.appspot.com/ 		16 B
35 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/analytics
Requested by
Host: 12890047.adoric-om.com
URL: https://12890047.adoric-om.com/adoric.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Content-Type
application/json
Accept
application/json
Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
x-request-id
b339daf3-fc95-42fd-9269-5e8be863bb4a
x-vad-version
0.13.7

Response headers

date
Wed, 02 Aug 2023 11:49:49 GMT
server
Google Frontend
etag
W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
x-cloud-trace-context
6587dfaa82555bfec5fdc6e01c66bb14
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
x-request-id
undefined
ads
securepubads.g.doubleclick.net/gampad/ 		152 KB
36 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=994942117946805&correlator=2779763864193194&eid=31076660&output=ldjh&gdfp_req=1&vrg=202308010101&ptt=17&impl=fifs&iu_parts=43010785%2Cwallanews%2Cmain%2Cskyscraper_desktop%2Ctop_desktop%2Crectangle_hp3_desktop%2Cpremium_rectangle1_desktop%2Cyad2_rectangle_desktop&enc_prev_ius=0%2F1%2F2%2F3%2C0%2F1%2F2%2F4%2C0%2F1%2F2%2F5%2C0%2F1%2F2%2F6%2C0%2F1%2F2%2F7&prev_iu_szs=120x600%7C160x600%2C1x1%7C480x1%7C480x270%7C640x753%7C640x1%7C770x430%7C728x90%7C720x300%7C970x2%7C970x1%7C970x90%7C970x130%7C970x180%7C970x250%7C970x330%7C970x350%7C970x550%7C990x160%7C1200x1%7C1200x90%7C1200x250%7C1200x330%7C1200x350%7C1200x550%2C300x250%2C300x250%2C300x250&ifi=18&adks=2273020715%2C885339186%2C1717219177%2C1472875564%2C2299111211&didk=1193244742~1193245113~1193245112~1193245115~1193245114&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Dd3a3a5791364b0b2%3AT%3D1690976988%3ART%3D1690976988%3AS%3DALNI_MZPLojV7kc2FRD0p4dg4SG5AVAiXg&gpic=UID%3D00000c754fd627ea%3AT%3D1690976988%3ART%3D1690976988%3AS%3DALNI_MZvbOflay9kZEjQnyU2LPH3g2QtPg&abxe=1&dt=1690976988867&lmt=1690976988&adxs=1480%2C920%2C516%2C200%2C516&adys=160%2C173%2C839%2C839%2C1105&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C0%7C0&ucis=i%7Cj%7Ck%7Cl%7Cm&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.walla.co.il%2F&frm=20&vis=1&psz=120x0%7C1200x0%7C300x0%7C300x0%7C300x0&msz=120x0%7C1200x0%7C300x0%7C300x0%7C300x0&fws=4%2C4%2C4%2C4%2C4&ohw=120%2C1200%2C300%2C300%2C300&psts=ABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ&ga_vid=2119126147.1690976987&ga_sid=1690976988&ga_hid=144338807&ga_fc=true&ga_cid=1300387108.1690976987&dlt=1690976986739&idt=1017&prev_scp=slot_name%3Dskyscraper_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Dtop_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drectangle_hp3_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%26vad_status%3Dtrue%26vad_pb%3D0.16%26vad_adid%3D128b185d64216722%7Cslot_name%3Dpremium_rectangle1_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%26vad_status%3Dtrue%26vad_pb%3D0.16%26vad_adid%3D12971e30725c6a15%7Cslot_name%3Dyad2_rectangle_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%26vad_status%3Dtrue%26vad_pb%3D0.16%26vad_adid%3D130d4346a28a5b6c&cust_params=permutive%3D
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js?cb=31076660
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
756a483dfdd4d21d23a86759cfd47637f199493892c554fe3827e21ce7b53c1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:49 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37015
x-xss-protection
0
google-lineitem-id
-1,-1,6343155095,-1,6354285027
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-1,138439753780,-1,138441474294
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.m3u8
amg01742-walla-wallanews-ono-btlna.amagi.tv/playlist/amg01742-walla-wallanews-ono/cb543e1f7c6c648f9ed43d67d8ef42a4f9421fde1d6988693eb5518975d1073edce2a59caa08ff16388f1ede7f0a66413a3e951fda77118fd87... Frame 0EA1 		13 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://amg01742-walla-wallanews-ono-btlna.amagi.tv/playlist/amg01742-walla-wallanews-ono/cb543e1f7c6c648f9ed43d67d8ef42a4f9421fde1d6988693eb5518975d1073edce2a59caa08ff16388f1ede7f0a66413a3e951fda77118fd87eb141453c5728cfffe729a2c05616b7db083429b56a062a866a68ac39437ed0e21f48a238b6720a5aa82a66443d80b846ac7757db80148e78208bb3dc60396d390ec90c1fbcbf5ba0f8ff5e43ca78f0e4491dc42916b39f41c8d64da681d50ecb5e8e73a31180c1f2d8804181d79635a05fe706123256152d44abf2b93cccb8be4c7bfb562d541354e8bae18f245ea37233907c62a9c503da06dc8635841a5ad3e27c80e542ec46bf07aee246e2dfd320b79558d6a679585dc7c7a19cfa273abc2c9cc88c85232bc0a0463c2f5d0ea9d1e2daa1d4be3ca4ba415462741df62e3d72adb4508992a286a0928858902cc4fd26f95756636c1e0b8a51a3d53895799d309fc71d25535a57edb46184d7891060390fb18950824740f9c3ddd7964e1ada70175fdf65db700c7883613f2bab7eafda7447a11227a9797df7513e8502dbbd2ffea892a52533a7d1ca47b03ebee04482b857fe346c1753e2a26c6c444a7cc2e72958632e8d16b2a1bf8b1d3e09e2f3c2e9d31369574b707c38cbb3b73ecbf483437b31ce5c216c716a67b50cc466d205094d6efe17dda8066396444609e3b43449557c9cabe0d7d38b96981371e500c616e20ed55751d3fd/164/640x360_642400/index.m3u8
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/9330_f4446c29729bfb4db823_f4446c29729bfb4db823_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-49.fra6.r.cloudfront.net
Software
/
Resource Hash
292b06419875f9f4692ad49d65f451e150df458443785d416e853a89e4c7ad5e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:48 GMT
via
1.1 google, 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
content-encoding
br
last-modified
Wed, 02 Aug 2023 11:49:48 GMT
x-amz-cf-pop
FRA6-C1
x-cache-status
FRA-1209ea83, miss
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/x-mpegURL
access-control-allow-origin
https://www.walla.co.il
x-cache
Miss from cloudfront
cache-control
max-age=1
access-control-allow-credentials
true
accept-ranges
none
x-amz-cf-id
Z0kba7m9133Du3MbrKX8mUv-Y2Mq9XTiaOuJmKopZSoOG942CB1mXw==
pwt.js
ads.pubmatic.com/AdServer/js/pwt/160447/3622/ 		210 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/160447/3622/pwt.js
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1690934400000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.164.238 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-164-238.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
fdb3a5f6e3182c980503f12c3b7d7a6cbbf899db34df26816ac905acb58f7cdb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:48 GMT
content-encoding
gzip
last-modified
Sat, 29 Apr 2023 00:35:42 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=120536
accept-ranges
bytes
content-length
65459
expires
Thu, 03 Aug 2023 21:18:44 GMT
/
csync.smilewanted.com/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1690934400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b62a89701f26ec1da28a7957e9dbdf26c5151089025c31795f9534a0ea878600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:48 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-credentials
true
cf-ray
7f061984ad9b18ef-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
decode_consent.js
static.smilewanted.com/js/decode_consent/ 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
569712
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
7f061984fe0d18ef-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
drop_cookie_sw.php
csync.smilewanted.com/ Frame DE76 		0
360 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7f0619854e8c18ef-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 02 Aug 2023 11:49:49 GMT
server
cloudflare
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 1288 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
pixel
ap.lijit.com/ Frame E6A3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.86 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Wed, 02 Aug 2023 11:49:49 GMT
X-Sovrn-Pod
ad_ap4ams1
/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame 4C83
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fwww.walla.co.il%2F
95 B
241 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fwww.walla.co.il%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.201.8.249 Ergolding, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.249.8.201.138.clients.your-server.de
Software
nginx/1.14.1 / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
image/png
date
Wed, 02 Aug 2023 11:49:45 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx/1.14.1
x-powered-by
PHP/8.2.4

Redirect headers

content-type
text/html; charset=UTF-8
date
Wed, 02 Aug 2023 11:49:44 GMT
location
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fwww.walla.co.il%2F
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
csi
csi.gstatic.com/ Frame 174B 		0
225 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lkto1ev9&c=3339420054479&slotId=1669710027239.5&eee=missing-element&bi=missing-id&vast_v=3.0&wta=1&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.583.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4001:c61::78 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:49 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=144338807&t=event&_s=1&dl=https%3A%2F%2Fwww.walla.co.il%2F&ul=en-us&de=UTF-8&dt=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D%20%D7%A9%D7%95%D7%98%D7%A4%D7%99%D7%9D&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Video&ea=IMAPluginLoaded&el=&_u=aHDAAEABEAAAACAUI~&jid=&gjid=&cid=2119126147.1690976987&tid=UA-4780630-1&_gid=1300387108.1690976987&gtm=45He37v0n71T728TH&cd1=2119126147.1690976987&cd2=173&cd3=&cd4=&cd6=&cd7=&cd8=&cd24=0&cd26=&cd27=&cd28=&cd29=&cd30=&cd31=&cd32=%D7%95%D7%95%D7%90%D7%9C%D7%94&cd33=not&cd34=&cd51=&cd53=&cd54=&cd55=&cd56=&cd59=&cd62=&cd63=&cd65=no&cd69=0&cd76=&cd98=&cd107=&cd108=no&cd109=no&cd110=&cd113=1&cd115=https%3A%2F%2Fwww.walla.co.il&cd116=0&cd122=GTM%20video%20event%20To%20GA&cd123=https%3A%2F%2Fwww.walla.co.il%2F&cd124=&cd35=editorial&cd38=Live&cd39=Live&cd44=true&cd47=Live&cd49=&cd50=Live&cd72=true&z=790280546
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Aug 2023 19:48:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
57660
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame 174B 		32 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-AhLqpSOf1x3CJorpKskJZVSfoTjzs1Ct_ASwVPs1hkYxdA5pMEI4qYi3pc9wfsP3rIq5Lep7x7Azi2sDK5BFtt7S2fvw&cry=1&dbm_d=AKAmf-DqT_279pLDfFvyDtR3sCWHuew1EPl2vdmSarQQm2rVdsucxA-fntFsNXmZ1KfmJJp92cxMDW9AaelhGHY8P75Z81xbs5ReOlfhDRbLjL5hC2MxFObWxhTOq1-1hOST0YA0px9v3uXxCHL74TER3HN7mEuMraD4K2Oy5p-lsxzMLuo0ft6NawCQn_0v1_TYLF02-W3IPwW9d6i3vMYxlUChkhWHj18270QU67G8o18X4CC7A-lfFXzweUMRB4F_QFxDQPfy1iYfR3Ip3pMXnXtDNlgTjp7_yF6HsSw5mCom1f8l6XePAPl5T1tn_TVVRxLmOmllTByTW9gseEHNZx1hyQ5VbdRfAahh3Jt6vdteakaJD0-xt3nqwsmSJuqa6Ei2sOeLyFdW4_0NrfcSe2OtQHuhDBBEHtXONob0EEupVO_zllC37atnImByy4J-gVpXahcOO0hwpZOvGVDBsOu9iLEKiKbnfKwDR6oxggRFj4jfSnpqADDRoP68gu0hwkROFUpBuIOQATuivRBYr0AnDDZbkHc_IxMui2SR5FNPySGfsNmpPVhpFZzsUA_dBKnT1ijdxWxbIppayVa82BN02CMYw6N1EV1k1wR7tUF29ZliNjya9uqM6X8h5rFtrZk8HuJT2As7032danyIuIRZVuZgLtU2FQLracYR3dWw1TCnFtkqNyO5jJ3hWiUeUcNAg0QpMgI9WFGMLSye3-e2GRVpa4ZwkGmLrTSm8OmaedjXZK9aHWVJnT3heJzPgr1XiaOQ4Z6b5wB7VBwreqR1VM012QXrt3cJ8AUentMaB3j7SgAKtvj4vt9aApscOvT9we0DqZ7gLD5zTcFljv4Ey2BtSmS7eDgfNjwjN9ZvbdJMSWMcFOAjNhT1fuIPDovDHusYNcNZ2OW04awUB8B5EWdnLPLHSWz5neKfsOieitPP8Z-ZDdlh-1XE-6BtWira9-VSakvz4lw-QrgoSmW3c9IEw1sqEyCLCRkb1AfbEpyhchAIDArNgABxHglKDtDhOgMGYoUBbmdaJUihp6gsLSxsD03XoFqe9WmqWlQAIpSV7JFIMzROVhBfKgyb-FqDe290hkvqWsNrlhQDfjHG-PrMzpXfvnRMymnKhqAwUa8xQVFQGHsfs4jDcAmi2PL6cL_JdjazHTEDDrbLX8yJVw4JtDHfj4MQIjuq-8rFk23xudsjmlURD4NHgDEsTMiM1Kb3gXGyGRoV_YbTCukcFmEClvwWYGUk20aOe_-XBHiatNRvFBov92eJW6cqwTAUFjMVE8UeY9-ZfGhho04jSt8WnOxDEGGiCZGus5NY8THcEsp2lm7N3gu04VO-jjT1LSg0xSycqEejj5DBNg7_Idd66tXwWYW5oS13p_AtZWJ2fddv5OHTre2xTASZLwoNmyNEcNDF2wj6sIsESRRP56pm6LsAC_axHshYvcgJH1gSikU9QFBWIj5Ix-spl502xFszfNx8GQDdpn7F5t74NAFJkelyyFfVhZZSsLhId6kBkTYrSWHrO2p7dbA1uRcylzckQoDJY-oB7WsKk_EjyQsCEjrbQulOhyHyqYYyS72Oo2LAMFLPnpW5Yfr3yA8z7zz9nI7xy62FdNP6GCuOwPnFYlk3y2lHNvkbMycD-3_r6aVLMzJxyjre1CJSkfmH5WUnTAGg2bF2zVuXZRX4PY0-aE2IZrMjTm4Cv_V5MB7nCOiUsEa5KvPTBBG7g2nKCWaVFRsGLPD4JV6QOGpZfseZMl5y9L-AObettp1wEKeLNCZ-SEh16NL8RuXuxlQ0NWC1MZbMI_FEW8vh3PozUk_G2fcG0e8UhRBOjmwVbIyQnamC5Zg8JxjbPqsYdQ0NxKnZeqMSJKy-ZMDv80JG3PAL6duKaMMTrqmRXEn_EiqDKCx0E3CuxPepF_Doz--smumFfoAppAfGRhWk2DgJ4yb3J_5xIvHiIVEiidR2G_7953rt-vHq_88UYrxpIT9vpaSkRf2pNyqX7eP3jOdkEi3UFcgaDP0SRtwqB5luoAAZEMGbxPSNdGABwb6DL0I-TTKE29PHDfWhZJ8t3-C765qaqYoCNHDGdwPZ5yr4ImUrcam7LXY3Dgr98hcOPq53CoLmWhGSmFhoOr8aVhnfDaODxeI3LoZRSpzAaSp0WkXlX9INg-H4md07Zxhg50yXgZyu5buMgkq7wUVBAkQCPMYf42_mf_nPH5edTv7l8rPNUIsTVV35jLBGX0rLsH1Y55R_vjTscK8TpBKvkqQ2kx01ewGMDNLEVx4bjLcxwt5VfHv0FJ9V8bU-6dMsUyuDuX65TMS0H8rUONuUWkSVazrN4N66fb1NxMaYfezwsX0hN3CwWm0PoLMW5xrGwhIYEbSJtf7gj4KVY33VYcJik-yLCAEfaENocgIrzwJD7aPj0AUqbrdeZWvrM-8sIWm3KQv_NaWb5YrU2zIsyEpzdzqoTkKLa7EOsIZ3SNRYxp3XOVizfX2E0AsktyU-5nD59M2fQSGtM39XFCZVgG-z_HX5gSJo-seX2uBcmI97v5IRF4fpvGKjxPZSHOpI0uTdybJ08XIqHwikos4NQmsVyX_YB0yikLNF5RTzs2wk9LXSna5xFg0RMtK_Hy1DnLw3Ohqp4gaiNz7XtQR30WC3H3xnjB6OiZoppWp333xh3sqcYDaqGxj6TvPLBOFrm0vZQGx_2oYtPOE4G1iEV-UMWJyYi2oe2Xrsuf5u9hMVjOFTFYCrgtoTgq9KdeAEbWnPfqTUQKt9090TXoNVzDVIo53XSca1eeB-Ls0DaSgBGvCAyXaQNzs4yEPwHdsLUeVDebTrzTLO8h9360eG1gpwigh4oQUI1uN1v18v6OCigQGKD_QHYJ8XzLzF3KajjH8wzQE3hIGR5h_4L9EMIaQf2A3ev6AQ3hGCAk-h7Y2z_rY_YVh_wu77MpNg1raSONbxVQpEoFSVsEkMAcrbSSMhziLi_k8mj5Wj3pzW3kX9_2viu40yK0lglBJMIOEtCeKh6Hvp8EyFoUUkn7w_yulGgezEFG29lv0Wr11-gg6GJM_jh9ve9uiHJJQyBSeM6DxayJHSCV0p0ZNBinfbD7ofQYiOOycEOPNUYPGMWV9oMKgWTcXK9VTWq7XXw468YxZnDfln6rv9mcCEKCBzvDw88pC9pkuv9K2UrFF5iCM3NDeZq8W92_BXwhLbk1bi7ctyHiBCwDE2H_JNEyAkTUaf2t1rjRbEtGOV_YYIZiDhKN9dtbye4UHkpRvUVAc8nYslZGN1UT7f6cTvJrffLO5hHcjY-vsjEJh1cp_Qg04e50D06j6S1VzrRKCHTASH78u6u8txGQPfC_hsbuNVTmc2dVcsRoO_t97hO11HonYl6Rl3eV5xIkSb5HSKhWwYzCFJJ9u8BYeUow1NYvryQOFldD1vIRYbOdOHnXFU4_MfDN38qPUknh3bvpdpdfDIqPMdMoz1W4SP0xPoG3qHZ_is5UiouULKGaw6i8amFYxlW00YYw2zVdQlIkb7DIeatiBFWZkYNgdRNql2Zw1F37ip_9jKeQrw_UCB5advsNoyrLzow6mCH2L7I335RJfJv-C40hTTTOBbkk7JOihxX2lpoc_Fc4AxaoJsI6CYZrR9zAeKpeObrWLUsHFDER28kUb4e5Ug&cid=CAQSPABpAlJWN8s0paJoZngBtRbYP8944K9i6Ipxn4J5dhEyPfjlBwoe9MV_Aimp16UIxup1l2aTub9p76UXthgB&vpa=click&vpmute=1&sdkv=h.3.583.1&osd=2&frm=1&vis=1&sdr=1&unviewed_position_start=1&is_amp=0&hl=en&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=2054437229&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.583.1&media_url=blob%3Ahttps%253a%2F%2Fwww.walla.co.il%2F422e78ee-a7ff-4124-9d89-a9ca63b50278&sid=D5DA468A-AECE-449B-99E4-D72B2EA78585&a3p=EhsKDDMzYWNyb3NzLmNvbRiW1dSwmzFIAFICCGQSGQoKdWlkYXBpLmNvbRiW1dSwmzFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGPjY1LCbMUgAUgIIahIcCg1jcndkY250cmwubmV0GJbV1LCbMUgAUgIIZBIZCgpwdWJjaWQub3JnGLHY1LCbMUgAUgIIahLCAQoIcnRiaG91c2USrAFhcC9PQzdHdzVoVlpNbEhFdlU0QUd3SHdGMFhvKzN3OUlRbUhEN1ptUG5mMXFqbHpHOWtYVHI5d3pMZXQ3bWRNSHpscFg5WXUzdzRpaDdJQWtobDJkRG1DSWZGVW5jV2VuVjdxUURvZ2xHbVliOUFhR25DclZrcUxCWFF2bnZkRWtyaDVacUowcW0vU1BSVXNROTE4eW1QbFZkc1BFd1FUM1dEUkFuMERDbDA9GKzZ1LCbMUgAEh0KDmVzcC5jcml0ZW8uY29tGJbV1LCbMUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2lNVVpQVWpSdVJGZFVjV2xQY0ZGM09VcHhiV3BNUVQwOUluMD0YwdrUsJsxSAA.&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44793912&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&ref=https%3A%2F%2Fwww.walla.co.il%2F&url=https%3A%2F%2Fwww.walla.co.il%2F&dlt=1690976987747&idt=823&dt=1690976989126&ged=ve4_td1_tt0_pd1_la1000_er1701.200.2048.816_vi0.0.1200.1600_vp0_ts0_eb16619
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.583.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.206.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wk-in-f157.1e100.net
Software
cafe /
Resource Hash
c67ae0b8f661c79b1bc63451bfff95d124641bd0102459cf39b28f4e5400d5f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:49 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17606
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
RX-7a457ebd-a963-49c3-b5a4-cd7d6143fdff-003
csync.smilewanted.com/set_partner_userid_get/unruly/ Frame A245
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted&zcc=1&cb=1690976989224
  • https://ad.turn.com/r/cs?pid=45&rndcb=6052684250
  • https://sync.1rx.io/usersync/turn/8215906233994764765?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-7a457ebd-a963-49c3-b5a4-cd7d6143fdff-003?redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Funruly%2FRX-7a457ebd-a963-49c3-b5a4-cd7...
  • https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-7a457ebd-a963-49c3-b5a4-cd7d6143fdff-003
0
443 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-7a457ebd-a963-49c3-b5a4-cd7d6143fdff-003
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7f0619888b8518ef-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 02 Aug 2023 11:49:49 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-type
text/html
date
Wed, 02 Aug 2023 11:49:49 GMT
etag
RX7a457ebda96349c3b5a4cd7d6143fdff003
location
https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-7a457ebd-a963-49c3-b5a4-cd7d6143fdff-003
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
537b61ae-e392-52d6-ba3c-23fedef66123
csync.smilewanted.com/set_partner_userid_get/betweenx/ Frame EDA2
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}&crf=1&rts=389118523918266337
  • https://csync.smilewanted.com/set_partner_userid_get/betweenx/537b61ae-e392-52d6-ba3c-23fedef66123
0
394 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/betweenx/537b61ae-e392-52d6-ba3c-23fedef66123
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7f061987396518ef-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 02 Aug 2023 11:49:49 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
location
https://csync.smilewanted.com/set_partner_userid_get/betweenx/537b61ae-e392-52d6-ba3c-23fedef66123
smwt256.gif
us.ck-ie.com/ Frame 9E23 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.110.114 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Wed, 02 Aug 2023 11:49:49 GMT
Server
nginx
cookie
cm.adform.net/ Frame CBCD 		43 B
106 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
43
content-type
image/gif
date
Wed, 02 Aug 2023 11:49:49 GMT
server
nginx
csi
csi.gstatic.com/ Frame 174B 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lkto1fav&c=3339420054479&slotId=1669710027239.5&ghmsh_eids=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44793912&vmfc=12&vhc=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.583.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4001:c61::78 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:49 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 174B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=omid_integration_debug&corr=5108620&message=vl&sdkv=h.3.583.1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.583.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 174B 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~lkto1fg9&c=3339420054479&slotId=1669710027239.5&qqid=CNLR9ZX0vYADFb_tuwgdtHIBNw&fb=ima_html5-lima&sdkv=h.3.583.1&ppt=videojs-ima&ppv=1.11.0&mrd=4&aab=1&itv=1&faa=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.583.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4001:c61::78 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:49 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 174B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=omid_integration_debug&corr=5108620&message=omo&sdkv=h.3.583.1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.583.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 174B 		42 B
65 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CtB_f3ELKZNLzL7_b7_UPtOWFuAPr0sWTb9jTw8-JEb__uePXAhABIJmjzypglYKAgKwHoAHIx7XyAsgBBagDAcgDE5gEAKoEngJP0K0CzJS52GsX-cJ299NrAi8GiCEHG-zQwXW74mYQ7FaV-VevNb8df_A64rBAP5w_xoyMoxbrGR6bRCOOOJHbF6E-i7uG0g3YG0_N1cf5PhvkTdGL4_dqCxuuk7oJSAZ7LdsltfXLv5HG1SPdixYPpoAINwtfWmacClTp0rR85sLafwgwprqYxFNeCL60aaZvUAGppCqC_JlPobFwWhRO6UPsWSIy1rxhyErAyYVuxlrp9eBByZd9zMb-UL8Mwv72P5CHBlH4wwJbOuoD2MTRsiirPNXUG3Ryk3-UR_gBVUZBszKL42Grtoj23kyNWGXNuoaPGCXl-9_5bGOS5rUOfQUmLM5bErJCGMYYg9N6FQb3q6N85PneWC11Sj82wAS7tLi-3APgBAOQBgGgBk6AB6C4yo0BqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDAgqBgoEw7CxArAToqzZEdATANgTDIgUAtgUAdAVAfgWAYAXAQ&sigh=1bSq9ZI9TLk&label=vmap_ad_break_start&sdkv=h.3.583.1&vci=[CREATIVE_PLAYBACK]
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.583.1_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 174B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=omid_integration_debug&corr=5108620&message=oms&sdkv=h.3.583.1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.583.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 174B 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CtB_f3ELKZNLzL7_b7_UPtOWFuAPr0sWTb9jTw8-JEb__uePXAhABIJmjzypglYKAgKwHoAHIx7XyAsgBBagDAcgDE5gEAKoEngJP0K0CzJS52GsX-cJ299NrAi8GiCEHG-zQwXW74mYQ7FaV-VevNb8df_A64rBAP5w_xoyMoxbrGR6bRCOOOJHbF6E-i7uG0g3YG0_N1cf5PhvkTdGL4_dqCxuuk7oJSAZ7LdsltfXLv5HG1SPdixYPpoAINwtfWmacClTp0rR85sLafwgwprqYxFNeCL60aaZvUAGppCqC_JlPobFwWhRO6UPsWSIy1rxhyErAyYVuxlrp9eBByZd9zMb-UL8Mwv72P5CHBlH4wwJbOuoD2MTRsiirPNXUG3Ryk3-UR_gBVUZBszKL42Grtoj23kyNWGXNuoaPGCXl-9_5bGOS5rUOfQUmLM5bErJCGMYYg9N6FQb3q6N85PneWC11Sj82wAS7tLi-3APgBAOQBgGgBk6AB6C4yo0BqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDAgqBgoEw7CxArAToqzZEdATANgTDIgUAtgUAdAVAfgWAYAXAQ&sigh=1bSq9ZI9TLk&label=show_ad&sdkv=h.3.583.1&vci=CiEIAhoLQWRTZW5zZS9BZFggAyoMNjM3NzE2NzM4ODkyQAAKbQgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSADKgk1NDQzNjcxMjEyCTE4MjY0MzY3NECxAVIyCOcHEA8lAAAgQSgBOgd1bmtub3duQgd1bmtub3duUABaEEt1OFJrNWUzZjdEM0NGSFAYAQ..
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
pubads.g.doubleclick.net/pagead/ Frame 174B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/adview?ai=C_-ll3ELKZNLzL7_b7_UPtOWFuAPr0sWTb9jTw8-JEb__uePXAhABIJmjzypglYKAgKwHoAHIx7XyAsgBBagDAZgEAKoEmwJP0K0CzJS52GsX-cJ299NrAi8GiCEHG-zQwXW74mYQ7FaV-VevNb8df_A64rBAP5w_xoyMoxbrGR6bRCOOOJHbF6E-i7uG0g3YG0_N1cf5PhvkTdGL4_dqCxuuk7oJSAZ7LdsltfXLv5HG1SPdixYPpoAINwtfWmacClTp0rR85sLafwgwprqYxFNeCL60aaZvUAGppCqC_JlPobFwWhRO6UPsWSIy1rxhyErAyYVuxlrp9eBByZd9zMb-UL8Mwv72P5CHBlH4wwJbOuoD2MTRsiirPNXUG3Ryk3_MRmrPxtw8IYEXAQgWVPh1XCM92iJZF6cYnTjF8WPzRXs6dC9hzaXhBeBDkgP3OVGXIvlWDbdeUcrB8z7MpfI3wAS7tLi-3APgBAOIBa2Xp4s3kgUGCAMQAhgBkgUGCBsQARgBkgUKCCIQAxgDSJOWdpIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGToAHoLjKjQGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHChD1wR8Yv5f52gHSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDyAsBogwIKgYKBMOwsQKwE6Ks2RHIE5LIqgnQEwDYEwyIFALYFAHQFQGAFwGyFx4KHAgAEhRwdWItNzYyNzY1MDA4Njg5NTU5MBjx5hM&sigh=dZawW4o8-Us&cmd=Ch1jYS12aWRlby1wdWItNDQ5MTY1OTQ5NjM3MjE3MhAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&cid=CAQSPABpAlJWN8s0paJoZngBtRbYP8944K9i6Ipxn4J5dhEyPfjlBwoe9MV_Aimp16UIxup1l2aTub9p76UXthgB&vt=10&sdkv=h.3.583.1&vci=CiEIAhoLQWRTZW5zZS9BZFggAyoMNjM3NzE2NzM4ODkyQAAKbQgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSADKgk1NDQzNjcxMjEyCTE4MjY0MzY3NECxAVIyCOcHEA8lAAAgQSgBOgd1bmtub3duQgd1bmtub3duUABaEEt1OFJrNWUzZjdEM0NGSFAYAQ..
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers
csi
csi.gstatic.com/ Frame 0EA1 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lkto1ere&c=3339420054479&slotId=1669710027239.5&eee=missing-element&bi=missing-id
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4001:c61::78 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:49 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
29
r1---sn-4g5edns6.c.2mdn.net/videoplayback/id/13c8b8091c6a7d44/itag/692/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3813660949/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 0EA1
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/13c8b8091c6a7d44/itag/692/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3813660949/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signa...
  • https://r1---sn-4g5edns6.c.2mdn.net/videoplayback/id/13c8b8091c6a7d44/itag/692/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3813660949/sparams/acao,ctier,expire,id,ip,ipbits,ita...
1 MB
1 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://r1---sn-4g5edns6.c.2mdn.net/videoplayback/id/13c8b8091c6a7d44/itag/692/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3813660949/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/17EA0A3D3D81D7E148C3F94B6DDDE75AEBFD4732.219DD696F120B1597C5AF488FD1766617D1D02CE/key/cms1/cms_redirect/yes/mh/qa/mip/2001:1b60:2:240:3247::11/mm/42/mn/sn-4g5edns6/ms/onc/mt/1690975879/mv/u/mvi/1/pl/29?cpn=Ku8Rk5e3f7D3CFHP&file=file.mp4
Protocol
HTTP/1.1
Server
2a00:1450:4001:6d::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
a5b1a7254329f61b1a5354c14196b416544a5cf81d317850d0101386df23fb2e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Wed, 02 Aug 2023 11:49:49 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 23 Nov 2022 14:15:03 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Content-Range
bytes 0-1498769/1498770
Cache-Control
private, max-age=86400
Connection
close
Accept-Ranges
bytes
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
1498770
Expires
Wed, 02 Aug 2023 11:49:49 GMT

Redirect headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:49 GMT
x-content-type-options
nosniff
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://r1---sn-4g5edns6.c.2mdn.net/videoplayback/id/13c8b8091c6a7d44/itag/692/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3813660949/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/17EA0A3D3D81D7E148C3F94B6DDDE75AEBFD4732.219DD696F120B1597C5AF488FD1766617D1D02CE/key/cms1/cms_redirect/yes/mh/qa/mip/2001:1b60:2:240:3247::11/mm/42/mn/sn-4g5edns6/ms/onc/mt/1690975879/mv/u/mvi/1/pl/29?cpn=Ku8Rk5e3f7D3CFHP&file=file.mp4
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
679
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
75cdc6ed9ad4d621b942d3f039cccc2
csync.smilewanted.com/set_partner_userid_get/freewheel/ Frame 0D21
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/75cdc6ed9ad4d621b942d3f039cccc2?gdpr_consent=&gdpr=0
0
425 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/freewheel/75cdc6ed9ad4d621b942d3f039cccc2?gdpr_consent=&gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7f061988abb318ef-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 02 Aug 2023 11:49:49 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Date
Wed, 02 Aug 2023 11:49:49 GMT
Expires
Wed, 02 Aug 2023 11:49:49 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/freewheel/75cdc6ed9ad4d621b942d3f039cccc2?gdpr_consent=&gdpr=0
Pragma
no-cache
Server
nginx
x-sticky-vk
1690976989440066-551
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/4.1.7/ 		123 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/4.1.7/UnitFeedManagerDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230731-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
33a6bceccdad3831c446c41d3f3eccf4753b5646b9205cda82960bb4dcd2249a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:49 GMT
via
1.1 52185ea0de4fc3b9a693955c5e065bbe.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
CPH50-C2
age
106966
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront, HIT
content-length
35439
x-served-by
cache-cph2320025-CPH
last-modified
Tue, 01 Aug 2023 06:05:58 GMT
server
AmazonS3
x-timer
S1690976989.387736,VS0,VE0
etag
"d79f8f745c3d1249268e49970ed0fc7f"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
HNPdcd7VUuNCUJWrS_Dp05sfsm2QymAcLnyIrZCGTyAw-g-0HC3tGQ==
x-cache-hits
1900
feed-card-placeholder.20230731-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20230731-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/wallail-walla/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b034ecd1482f554009ac75629be1b505f2ec7a0e9b5d8d69ccfcbd03b11d9606

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id
iPSnzFxdEHigaBX167L0mPoogRVSISGk
content-encoding
gzip
via
1.1 varnish
date
Wed, 02 Aug 2023 11:49:49 GMT
x-amz-request-id
SDSZQ22GY8ASXA54
age
4626
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1261
x-amz-id-2
4pRfSlPSO/+bkTFX9lYQXmFg+FO+NozXOligcudnTz8cy4kaGyVsuN4AkbM3FMLNPYGqsAPK0jU=
x-served-by
cache-cph2320025-CPH
last-modified
Wed, 02 Aug 2023 10:32:44 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1690976989.383381,VS0,VE0
etag
"981d3ddc047ad8b7b970603766b42d25"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
63
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
166
userx.20230731-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20230731-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/wallail-walla/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
173c5232fc94635df462181cf6ffeeaecc0ce9604a65d33e64ecf1e28543d8f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id
zEB4H61LUVOHgBcCo1gXhWB3MT6LCUUM
content-encoding
gzip
via
1.1 varnish
date
Wed, 02 Aug 2023 11:49:49 GMT
x-amz-request-id
57Y4468JP7VMXT7R
age
4594
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5397
x-amz-id-2
nlXR93XpUrs1fAoFpwzuRe7kr5HzvlScTgtIOT/Zy4CZ45/ps12/1UjcxEH2C+sHylsWpxVFMwyUCctQJFZ6FA==
x-served-by
cache-cph2320025-CPH
last-modified
Wed, 02 Aug 2023 10:33:11 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1690976989.393890,VS0,VE0
etag
"4633f109c0e362cb40c332c3e03c7e19"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
2
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
33
distance-from-article.20230731-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/distance-from-article.20230731-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/wallail-walla/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
24011b4c797fe6c785e814b4ca1ab08109552ab9defeaae981e06163eb196bb2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id
htupJN1TAoVhu.wtzrpUSZoWdncZxuyE
content-encoding
gzip
via
1.1 varnish
date
Wed, 02 Aug 2023 11:49:49 GMT
x-amz-request-id
2H16PC1QDKS4Q3ZV
age
4630
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1132
x-amz-id-2
VBwSiLfAr3NKpUO+4Jnvmey4feKCjrho4jNwl2BXYBX6cmOHi7/qOfgN03Il53OEPXEVOSK2mww=
x-served-by
cache-cph2320025-CPH
last-modified
Wed, 02 Aug 2023 10:32:39 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1690976989.394452,VS0,VE0
etag
"38262a77ac29a3d8422798ec47509b83"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
9
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
216
article-detection.20230731-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-detection.20230731-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/wallail-walla/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6e02dd34b1017ee295f27243e309b54b618988cb0788bcc3acf49824b0ed6175

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id
cH8Z2KiAnA_CEkQEhi8mjg3chBUJi4XU
content-encoding
gzip
via
1.1 varnish
date
Wed, 02 Aug 2023 11:49:49 GMT
x-amz-request-id
ZQ7JTN9MFDKNV776
age
4637
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1270
x-amz-id-2
HzBHdjC02RYA4zxxVnQtABpoJefCA4b0rMWXTKYeYnUVJejeUXDgFsvoyahDjmlMsnCNjDzJERo=
x-served-by
cache-cph2320025-CPH
last-modified
Wed, 02 Aug 2023 10:32:32 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1690976989.394793,VS0,VE0
etag
"bb42833ba8fd0dfde0c2c3076d001e2c"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
72
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
191
abtests
am-trc-events.taboola.com/wallail-walla/log/3/ 		0
246 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://am-trc-events.taboola.com/wallail-walla/log/3/abtests?route=AM:AM:V&lti=deflated&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22hp4u-excludeUrl%22%2C%22type%22%3A%22module%20initialized%22%2C%22eventTime%22%3A1690976989390%7D&tim=11%3A49%3A49.390&id=2813&llvl=2&ri=1c8173b82f0df245d6711eb505c6a8bf&sd=v2_31403e75a228f76fe9fa4dc4f83dcbf8_40abb326-6c0d-40b6-a0ad-5d4b31d68375-tuctbc3c85c_1690976988_1690976988_CIi3jgYQk-FcGOrb1LCbMSABKAEwODib4wlAhIoQSOut2QNQ____________AVgAYABowen75N2l19oVcAA&ui=40abb326-6c0d-40b6-a0ad-5d4b31d68375-tuctbc3c85c&pi=/&wi=2990753527669053458&pt=home&vi=1690976988650&
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230731-6-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-origin
https://www.walla.co.il
pragma
no-cache
date
Wed, 02 Aug 2023 11:49:49 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
am-trc-events.taboola.com/wallail-walla/log/3/ 		0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/wallail-walla/log/3/abtests?route=AM:AM:V&lti=deflated&ri=1c8173b82f0df245d6711eb505c6a8bf&sd=v2_31403e75a228f76fe9fa4dc4f83dcbf8_40abb326-6c0d-40b6-a0ad-5d4b31d68375-tuctbc3c85c_1690976988_1690976988_CIi3jgYQk-FcGOrb1LCbMSABKAEwODib4wlAhIoQSOut2QNQ____________AVgAYABowen75N2l19oVcAA&ui=40abb326-6c0d-40b6-a0ad-5d4b31d68375-tuctbc3c85c&pi=/&wi=2990753527669053458&pt=home&vi=1690976988650&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1690976989371%7D&tim=11%3A49%3A49.372&id=2598&llvl=2&cv=20230731-6-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 02 Aug 2023 11:49:49 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
gen_204
pagead2.googlesyndication.com/pagead/ Frame 174B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=omid_integration_debug&corr=5108620&message=ss&sdkv=h.3.583.1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.583.1_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 174B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=omid_integration_debug&corr=5108620&message=oml&sdkv=h.3.583.1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.583.1_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308010101&jk=994942117946805&bg=!ZGelZzPNAAZGOVy5Zjk7ADkAdvg8WkPW8zlJrFAgrknfyjz67jgkbfurNKoP_GoNeacnhITmx6j-94th9wUnS1ZpjpKHt0bzE_ECAAAAWlIAAAAJaAEHmQKubXBX-hmjgjUR3B2RKEmykq9AgnOMsCrEbVCfOtWb8cI3mQRrtDWYx-o9KGJ_xl0HcsrpSTTixg5Dkkr6_d2-zGWVAcNhZnZKZv2HZXEUUIDlJ-GgT0RKf_sUMCEhu6MnyN-ifi-SMhtPODX03P300RimcOsQ4lmFL6FKZ2049PHgeD7MjaQ4NK2xfABDjxwWdft_dXA3zLQ4jum74SM1TMr5mOs0YE7sPl1oUlaYBPLZyJFr8losjyGJhLFPnpqsOy-M_i9PrWULum5OWOUZzPNqZWFEZie44CX5BkhM6rwu669vBObVsOr64YSESnJJruMox67GaSFdJRQFkOEQr4u3MtSyFlJ7_9kHU3gqM-wdjnllFkoDbZTvPGw8A2Ew4gxzvIqN4FesxN5mm15AFb3VUn0JiDxhKzyhcuNS33sae8Ahx1I3pI8I8qlGkJTLlk-nN4lv188F-5C4YchigFYuktxXgvmyQaSqgl9KMOb2GAlWArfJaIzt8lrUqHeM-g6L0W-2WC29qSHXiHq6EVEVvdPGfimr01b7X98fs3adsUGz-3Rj4WUSfo_elG5aFSidc-9FKoaM61zi341ze-uPOhDXOky-mm2BCclelHdmxh1M0-aYs9EPZHyMlU1JP37BNuFCO83GaIEtuNjhDCeAWKzxJ5KOiasTnNhSlPiaHEUVwP1zTafp8vAXJ7H7qTD75IqlFpMQD-qYC_L51UKYLlvjh3BjlUrulOAs92FAZ0g-gKOtbVwtEmeL3iDlkRhRZmXG0Mkt8y8g5Bu_LcX6yDfLb6nU2xgebnylrQucp5SSXu79A-k2ztmHCx1ifTV9CIhvD_3wMw6oyR65rA7xzipmFMrMjoS1HYzDKtVCgmdMOJj_X-Mkt-igD5RHkL1fVQfpvP_gvEIoc1A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding
gzip
via
1.1 varnish
date
Wed, 02 Aug 2023 11:49:49 GMT
x-amz-request-id
5CXX336K5SW62MAE
age
108
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1758
x-amz-id-2
DzTjJEhG8gb2wtUxxrur/jl0sVeuigKAhlRuMIVtcAghrAgLyQxDsfcl2zuRYwVmHzFifttcfnI=
x-served-by
cache-cph2320025-CPH
last-modified
Wed, 07 Feb 2018 11:15:52 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1690976989.424061,VS0,VE0
etag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
abp
42
cache-control
private,max-age=31536000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
25
social
am-trc-events.taboola.com/wallail-walla/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/wallail-walla/log/3/social?route=AM:AM:V&lti=deflated&ri=1c8173b82f0df245d6711eb505c6a8bf&sd=v2_31403e75a228f76fe9fa4dc4f83dcbf8_40abb326-6c0d-40b6-a0ad-5d4b31d68375-tuctbc3c85c_1690976988_1690976988_CIi3jgYQk-FcGOrb1LCbMSABKAEwODib4wlAhIoQSOut2QNQ____________AVgAYABowen75N2l19oVcAA&ui=40abb326-6c0d-40b6-a0ad-5d4b31d68375-tuctbc3c85c&pi=/&wi=2990753527669053458&pt=home&vi=1690976988650&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fwww.walla.co.il%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D%20%D7%A9%D7%95%D7%98%D7%A4%D7%99%D7%9D%22%2C%22sec%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94%22%2C%22aut%22%3A%5B%5D%2C%22img%22%3A%22https%3A%2F%2Fimages.wcdn.co.il%2Ff_auto%2Cq_auto%2Cw_1200%2Ct_54%2F3%2F1%2F3%2F6%2F3136860-46.jpg%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=11%3A49%3A49.424&id=6632&llvl=2&cv=20230731-6-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 02 Aug 2023 11:49:49 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
9e4e9cba07e81a09029a0d6a87ccb75b.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9e4e9cba07e81a09029a0d6a87ccb75b.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
27a269fad52fb81fccb25485bf480f6d8bbbc641bdcdcf8cb1a77ec7677fda18

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 02 Aug 2023 11:49:49 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9e4e9cba07e81a09029a0d6a87ccb75b.jpg
age
3214212
edge-cache-tag
312751848628826905265939403758272977423,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
312751848628826905265939403758272977423,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
94
expiration
expiry-date="Mon, 17 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://games.espn.com/
content-length
14578
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kiad7000087-IAD, cache-iad-kiad7000040-IAD, cache-chi-klot8100064-CHI, cache-iad-kjyo7100036-IAD, cache-cph2320025-CPH
last-modified
Fri, 16 Jun 2023 08:43:52 GMT
server
nginx
x-timer
S1690976989.460772,VS0,VE1
etag
"02e36be88840efae9919591b1f70d0a0"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 1979, 1
1306685519__WzQg8JOR.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1306685519__WzQg8JOR.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8ca6863d16ef1aab9af8b4982cf5ac4cd13952cab01ef684ec9db53a62f1d981

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-vcl-time-ms
85
date
Wed, 02 Aug 2023 11:49:49 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1306685519__WzQg8JOR.jpg
age
1050074
edge-cache-tag
430928593540357712260853476547503447543,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
430928593540357712260853476547503447543,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT, MISS
x-envoy-upstream-service-time
38
req-referer
https://www.calcalistech.com/
content-length
4912
x-request-id
99381793e06f73beed01022c075823da
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by
cache-iad-kjyo7100076-IAD, cache-iad-kjyo7100071-IAD, cache-chi-kigq8000150-CHI, cache-iad-kjyo7100063-IAD, cache-cph2320025-CPH
last-modified
Sun, 02 Jul 2023 20:04:16 GMT
server
nginx
x-timer
S1690976989.461169,VS0,VE85
etag
"b6d0bbb94f9efca5d758a304d04d33c0"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 2, 0
4485dec1-0526-4f1e-8143-b0d7824b92ee__nFeFXRpV.jpg
images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_1535%2Cx_1%2Cy_80/http%3A//cdn.taboola.com/libtrc/static/thumbnails/STABLE_DIFFUSION/ESD/ 		119 KB
120 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_1535%2Cx_1%2Cy_80/http%3A//cdn.taboola.com/libtrc/static/thumbnails/STABLE_DIFFUSION/ESD/4485dec1-0526-4f1e-8143-b0d7824b92ee__nFeFXRpV.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
29f35c2c30f76a8a6cf5f079cef45f6316b5fefc26da8c1e128c49f537e50988

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 02 Aug 2023 11:49:49 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_1535%2Cx_1%2Cy_80/http%3A//cdn.taboola.com/libtrc/static/thumbnails/STABLE_DIFFUSION/ESD/4485dec1-0526-4f1e-8143-b0d7824b92ee__nFeFXRpV.jpg
age
532178
edge-cache-tag
574293652535528156189454570587581022096,494097600193741159475367772513882090712,29ecf9b93bbf306179626feeda1fab70
cache-tag
574293652535528156189454570587581022096,494097600193741159475367772513882090712,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT
expiration
expiry-date="Sat, 12 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
content-length
122264
x-backend-name
CLOUDINARY-FALLBACK:3FP7YNX3LMizprTZsG7BSW--F_addr_taboola_res_cloudinary_com
x-served-by
cache-iad-kcgs7200178-IAD, cache-iad-kiad7000072-IAD, cache-cph2320025-CPH
last-modified
Wed, 12 Jul 2023 08:11:51 GMT
server
cloudinary
x-timer
S1690976989.461291,VS0,VE0
etag
"6c1b0dd974301de4a4353679d66ffbff"
vary
ImageFormat
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 3, 54
e6b85c1d5af30e2e06b276a608b30bf1.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e6b85c1d5af30e2e06b276a608b30bf1.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
284a7c8583cb60bb8fc9d3d599f916c1634ece2b93f135777a490359fda2018f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 02 Aug 2023 11:49:49 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e6b85c1d5af30e2e06b276a608b30bf1.png
age
1735541
edge-cache-tag
485021311748238369119660471792631892163,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
485021311748238369119660471792631892163,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
79
req-referer
https://www.consiglietrucchi.com/
content-length
15258
x-request-id
f0bad655b70525271176a4e1f20bb2ed
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kiad7000142-IAD, cache-iad-kiad7000052-IAD, cache-lax10665-LGB, cache-iad-kiad7000128-IAD, cache-cph2320025-CPH
last-modified
Thu, 13 Jul 2023 08:42:11 GMT
server
nginx
x-timer
S1690976989.461163,VS0,VE1
etag
"21132cb8e38e646fc0a8db7266328015"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 21, 1
v1
match.sharethrough.com/universal/ Frame AACE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.68.130.198 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-68-130-198.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Wed, 02 Aug 2023 11:49:49 GMT
81b0729bada37132dbbc2f3157781bf8.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/81b0729bada37132dbbc2f3157781bf8.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5e5278ced9ec4bd5255603ee5dabfd6f7100ef1aea082e72bf11cecadb2bf6d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-vcl-time-ms
84
date
Wed, 02 Aug 2023 11:49:49 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/81b0729bada37132dbbc2f3157781bf8.jpeg
age
1285980
edge-cache-tag
357954298713990155053928992510195782714,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
357954298713990155053928992510195782714,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, HIT, HIT, MISS
x-envoy-upstream-service-time
276
expiration
expiry-date="Thu, 17 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://ensiforex.com/in-2022-the-economy-is-expected-to-return-to-normal/
content-length
28454
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kiad7000108-IAD, cache-iad-kiad7000079-IAD, cache-sna10730-LGB, cache-iad-kiad7000138-IAD, cache-cph2320025-CPH
last-modified
Mon, 17 Jul 2023 19:03:22 GMT
server
nginx
x-timer
S1690976989.461305,VS0,VE84
etag
"0c8732d2ad9c7c23e568507fe7c46d49"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 19, 0
65ec30621fd3d13e0e9b8c7ceddadb83.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/65ec30621fd3d13e0e9b8c7ceddadb83.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
64e07ecaecc267e1549ba93f92ac4c1220bb2f4b14919a02bce60e8dcdcaad66

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 02 Aug 2023 11:49:49 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/65ec30621fd3d13e0e9b8c7ceddadb83.jpg
age
786915
edge-cache-tag
502119713255400533776074291396086777426,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
502119713255400533776074291396086777426,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
519
req-referer
https://www.reviersport.de/
content-length
6888
x-request-id
2eda33d02b8565c07a5580685d0b6c73
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by
cache-iad-kcgs7200083-IAD, cache-iad-kcgs7200048-IAD, cache-chi-klot8100129-CHI, cache-iad-kjyo7100084-IAD, cache-cph2320025-CPH
last-modified
Mon, 26 Jun 2023 09:05:56 GMT
server
nginx
x-timer
S1690976989.461144,VS0,VE1
etag
"6c750f2052a4068442d8d47b371adb63"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 16, 1
fca6bdccdd8f474b36eac11a2909c3d2.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fca6bdccdd8f474b36eac11a2909c3d2.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f0b06901c61425209523bc5929df4871248ce6d83bba4d9052917f8b3b586a72

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 02 Aug 2023 11:49:49 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fca6bdccdd8f474b36eac11a2909c3d2.jpg
age
1289469
edge-cache-tag
607736366233901464753749305491352383253,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
607736366233901464753749305491352383253,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
132
expiration
expiry-date="Fri, 11 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.androidkosmos.de/
content-length
16790
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kcgs7200087-IAD, cache-iad-kiad7000028-IAD, cache-lax10624-LGB, cache-iad-kiad7000107-IAD, cache-cph2320025-CPH
last-modified
Tue, 11 Jul 2023 11:11:20 GMT
server
nginx
x-timer
S1690976990.500226,VS0,VE1
etag
"c22a7f9cc53c92c40513997b11e538f4"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 4, 1
8408b6ab-89c8-4056-ade4-ef0f108c0887__JqdavIq3.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/8408b6ab-89c8-4056-ade4-ef0f108c0887__JqdavIq3.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3bdc3d1c49a5861451ccc309d7bc2510c30463ca0a32471b4d988274b391d5a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 02 Aug 2023 11:49:49 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/8408b6ab-89c8-4056-ade4-ef0f108c0887__JqdavIq3.jpg
age
3194743
edge-cache-tag
363816907600256943450206783683725864407,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
363816907600256943450206783683725864407,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
66
req-referer
https://www.kicker.de/
content-length
2888
x-request-id
e5519afa0a24451b1487aee3a7b12ae8
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kjyo7100110-IAD, cache-iad-kcgs7200137-IAD, cache-lga21935-LGA, cache-iad-kcgs7200164-IAD, cache-cph2320025-CPH
last-modified
Fri, 23 Jun 2023 03:27:54 GMT
server
nginx
x-timer
S1690976990.500290,VS0,VE1
etag
"6b9395a7e226c26c5c34e61f6b05f4d2"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 168, 1
3568605-46.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/5/6/8/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/5/6/8/3568605-46.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d81e26c91ec4bba312b39dc1eb8c1b7c09a4e5d1430b09f96fcab55002662bd1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 02 Aug 2023 11:49:49 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/5/6/8/3568605-46.jpg
age
2001059
edge-cache-tag
379951302639720503950118435743643784254,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
379951302639720503950118435743643784254,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
82
req-referer
https://help.walla.co.il/
content-length
12708
x-request-id
4bfba9d2738224af62749756f38208cf
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by
cache-iad-kcgs7200154-IAD, cache-iad-kcgs7200141-IAD, cache-lga21925-LGA, cache-iad-kiad7000055-IAD, cache-cph2320025-CPH
last-modified
Mon, 10 Jul 2023 07:56:49 GMT
server
nginx
x-timer
S1690976990.515700,VS0,VE1
etag
"b8d220c0f868d24e07e95b14289e9a14"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 38, 1
3371057-46.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/3/7/1/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/3/7/1/3371057-46.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
20eefda5e8fdfa079f96d95aa209ad655ec7025054be4c5d5157d9873e2cc29e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 02 Aug 2023 11:49:49 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/3/7/1/3371057-46.jpg
age
3277840
edge-cache-tag
588321840535500269142707029650274104581,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
588321840535500269142707029650274104581,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
191
expiration
expiry-date="Sun, 16 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.walla.co.il/
content-length
23798
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by
cache-iad-kiad7000139-IAD, cache-iad-kcgs7200176-IAD, cache-lga21968-LGA, cache-iad-kiad7000117-IAD, cache-cph2320025-CPH
last-modified
Thu, 15 Jun 2023 11:29:26 GMT
server
nginx
x-timer
S1690976990.515986,VS0,VE1
etag
"0a78de8d806512706443bf4d90bd66f6"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 1, 40, 1
7a67808f-2f8c-4a8b-88db-19c9a30f2731__PRKQE0wY.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/7a67808f-2f8c-4a8b-88db-19c9a30f2731__PRKQE0wY.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
15288727a5b8d5400bad2146718c4e7900437d89971e8920028a6a1d9ec3255d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 02 Aug 2023 11:49:49 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/7a67808f-2f8c-4a8b-88db-19c9a30f2731__PRKQE0wY.jpg
age
1383631
edge-cache-tag
307461846145892134613555482002104759103,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
307461846145892134613555482002104759103,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
53
expiration
expiry-date="Fri, 28 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.klack.de/
content-length
22070
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kcgs7200151-IAD, cache-iad-kcgs7200113-IAD, cache-chi-klot8100028-CHI, cache-iad-kcgs7200134-IAD, cache-cph2320025-CPH
last-modified
Tue, 27 Jun 2023 03:24:59 GMT
server
nginx
x-timer
S1690976990.539109,VS0,VE1
etag
"aa501355bef1095b9d9e1d8bad15a63f"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 86, 1
e0b03a2f580a26f9302a84c8baf1ebe8.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e0b03a2f580a26f9302a84c8baf1ebe8.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
fbdd8e926fe49830d07f3459d33fb838cf15d4e902ce088ccf8510305cb01ec8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 02 Aug 2023 11:49:49 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e0b03a2f580a26f9302a84c8baf1ebe8.png
age
601863
edge-cache-tag
455069062593113622639845795772584133798,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
455069062593113622639845795772584133798,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
390
req-referer
https://www.pronews.gr/
content-length
11200
x-request-id
c06e481d3b121a843446eb2400896844
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kcgs7200090-IAD, cache-iad-kiad7000115-IAD, cache-sna10726-LGB, cache-iad-kiad7000030-IAD, cache-cph2320025-CPH
last-modified
Wed, 26 Jul 2023 10:45:33 GMT
server
nginx
x-timer
S1690976990.539368,VS0,VE1
etag
"c77d6e13ce2077618b7553233ae4b05a"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 7, 1
c43c7e3d6e7c54f0c907147b57c3884f.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c43c7e3d6e7c54f0c907147b57c3884f.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3499b57abade421fe89bc1736b5161b643ed4b1e1f5819a8d07d9627a392cd86

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 02 Aug 2023 11:49:49 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c43c7e3d6e7c54f0c907147b57c3884f.png
age
1224232
edge-cache-tag
481381870884026878088836615086897886743,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
481381870884026878088836615086897886743,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
57
expiration
expiry-date="Sun, 30 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.watson.de/
content-length
8632
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kiad7000133-IAD, cache-iad-kjyo7100063-IAD, cache-lga21944-LGA, cache-iad-kiad7000158-IAD, cache-cph2320025-CPH
last-modified
Thu, 29 Jun 2023 10:11:12 GMT
server
nginx
x-timer
S1690976990.553198,VS0,VE1
etag
"f403684d02a3280a50681c3ce5ef7f98"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 3, 1
8f6c90d4-4f84-4994-a65d-47d8deed6ac7__QNaiJ9uR.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/8f6c90d4-4f84-4994-a65d-47d8deed6ac7__QNaiJ9uR.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8b929999ca3ae00acd708904b7d18257d6454d641777c670ad7f7a4e4f3d8c25

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-vcl-time-ms
85
date
Wed, 02 Aug 2023 11:49:49 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/8f6c90d4-4f84-4994-a65d-47d8deed6ac7__QNaiJ9uR.jpg
age
68775
edge-cache-tag
311228645118776947664662370180193740941,484736702292238939275415265588739935819,29ecf9b93bbf306179626feeda1fab70
cache-tag
311228645118776947664662370180193740941,484736702292238939275415265588739935819,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, MISS
x-envoy-upstream-service-time
597
req-referer
https://art-news.space/2023/architecture/former-landfill-to-become-regenerative-urban-park/
content-length
11788
x-request-id
7d94f2bde6c465112c3c01d427a6bfa3
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kcgs7200083-IAD, cache-iad-kjyo7100105-IAD, cache-chi-kigq8000148-CHI, cache-iad-kiad7000138-IAD, cache-cph2320025-CPH
last-modified
Tue, 01 Aug 2023 07:47:42 GMT
server
nginx
x-timer
S1690976990.555554,VS0,VE85
etag
"d99a53d562f2f22851c69d560bf0db6e"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 7, 0
smw888.gif
us.ck-ie.com/ Frame A963 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.110.114 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Wed, 02 Aug 2023 11:49:49 GMT
Server
nginx
debug
am-trc-events.taboola.com/wallail-walla/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/wallail-walla/log/2/debug?tim=11%3A49%3A49.493&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=3286&cv=20230731-6-RELEASE&lt=deflated&pct=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:49 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
26984
supply-feature
am-trc-events.taboola.com/wallail-walla/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/wallail-walla/log/3/supply-feature?route=AM:AM:V&lti=deflated&ri=1c8173b82f0df245d6711eb505c6a8bf&sd=v2_31403e75a228f76fe9fa4dc4f83dcbf8_40abb326-6c0d-40b6-a0ad-5d4b31d68375-tuctbc3c85c_1690976988_1690976988_CIi3jgYQk-FcGOrb1LCbMSABKAEwODib4wlAhIoQSOut2QNQ____________AVgAYABowen75N2l19oVcAA&ui=40abb326-6c0d-40b6-a0ad-5d4b31d68375-tuctbc3c85c&pi=/&wi=2990753527669053458&pt=home&vi=1690976988650&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%22114.28125%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=11%3A49%3A49.521&id=8612&llvl=2&cv=20230731-6-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 02 Aug 2023 11:49:49 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
9e4e9cba07e81a09029a0d6a87ccb75b.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9e4e9cba07e81a09029a0d6a87ccb75b.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
27a269fad52fb81fccb25485bf480f6d8bbbc641bdcdcf8cb1a77ec7677fda18

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 02 Aug 2023 11:49:49 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9e4e9cba07e81a09029a0d6a87ccb75b.jpg
age
3214212
edge-cache-tag
312751848628826905265939403758272977423,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
312751848628826905265939403758272977423,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
94
expiration
expiry-date="Mon, 17 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://games.espn.com/
content-length
14578
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kiad7000087-IAD, cache-iad-kiad7000040-IAD, cache-chi-klot8100064-CHI, cache-iad-kjyo7100036-IAD, cache-cph2320025-CPH
last-modified
Fri, 16 Jun 2023 08:43:52 GMT
server
nginx
x-timer
S1690976990.577356,VS0,VE0
etag
"02e36be88840efae9919591b1f70d0a0"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 1979, 2
4485dec1-0526-4f1e-8143-b0d7824b92ee__nFeFXRpV.jpg
images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_1535%2Cx_1%2Cy_80/http%3A//cdn.taboola.com/libtrc/static/thumbnails/STABLE_DIFFUSION/ESD/ 		119 KB
120 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_1535%2Cx_1%2Cy_80/http%3A//cdn.taboola.com/libtrc/static/thumbnails/STABLE_DIFFUSION/ESD/4485dec1-0526-4f1e-8143-b0d7824b92ee__nFeFXRpV.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
29f35c2c30f76a8a6cf5f079cef45f6316b5fefc26da8c1e128c49f537e50988

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 02 Aug 2023 11:49:49 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_1535%2Cx_1%2Cy_80/http%3A//cdn.taboola.com/libtrc/static/thumbnails/STABLE_DIFFUSION/ESD/4485dec1-0526-4f1e-8143-b0d7824b92ee__nFeFXRpV.jpg
age
532178
edge-cache-tag
574293652535528156189454570587581022096,494097600193741159475367772513882090712,29ecf9b93bbf306179626feeda1fab70
cache-tag
574293652535528156189454570587581022096,494097600193741159475367772513882090712,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT
expiration
expiry-date="Sat, 12 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
content-length
122264
x-backend-name
CLOUDINARY-FALLBACK:3FP7YNX3LMizprTZsG7BSW--F_addr_taboola_res_cloudinary_com
x-served-by
cache-iad-kcgs7200178-IAD, cache-iad-kiad7000072-IAD, cache-cph2320025-CPH
last-modified
Wed, 12 Jul 2023 08:11:51 GMT
server
cloudinary
x-timer
S1690976990.579337,VS0,VE0
etag
"6c1b0dd974301de4a4353679d66ffbff"
vary
ImageFormat
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 3, 55
e6b85c1d5af30e2e06b276a608b30bf1.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e6b85c1d5af30e2e06b276a608b30bf1.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
284a7c8583cb60bb8fc9d3d599f916c1634ece2b93f135777a490359fda2018f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 02 Aug 2023 11:49:49 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e6b85c1d5af30e2e06b276a608b30bf1.png
age
1735541
edge-cache-tag
485021311748238369119660471792631892163,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
485021311748238369119660471792631892163,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
79
req-referer
https://www.consiglietrucchi.com/
content-length
15258
x-request-id
f0bad655b70525271176a4e1f20bb2ed
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kiad7000142-IAD, cache-iad-kiad7000052-IAD, cache-lax10665-LGB, cache-iad-kiad7000128-IAD, cache-cph2320025-CPH
last-modified
Thu, 13 Jul 2023 08:42:11 GMT
server
nginx
x-timer
S1690976990.583019,VS0,VE0
etag
"21132cb8e38e646fc0a8db7266328015"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 21, 2
65ec30621fd3d13e0e9b8c7ceddadb83.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/65ec30621fd3d13e0e9b8c7ceddadb83.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
64e07ecaecc267e1549ba93f92ac4c1220bb2f4b14919a02bce60e8dcdcaad66

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 02 Aug 2023 11:49:49 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/65ec30621fd3d13e0e9b8c7ceddadb83.jpg
age
786915
edge-cache-tag
502119713255400533776074291396086777426,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
502119713255400533776074291396086777426,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
519
req-referer
https://www.reviersport.de/
content-length
6888
x-request-id
2eda33d02b8565c07a5580685d0b6c73
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by
cache-iad-kcgs7200083-IAD, cache-iad-kcgs7200048-IAD, cache-chi-klot8100129-CHI, cache-iad-kjyo7100084-IAD, cache-cph2320025-CPH
last-modified
Mon, 26 Jun 2023 09:05:56 GMT
server
nginx
x-timer
S1690976990.583934,VS0,VE0
etag
"6c750f2052a4068442d8d47b371adb63"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 16, 2
fca6bdccdd8f474b36eac11a2909c3d2.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fca6bdccdd8f474b36eac11a2909c3d2.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f0b06901c61425209523bc5929df4871248ce6d83bba4d9052917f8b3b586a72

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 02 Aug 2023 11:49:49 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fca6bdccdd8f474b36eac11a2909c3d2.jpg
age
1289469
edge-cache-tag
607736366233901464753749305491352383253,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
607736366233901464753749305491352383253,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
132
expiration
expiry-date="Fri, 11 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.androidkosmos.de/
content-length
16790
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kcgs7200087-IAD, cache-iad-kiad7000028-IAD, cache-lax10624-LGB, cache-iad-kiad7000107-IAD, cache-cph2320025-CPH
last-modified
Tue, 11 Jul 2023 11:11:20 GMT
server
nginx
x-timer
S1690976990.591108,VS0,VE0
etag
"c22a7f9cc53c92c40513997b11e538f4"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 4, 2
8408b6ab-89c8-4056-ade4-ef0f108c0887__JqdavIq3.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/8408b6ab-89c8-4056-ade4-ef0f108c0887__JqdavIq3.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3bdc3d1c49a5861451ccc309d7bc2510c30463ca0a32471b4d988274b391d5a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 02 Aug 2023 11:49:49 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/8408b6ab-89c8-4056-ade4-ef0f108c0887__JqdavIq3.jpg
age
3194743
edge-cache-tag
363816907600256943450206783683725864407,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
363816907600256943450206783683725864407,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
66
req-referer
https://www.kicker.de/
content-length
2888
x-request-id
e5519afa0a24451b1487aee3a7b12ae8
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kjyo7100110-IAD, cache-iad-kcgs7200137-IAD, cache-lga21935-LGA, cache-iad-kcgs7200164-IAD, cache-cph2320025-CPH
last-modified
Fri, 23 Jun 2023 03:27:54 GMT
server
nginx
x-timer
S1690976990.615135,VS0,VE0
etag
"6b9395a7e226c26c5c34e61f6b05f4d2"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 168, 2
3568605-46.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/5/6/8/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/5/6/8/3568605-46.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d81e26c91ec4bba312b39dc1eb8c1b7c09a4e5d1430b09f96fcab55002662bd1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 02 Aug 2023 11:49:49 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/5/6/8/3568605-46.jpg
age
2001059
edge-cache-tag
379951302639720503950118435743643784254,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
379951302639720503950118435743643784254,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
82
req-referer
https://help.walla.co.il/
content-length
12708
x-request-id
4bfba9d2738224af62749756f38208cf
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by
cache-iad-kcgs7200154-IAD, cache-iad-kcgs7200141-IAD, cache-lga21925-LGA, cache-iad-kiad7000055-IAD, cache-cph2320025-CPH
last-modified
Mon, 10 Jul 2023 07:56:49 GMT
server
nginx
x-timer
S1690976990.626955,VS0,VE0
etag
"b8d220c0f868d24e07e95b14289e9a14"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 38, 2
3371057-46.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/3/7/1/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/3/7/1/3371057-46.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
20eefda5e8fdfa079f96d95aa209ad655ec7025054be4c5d5157d9873e2cc29e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 02 Aug 2023 11:49:49 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/3/7/1/3371057-46.jpg
age
3277840
edge-cache-tag
588321840535500269142707029650274104581,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
588321840535500269142707029650274104581,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
191
expiration
expiry-date="Sun, 16 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.walla.co.il/
content-length
23798
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by
cache-iad-kiad7000139-IAD, cache-iad-kcgs7200176-IAD, cache-lga21968-LGA, cache-iad-kiad7000117-IAD, cache-cph2320025-CPH
last-modified
Thu, 15 Jun 2023 11:29:26 GMT
server
nginx
x-timer
S1690976990.628756,VS0,VE0
etag
"0a78de8d806512706443bf4d90bd66f6"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 1, 40, 2
7a67808f-2f8c-4a8b-88db-19c9a30f2731__PRKQE0wY.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/7a67808f-2f8c-4a8b-88db-19c9a30f2731__PRKQE0wY.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
15288727a5b8d5400bad2146718c4e7900437d89971e8920028a6a1d9ec3255d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 02 Aug 2023 11:49:49 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/7a67808f-2f8c-4a8b-88db-19c9a30f2731__PRKQE0wY.jpg
age
1383631
edge-cache-tag
307461846145892134613555482002104759103,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
307461846145892134613555482002104759103,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
53
expiration
expiry-date="Fri, 28 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.klack.de/
content-length
22070
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kcgs7200151-IAD, cache-iad-kcgs7200113-IAD, cache-chi-klot8100028-CHI, cache-iad-kcgs7200134-IAD, cache-cph2320025-CPH
last-modified
Tue, 27 Jun 2023 03:24:59 GMT
server
nginx
x-timer
S1690976990.629102,VS0,VE0
etag
"aa501355bef1095b9d9e1d8bad15a63f"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 86, 2
e0b03a2f580a26f9302a84c8baf1ebe8.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e0b03a2f580a26f9302a84c8baf1ebe8.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
fbdd8e926fe49830d07f3459d33fb838cf15d4e902ce088ccf8510305cb01ec8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 02 Aug 2023 11:49:49 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e0b03a2f580a26f9302a84c8baf1ebe8.png
age
601863
edge-cache-tag
455069062593113622639845795772584133798,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
455069062593113622639845795772584133798,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
390
req-referer
https://www.pronews.gr/
content-length
11200
x-request-id
c06e481d3b121a843446eb2400896844
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kcgs7200090-IAD, cache-iad-kiad7000115-IAD, cache-sna10726-LGB, cache-iad-kiad7000030-IAD, cache-cph2320025-CPH
last-modified
Wed, 26 Jul 2023 10:45:33 GMT
server
nginx
x-timer
S1690976990.630200,VS0,VE0
etag
"c77d6e13ce2077618b7553233ae4b05a"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 7, 2
1306685519__WzQg8JOR.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1306685519__WzQg8JOR.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8ca6863d16ef1aab9af8b4982cf5ac4cd13952cab01ef684ec9db53a62f1d981

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 02 Aug 2023 11:49:49 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1306685519__WzQg8JOR.jpg
age
1050074
edge-cache-tag
430928593540357712260853476547503447543,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
430928593540357712260853476547503447543,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
38
req-referer
https://www.calcalistech.com/
content-length
4912
x-request-id
99381793e06f73beed01022c075823da
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by
cache-iad-kjyo7100076-IAD, cache-iad-kjyo7100071-IAD, cache-chi-kigq8000150-CHI, cache-iad-kjyo7100063-IAD, cache-cph2320025-CPH
last-modified
Sun, 02 Jul 2023 20:04:16 GMT
server
nginx
x-timer
S1690976990.650792,VS0,VE0
etag
"b6d0bbb94f9efca5d758a304d04d33c0"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 2, 1
81b0729bada37132dbbc2f3157781bf8.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/81b0729bada37132dbbc2f3157781bf8.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5e5278ced9ec4bd5255603ee5dabfd6f7100ef1aea082e72bf11cecadb2bf6d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 02 Aug 2023 11:49:49 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/81b0729bada37132dbbc2f3157781bf8.jpeg
age
1285980
edge-cache-tag
357954298713990155053928992510195782714,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
357954298713990155053928992510195782714,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
276
expiration
expiry-date="Thu, 17 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://ensiforex.com/in-2022-the-economy-is-expected-to-return-to-normal/
content-length
28454
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kiad7000108-IAD, cache-iad-kiad7000079-IAD, cache-sna10730-LGB, cache-iad-kiad7000138-IAD, cache-cph2320025-CPH
last-modified
Mon, 17 Jul 2023 19:03:22 GMT
server
nginx
x-timer
S1690976990.663842,VS0,VE0
etag
"0c8732d2ad9c7c23e568507fe7c46d49"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 19, 1
c43c7e3d6e7c54f0c907147b57c3884f.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c43c7e3d6e7c54f0c907147b57c3884f.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3499b57abade421fe89bc1736b5161b643ed4b1e1f5819a8d07d9627a392cd86

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 02 Aug 2023 11:49:49 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c43c7e3d6e7c54f0c907147b57c3884f.png
age
1224232
edge-cache-tag
481381870884026878088836615086897886743,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
481381870884026878088836615086897886743,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
57
expiration
expiry-date="Sun, 30 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.watson.de/
content-length
8632
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kiad7000133-IAD, cache-iad-kjyo7100063-IAD, cache-lga21944-LGA, cache-iad-kiad7000158-IAD, cache-cph2320025-CPH
last-modified
Thu, 29 Jun 2023 10:11:12 GMT
server
nginx
x-timer
S1690976990.665699,VS0,VE0
etag
"f403684d02a3280a50681c3ce5ef7f98"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 3, 2
csi
csi.gstatic.com/ Frame 174B 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=4~lkto1fgc&c=3339420054479&slotId=1669710027239.5&qqid=CNLR9ZX0vYADFb_tuwgdtHIBNw&fb=ima_html5-lima&sdkv=h.3.583.1&ppt=videojs-ima&ppv=1.11.0&mrd=4&aab=1&itv=1&gpm_i=12&gpm_c=12&gpm_a=11&smb=1000&br=999&mt=video%2Fmp4&vs=960x540&ua_e=1&webm=0&vp9=0&vamt=application%2Fx-mpegurl%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=692&vsrc=web_video_ads&fas=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.583.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4001:c61::78 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:49 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
8f6c90d4-4f84-4994-a65d-47d8deed6ac7__QNaiJ9uR.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/8f6c90d4-4f84-4994-a65d-47d8deed6ac7__QNaiJ9uR.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8b929999ca3ae00acd708904b7d18257d6454d641777c670ad7f7a4e4f3d8c25

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 02 Aug 2023 11:49:49 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/8f6c90d4-4f84-4994-a65d-47d8deed6ac7__QNaiJ9uR.jpg
age
68775
edge-cache-tag
311228645118776947664662370180193740941,484736702292238939275415265588739935819,29ecf9b93bbf306179626feeda1fab70
cache-tag
311228645118776947664662370180193740941,484736702292238939275415265588739935819,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
597
req-referer
https://art-news.space/2023/architecture/former-landfill-to-become-regenerative-urban-park/
content-length
11788
x-request-id
7d94f2bde6c465112c3c01d427a6bfa3
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kcgs7200083-IAD, cache-iad-kjyo7100105-IAD, cache-chi-kigq8000148-CHI, cache-iad-kiad7000138-IAD, cache-cph2320025-CPH
last-modified
Tue, 01 Aug 2023 07:47:42 GMT
server
nginx
x-timer
S1690976990.684542,VS0,VE0
etag
"d99a53d562f2f22851c69d560bf0db6e"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 7, 1
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 174B 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CtB_f3ELKZNLzL7_b7_UPtOWFuAPr0sWTb9jTw8-JEb__uePXAhABIJmjzypglYKAgKwHoAHIx7XyAsgBBagDAcgDE5gEAKoEngJP0K0CzJS52GsX-cJ299NrAi8GiCEHG-zQwXW74mYQ7FaV-VevNb8df_A64rBAP5w_xoyMoxbrGR6bRCOOOJHbF6E-i7uG0g3YG0_N1cf5PhvkTdGL4_dqCxuuk7oJSAZ7LdsltfXLv5HG1SPdixYPpoAINwtfWmacClTp0rR85sLafwgwprqYxFNeCL60aaZvUAGppCqC_JlPobFwWhRO6UPsWSIy1rxhyErAyYVuxlrp9eBByZd9zMb-UL8Mwv72P5CHBlH4wwJbOuoD2MTRsiirPNXUG3Ryk3-UR_gBVUZBszKL42Grtoj23kyNWGXNuoaPGCXl-9_5bGOS5rUOfQUmLM5bErJCGMYYg9N6FQb3q6N85PneWC11Sj82wAS7tLi-3APgBAOQBgGgBk6AB6C4yo0BqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDAgqBgoEw7CxArAToqzZEdATANgTDIgUAtgUAdAVAfgWAYAXAQ&sigh=1bSq9ZI9TLk&label=video_ad_loaded&sdkv=h.3.583.1&vci=CkUIAhoLQWRTZW5zZS9BZFggAyoMNjM3NzE2NzM4ODkyQABaImRvdWJsZWNsaWNrYnlnb29nbGUuY29tLW9taWQtdmlkZW8KigEIARIVYmlkLmcuZG91YmxlY2xpY2submV0GgNEQk0gAyoJNTQ0MzY3MTIxMgkxODI2NDM2NzRAsQFSMgjnBxAPJQAAIEEoAToHdW5rbm93bkIHdW5rbm93blAAWhBLdThSazVlM2Y3RDNDRkhQWhtkb3VibGVjbGlja2J5Z29vZ2xlLmNvbS1kc3AYAQ..
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 174B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=omid_integration_debug&corr=5108620&message=i&sdkv=h.3.583.1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.583.1_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame 174B 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.583.1_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 06:25:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
365055
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Jul 2024 06:25:34 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 174B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=omid_integration_debug&corr=5108620&message=ps&sdkv=h.3.583.1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.583.1_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 174B 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 174B 		0
557 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssD1iiN_GHrqLwkDbdzYsFlN0qRq9GY-og6VSQGshz0EzjrQfy-Yz8MWBxYtdFO3aAHx5UCP4dLsChOrnx4BFY54XK6gBObeYmEFk-DC8fU0vspFrPWo5EzlbCNAMqw18Iy7a-YixivaUb-W1Fb8Ac6QkRN7fJ4ww7jicbxpprr3ssLrqoGaQpTjMonoKwBvAcNWaBRdbDsNLHQvWqE60xTELU6NYAkLCOE-yFj6oWV4KBXdGozhw8lU5Uudu8bXTg4CtUgxpDhnq2ig8shFKiN38uwP_LHnY8hSPlLuS8j57ir6UQHRfm3fS_jyfgY2NTZG1-i1X65wmjiEKs-5Z7oG2FtAniADP8x3y9wdNjfUEC8IUHegKE6yW2U7-CfLmsH3llRyil39xnmfE073uY76k0z_bI_BEWcPS0-FzZIq9NRxF-dU2n5gIYCjczAn92fFZ87Eeh5Chx4cQTnUg-hmQBswKOI5HKbIwxlz2CsCS89D5oGefVeUA4QbpTBW_toO1k7RDumB6f-Wxe9mO7SS4kTuCuanBSRH9LQmMW72Vt06eJdS_VWL-0bTy-YZHi-HgOTSnFFcVqVFwrCqdMpby3J17iTIl5rbNCUlP-aZa80iHDKJUagpmPb88mP9DNhS8oIz5bh_BjAH4XQ2V9AjJJnPdahNf35uT7gDTMBrE8yeIuZlKsuN47Jm53FazZF-XL12JUIl6JpHuwXvSg0lBuIooot_XK_Z_7XKmuGnWP_-zDOIhla4T4WZSomLsPo3Cawrg99ga5_aTyLScls7TfyvoVR5cyYeYXcVMiW5Pd4eHymTJBJ7myRqJPmWIjU8IfLi0oM1ACnKNZu_auW_vx2pcM2o_j_va4QjH2-ygOCv-yzizBgxTuzsEMD4d9CeVh57-s4BAb6eRAsIUPCBscTcZrHKmH_Ay686zvSUmUZYvESk6vMWd9OazEtu3lW3U9HI0wekB2qbMlISr_2QD3yirSMmCThkev--hYCa2H4ebvYAPd4cwYyximTjSDwrTcHEdjkwTGqYYffmhQOCerVorGtay9omoCP0H1bvuuX2vhhYT_oWcgdldu6GvM3teCBf9qqf5KEtqVv5PlwsNcGwiF0PuI_QxwDU69qCaHEzRum2VrhRZJ8ksJ9X-aLWxNG-5BsUs6adVzGsRRHN3Xt0Yk9jJt6zsL05iZ-qrGPlJ_5SznNwzYZo5vgiOD7v2Qkpu_KROMhSFEwYZz7KVtKsUG838ArsmO3wjbLAMsPrY3fEhNZWh-UIjgxUiNgFqsmkIPkGAjSW_KzVGo_FV7bdWM0vbbLRtPZQh-Rn5q0jJBY3KS9LgSC&sai=AMfl-YTlDopxgrGpIzy9agBcnbOeF_0tTuzynDdkrV-qLDARKiPjZM6axngMP9xFmQ_Bs1xiSitFHo4zGNQE4FMEEGu287yEublcvtBAi-lTOOdSCpUkxrxy-gLRsR4ZuFGpFICfxC6JtTRbn9CF8woIW-H2kUMXoeoB8hHqxIgSvvAmDnpiMu5tSvsQllPphWM1kCaDgrVc4WnOQYBfZiMP8ONjgDXAWyCdurAg-FbasSZQVZESsh117AwxqDQIqN6xWLUk6Y0&sig=Cg0ArKJSzMhEefbDePMqEAE&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&fbs_aeid=[gw_fbsaeid]&urlfix=1&sdkv=h.3.583.1&adurl=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 02 Aug 2023 11:49:49 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 174B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARi_l_naASABMAE&v=APEucNUN3sQOWy03fwarwFqlm3xrN1nXTn2-Jp-0Z5J9AoYEIsJ1rUf-ZWYkJzQ1PrlYhi86R1OQK4RhSCHhzSS-1kr5P4xvJQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 174B 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CtB_f3ELKZNLzL7_b7_UPtOWFuAPr0sWTb9jTw8-JEb__uePXAhABIJmjzypglYKAgKwHoAHIx7XyAsgBBagDAcgDE5gEAKoEngJP0K0CzJS52GsX-cJ299NrAi8GiCEHG-zQwXW74mYQ7FaV-VevNb8df_A64rBAP5w_xoyMoxbrGR6bRCOOOJHbF6E-i7uG0g3YG0_N1cf5PhvkTdGL4_dqCxuuk7oJSAZ7LdsltfXLv5HG1SPdixYPpoAINwtfWmacClTp0rR85sLafwgwprqYxFNeCL60aaZvUAGppCqC_JlPobFwWhRO6UPsWSIy1rxhyErAyYVuxlrp9eBByZd9zMb-UL8Mwv72P5CHBlH4wwJbOuoD2MTRsiirPNXUG3Ryk3-UR_gBVUZBszKL42Grtoj23kyNWGXNuoaPGCXl-9_5bGOS5rUOfQUmLM5bErJCGMYYg9N6FQb3q6N85PneWC11Sj82wAS7tLi-3APgBAOQBgGgBk6AB6C4yo0BqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDAgqBgoEw7CxArAToqzZEdATANgTDIgUAtgUAdAVAfgWAYAXAQ&sigh=1bSq9ZI9TLk&label=vast_creativeview&ad_mt=0&sdkv=h.3.583.1&vci=CkUIAhoLQWRTZW5zZS9BZFggAyoMNjM3NzE2NzM4ODkyQABaImRvdWJsZWNsaWNrYnlnb29nbGUuY29tLW9taWQtdmlkZW8KjQEIARIVYmlkLmcuZG91YmxlY2xpY2submV0GgNEQk0gAyoJNTQ0MzY3MTIxMgkxODI2NDM2NzRAsQFSNQjnBxAPJQAAIEEoAToHdW5rbm93bkIHdW5rbm93bkjqAlAAWhBLdThSazVlM2Y3RDNDRkhQWhtkb3VibGVjbGlja2J5Z29vZ2xlLmNvbS1kc3AYAQ..
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIyL2SlvS9gAMV0UcdCR3EEg8OEAAYACDa14tXQhMI0tH1lfS9gAMVv-27CB20cgE3;met=1;ecn1=1;etm1=0;eid1=11;
ade.googlesyndication.com/ddm/activity/ Frame 174B 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIyL2SlvS9gAMV0UcdCR3EEg8OEAAYACDa14tXQhMI0tH1lfS9gAMVv-27CB20cgE3;met=1;ecn1=1;etm1=0;eid1=11;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 174B 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CtB_f3ELKZNLzL7_b7_UPtOWFuAPr0sWTb9jTw8-JEb__uePXAhABIJmjzypglYKAgKwHoAHIx7XyAsgBBagDAcgDE5gEAKoEngJP0K0CzJS52GsX-cJ299NrAi8GiCEHG-zQwXW74mYQ7FaV-VevNb8df_A64rBAP5w_xoyMoxbrGR6bRCOOOJHbF6E-i7uG0g3YG0_N1cf5PhvkTdGL4_dqCxuuk7oJSAZ7LdsltfXLv5HG1SPdixYPpoAINwtfWmacClTp0rR85sLafwgwprqYxFNeCL60aaZvUAGppCqC_JlPobFwWhRO6UPsWSIy1rxhyErAyYVuxlrp9eBByZd9zMb-UL8Mwv72P5CHBlH4wwJbOuoD2MTRsiirPNXUG3Ryk3-UR_gBVUZBszKL42Grtoj23kyNWGXNuoaPGCXl-9_5bGOS5rUOfQUmLM5bErJCGMYYg9N6FQb3q6N85PneWC11Sj82wAS7tLi-3APgBAOQBgGgBk6AB6C4yo0BqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDAgqBgoEw7CxArAToqzZEdATANgTDIgUAtgUAdAVAfgWAYAXAQ&sigh=1bSq9ZI9TLk&label=part2viewed&ad_mt=0&sdkv=h.3.583.1&vci=CkUIAhoLQWRTZW5zZS9BZFggAyoMNjM3NzE2NzM4ODkyQABaImRvdWJsZWNsaWNrYnlnb29nbGUuY29tLW9taWQtdmlkZW8KjQEIARIVYmlkLmcuZG91YmxlY2xpY2submV0GgNEQk0gAyoJNTQ0MzY3MTIxMgkxODI2NDM2NzRAsQFSNQjnBxAPJQAAIEEoAToHdW5rbm93bkIHdW5rbm93bkjqAlAAWhBLdThSazVlM2Y3RDNDRkhQWhtkb3VibGVjbGlja2J5Z29vZ2xlLmNvbS1kc3AYAQ..
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIyL2SlvS9gAMV0UcdCR3EEg8OEAAYACDa14tXQhMI0tH1lfS9gAMVv-27CB20cgE3;met=1;ecn1=1;etm1=0;eid1=16;
ade.googlesyndication.com/ddm/activity/ Frame 174B 		42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIyL2SlvS9gAMV0UcdCR3EEg8OEAAYACDa14tXQhMI0tH1lfS9gAMVv-27CB20cgE3;met=1;ecn1=1;etm1=0;eid1=16;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 174B 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CtB_f3ELKZNLzL7_b7_UPtOWFuAPr0sWTb9jTw8-JEb__uePXAhABIJmjzypglYKAgKwHoAHIx7XyAsgBBagDAcgDE5gEAKoEngJP0K0CzJS52GsX-cJ299NrAi8GiCEHG-zQwXW74mYQ7FaV-VevNb8df_A64rBAP5w_xoyMoxbrGR6bRCOOOJHbF6E-i7uG0g3YG0_N1cf5PhvkTdGL4_dqCxuuk7oJSAZ7LdsltfXLv5HG1SPdixYPpoAINwtfWmacClTp0rR85sLafwgwprqYxFNeCL60aaZvUAGppCqC_JlPobFwWhRO6UPsWSIy1rxhyErAyYVuxlrp9eBByZd9zMb-UL8Mwv72P5CHBlH4wwJbOuoD2MTRsiirPNXUG3Ryk3-UR_gBVUZBszKL42Grtoj23kyNWGXNuoaPGCXl-9_5bGOS5rUOfQUmLM5bErJCGMYYg9N6FQb3q6N85PneWC11Sj82wAS7tLi-3APgBAOQBgGgBk6AB6C4yo0BqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDAgqBgoEw7CxArAToqzZEdATANgTDIgUAtgUAdAVAfgWAYAXAQ&sigh=1bSq9ZI9TLk&label=admute&ad_mt=0&sdkv=h.3.583.1&vci=CkUIAhoLQWRTZW5zZS9BZFggAyoMNjM3NzE2NzM4ODkyQABaImRvdWJsZWNsaWNrYnlnb29nbGUuY29tLW9taWQtdmlkZW8KjQEIARIVYmlkLmcuZG91YmxlY2xpY2submV0GgNEQk0gAyoJNTQ0MzY3MTIxMgkxODI2NDM2NzRAsQFSNQjnBxAPJQAAIEEoAToHdW5rbm93bkIHdW5rbm93bkjqAlAAWhBLdThSazVlM2Y3RDNDRkhQWhtkb3VibGVjbGlja2J5Z29vZ2xlLmNvbS1kc3AYAQ..
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame 205E 		23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
187642
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
7799
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 31 Jul 2023 07:42:27 GMT
expires
Tue, 30 Jul 2024 07:42:27 GMT
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
st
imprammp.taboola.com/ Frame 8CB4 		422 B
402 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8aAwCLAYA_4MpY_SMXRAA_gdTxugZuygAAABgYID-AAlOBivbaONcK2Ymm1u03I3cCsdwtJZ5Rs6Fa-ZZ-IaLISDByWBlG22ca8XMZHOLlruRW-EYjtYyz8i5cM08C99wMQUXxnKZDGqBkO92GR4-l0FFN5ldns8bYKDpdPhc93rd73fXPcxmh13jtyvNfjkAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BAIpDwv3NNqPD57L7AwAAAAAIAAAAABIACOK_JQBicCdP_P_________HGKDPvJHx____f8OgB8CDD4AHIQAAAB9DuDHLe_BdQAqIFIQWYQQAAAAgW04b48gknaBiUeX__7_fCsAVAICARNsKl6IsuoMSb2EAAAAAxAjBlxCN3PGgj1mgh8XvNzvsGr_bZf7_________zfyf-Ucj1MSVkiZowpVCzS8gAMCaX0AAADbjBgDgjQCckIOBptPhc93rdb_fXfcwmx12jd-uNPtFJyFWi8lkMJksVkchdsPZYjdbLCazAwAAAHDn____H48QfAnRyB0Puh6QWYwGm5VvtbBMhjPfbOZyzhymkcc0M25GHovNuD3UGckeXi9zj30ykO92GR4-l0FFN5ldns9BfNAwLCeDYH4mbDFaTSab5XC2XEwGw9FwNNqfgVisBmgiBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHQYGGxeCaztWxjGLlFg4ltrTAsTG7VyDTxLEa24Wa3WoteH9PF49kYVxsvEgwI2YvkaZFOFBvjYreZGCczw8hmGa1Gtt1isbK4BquNbWGc2CxiieZkkU5kl31nMRpsVr7VwjIZznyzmcs5c5hGHtPMuBl5LDbjvjRYWCyeyWwt2xhGbtFgYlsrDAuTWzUyTTyLkW242a3WotfHdPF4NsbVxt-YLQfL3Ww5HO4bs-VguZsth8N9h8n0TH3ORtct4_j4lItjzKG4OQ0Kl8Hi_UlMi2l3dhCdfEenzzpdFnVGv9_v9_v9fr_f7zdoPQezQeH7Xnbfak4ZO5Z7W8fBoIglgot0onuYzQ6n2a17mM0Oi1iiNF2kE33R73YZHj6XvyKWCE4X6UTod7ss6j9ykMVurliM5pLFcC4ZrRIAAAAAAAAAgCWYZroJAAAAgJNBDSebzWqdDmayGq4Wq-UCuICZ1PXTq7wCoqtctislUIlvuw5bolhjjzXcw2x2OM1u3cNsdlgZwIXLN7PNPiOItVotawAAAALYAAAAArjpxpsAsiju____fxwAAAAZOfQAAADo9wFN6fTAjV4r_ANQIdZqtbrdWKvVClhAq8VoM4EABDYj!&cmcv=&pix=undefined&cb=1690976989735&uv=3312&tms=1690976989735&abt=ll418_vB!nonrv_vA!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=820e64c9-1fdf-497d-a184-f3d9a5f3a781&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.1.7/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
41fcd7abe2a8f24a5e8c058cd6b04475172bbe622b4150b22a9861c8917536a5

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Wed, 02 Aug 2023 11:49:50 GMT
server
nginx
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-cph2320025-CPH
x-timer
S1690976990.764276,VS0,VE437
sync
am-match.taboola.com/ Frame B7C0 		422 B
507 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V8aAwCLAYA_4MpY_SMXRAA_gdTxugZuygAAABgYID-AAlOBivbaONcK2Ymm1u03I3cCsdwtJZ5Rs6Fa-ZZ-IaLISDByWBlG22ca8XMZHOLlruRW-EYjtYyz8i5cM08C99wMQUXxnKZDGqBkO92GR4-l0FFN5ldns8bYKDpdPhc93rd73fXPcxmh13jtyvNfjkAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BAIpDwv3NNqPD57L7AwAAAAAIAAAAABIACOK_JQBicCdP_P_________HGKDPvJHx____f8OgB8CDD4AHIQAAAB9DuDHLe_BdQAqIFIQWYQQAAAAgW04b48gknaBiUeX__7_fCsAVAICARNsKl6IsuoMSb2EAAAAAxAjBlxCN3PGgj1mgh8XvNzvsGr_bZf7_________zfyf-Ucj1MSVkiZowpVCzS8gAMCaX0AAADbjBgDgjQCckIOBptPhc93rdb_fXfcwmx12jd-uNPtFJyFWi8lkMJksVkchdsPZYjdbLCazAwAAAHDn____H48QfAnRyB0Puh6QWYwGm5VvtbBMhjPfbOZyzhymkcc0M25GHovNuD3UGckeXi9zj30ykO92GR4-l0FFN5ldns9BfNAwLCeDYH4mbDFaTSab5XC2XEwGw9FwNNqfgVisBmgiBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHQYGGxeCaztWxjGLlFg4ltrTAsTG7VyDTxLEa24Wa3WoteH9PF49kYVxsvEgwI2YvkaZFOFBvjYreZGCczw8hmGa1Gtt1isbK4BquNbWGc2CxiieZkkU5kl31nMRpsVr7VwjIZznyzmcs5c5hGHtPMuBl5LDbjvjRYWCyeyWwt2xhGbtFgYlsrDAuTWzUyTTyLkW242a3WotfHdPF4NsbVxt-YLQfL3Ww5HO4bs-VguZsth8N9h8n0TH3ORtct4_j4lItjzKG4OQ0Kl8Hi_UlMi2l3dhCdfEenzzpdFnVGv9_v9_v9fr_f7zdoPQezQeH7Xnbfak4ZO5Z7W8fBoIglgot0onuYzQ6n2a17mM0Oi1iiNF2kE33R73YZHj6XvyKWCE4X6UTod7ss6j9ykMVurliM5pLFcC4ZrRIAAAAAAAAAgCWYZroJAAAAgJNBDSebzWqdDmayGq4Wq-UCuICZ1PXTq7wCoqtctislUIlvuw5bolhjjzXcw2x2OM1u3cNsdlgZwIXLN7PNPiOItVotawAAAALYAAAAArjpxpsAsiju____fxwAAAAZOfQAAADo9wFN6fTAjV4r_ANQIdZqtbrdWKvVClhAq8VoM4EABDYj!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.1.7/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
41fcd7abe2a8f24a5e8c058cd6b04475172bbe622b4150b22a9861c8917536a5

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Wed, 02 Aug 2023 11:49:49 GMT
machineid
3408
server
nginx
st
am-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8aAwCLAYA_4MpY_SMXRAA_gdTxugZuygAAABgYID-AAlOBivbaONcK2Ymm1u03I3cCsdwtJZ5Rs6Fa-ZZ-IaLISDByWBlG22ca8XMZHOLlruRW-EYjtYyz8i5cM08C99wMQUXxnKZDGqBkO92GR4-l0FFN5ldns8bYKDpdPhc93rd73fXPcxmh13jtyvNfjkAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BAIpDwv3NNqPD57L7AwAAAAAIAAAAABIACOK_JQBicCdP_P_________HGKDPvJHx____f8OgB8CDD4AHIQAAAB9DuDHLe_BdQAqIFIQWYQQAAAAgW04b48gknaBiUeX__7_fCsAVAICARNsKl6IsuoMSb2EAAAAAxAjBlxCN3PGgj1mgh8XvNzvsGr_bZf7_________zfyf-Ucj1MSVkiZowpVCzS8gAMCaX0AAADbjBgDgjQCckIOBptPhc93rdb_fXfcwmx12jd-uNPtFJyFWi8lkMJksVkchdsPZYjdbLCazAwAAAHDn____H48QfAnRyB0Puh6QWYwGm5VvtbBMhjPfbOZyzhymkcc0M25GHovNuD3UGckeXi9zj30ykO92GR4-l0FFN5ldns9BfNAwLCeDYH4mbDFaTSab5XC2XEwGw9FwNNqfgVisBmgiBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHQYGGxeCaztWxjGLlFg4ltrTAsTG7VyDTxLEa24Wa3WoteH9PF49kYVxsvEgwI2YvkaZFOFBvjYreZGCczw8hmGa1Gtt1isbK4BquNbWGc2CxiieZkkU5kl31nMRpsVr7VwjIZznyzmcs5c5hGHtPMuBl5LDbjvjRYWCyeyWwt2xhGbtFgYlsrDAuTWzUyTTyLkW242a3WotfHdPF4NsbVxt-YLQfL3Ww5HO4bs-VguZsth8N9h8n0TH3ORtct4_j4lItjzKG4OQ0Kl8Hi_UlMi2l3dhCdfEenzzpdFnVGv9_v9_v9fr_f7zdoPQezQeH7Xnbfak4ZO5Z7W8fBoIglgot0onuYzQ6n2a17mM0Oi1iiNF2kE33R73YZHj6XvyKWCE4X6UTod7ss6j9ykMVurliM5pLFcC4ZrRIAAAAAAAAAgCWYZroJAAAAgJNBDSebzWqdDmayGq4Wq-UCuICZ1PXTq7wCoqtctislUIlvuw5bolhjjzXcw2x2OM1u3cNsdlgZwIXLN7PNPiOItVotawAAAALYAAAAArjpxpsAsiju____fxwAAAAZOfQAAADo9wFN6fTAjV4r_ANQIdZqtbrdWKvVClhAq8VoM4EABDYj!&cmcv=&pix=31589837&cb=1690976989735&uv=3312&tms=1690976989735&abt=ll418_vB!nonrv_vA!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1690976986616.4!ts:1690976989735&mntl=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:49 GMT
content-length
0
server
nginx
YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js
pagead2.googlesyndication.com/bg/ Frame 205E 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
616caa77f3b26bf752bc7e76e496c90f09e972978a16e9fd7111d8f23009f504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 21:23:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
52004
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14704
x-xss-protection
0
last-modified
Mon, 24 Jul 2023 13:39:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 31 Jul 2024 21:23:05 GMT
generic
match.adsrvr.org/track/cmf/ Frame B7C0 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8aAwCLAYA_4MpY_SMXRAA_gdTxugZuygAAABgYID-AAlOBivbaONcK2Ymm1u03I3cCsdwtJZ5Rs6Fa-ZZ-IaLISDByWBlG22ca8XMZHOLlruRW-EYjtYyz8i5cM08C99wMQUXxnKZDGqBkO92GR4-l0FFN5ldns8bYKDpdPhc93rd73fXPcxmh13jtyvNfjkAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BAIpDwv3NNqPD57L7AwAAAAAIAAAAABIACOK_JQBicCdP_P_________HGKDPvJHx____f8OgB8CDD4AHIQAAAB9DuDHLe_BdQAqIFIQWYQQAAAAgW04b48gknaBiUeX__7_fCsAVAICARNsKl6IsuoMSb2EAAAAAxAjBlxCN3PGgj1mgh8XvNzvsGr_bZf7_________zfyf-Ucj1MSVkiZowpVCzS8gAMCaX0AAADbjBgDgjQCckIOBptPhc93rdb_fXfcwmx12jd-uNPtFJyFWi8lkMJksVkchdsPZYjdbLCazAwAAAHDn____H48QfAnRyB0Puh6QWYwGm5VvtbBMhjPfbOZyzhymkcc0M25GHovNuD3UGckeXi9zj30ykO92GR4-l0FFN5ldns9BfNAwLCeDYH4mbDFaTSab5XC2XEwGw9FwNNqfgVisBmgiBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHQYGGxeCaztWxjGLlFg4ltrTAsTG7VyDTxLEa24Wa3WoteH9PF49kYVxsvEgwI2YvkaZFOFBvjYreZGCczw8hmGa1Gtt1isbK4BquNbWGc2CxiieZkkU5kl31nMRpsVr7VwjIZznyzmcs5c5hGHtPMuBl5LDbjvjRYWCyeyWwt2xhGbtFgYlsrDAuTWzUyTTyLkW242a3WotfHdPF4NsbVxt-YLQfL3Ww5HO4bs-VguZsth8N9h8n0TH3ORtct4_j4lItjzKG4OQ0Kl8Hi_UlMi2l3dhCdfEenzzpdFnVGv9_v9_v9fr_f7zdoPQezQeH7Xnbfak4ZO5Z7W8fBoIglgot0onuYzQ6n2a17mM0Oi1iiNF2kE33R73YZHj6XvyKWCE4X6UTod7ss6j9ykMVurliM5pLFcC4ZrRIAAAAAAAAAgCWYZroJAAAAgJNBDSebzWqdDmayGq4Wq-UCuICZ1PXTq7wCoqtctislUIlvuw5bolhjjzXcw2x2OM1u3cNsdlgZwIXLN7PNPiOItVotawAAAALYAAAAArjpxpsAsiju____fxwAAAAZOfQAAADo9wFN6fTAjV4r_ANQIdZqtbrdWKvVClhAq8VoM4EABDYj!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 02 Aug 2023 11:49:49 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
40abb326-6c0d-40b6-a0ad-5d4b31d68375-tuctbc3c85c
pr-bh.ybp.yahoo.com/sync/taboola/ Frame B7C0 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/40abb326-6c0d-40b6-a0ad-5d4b31d68375-tuctbc3c85c?gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8aAwCLAYA_4MpY_SMXRAA_gdTxugZuygAAABgYID-AAlOBivbaONcK2Ymm1u03I3cCsdwtJZ5Rs6Fa-ZZ-IaLISDByWBlG22ca8XMZHOLlruRW-EYjtYyz8i5cM08C99wMQUXxnKZDGqBkO92GR4-l0FFN5ldns8bYKDpdPhc93rd73fXPcxmh13jtyvNfjkAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BAIpDwv3NNqPD57L7AwAAAAAIAAAAABIACOK_JQBicCdP_P_________HGKDPvJHx____f8OgB8CDD4AHIQAAAB9DuDHLe_BdQAqIFIQWYQQAAAAgW04b48gknaBiUeX__7_fCsAVAICARNsKl6IsuoMSb2EAAAAAxAjBlxCN3PGgj1mgh8XvNzvsGr_bZf7_________zfyf-Ucj1MSVkiZowpVCzS8gAMCaX0AAADbjBgDgjQCckIOBptPhc93rdb_fXfcwmx12jd-uNPtFJyFWi8lkMJksVkchdsPZYjdbLCazAwAAAHDn____H48QfAnRyB0Puh6QWYwGm5VvtbBMhjPfbOZyzhymkcc0M25GHovNuD3UGckeXi9zj30ykO92GR4-l0FFN5ldns9BfNAwLCeDYH4mbDFaTSab5XC2XEwGw9FwNNqfgVisBmgiBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHQYGGxeCaztWxjGLlFg4ltrTAsTG7VyDTxLEa24Wa3WoteH9PF49kYVxsvEgwI2YvkaZFOFBvjYreZGCczw8hmGa1Gtt1isbK4BquNbWGc2CxiieZkkU5kl31nMRpsVr7VwjIZznyzmcs5c5hGHtPMuBl5LDbjvjRYWCyeyWwt2xhGbtFgYlsrDAuTWzUyTTyLkW242a3WotfHdPF4NsbVxt-YLQfL3Ww5HO4bs-VguZsth8N9h8n0TH3ORtct4_j4lItjzKG4OQ0Kl8Hi_UlMi2l3dhCdfEenzzpdFnVGv9_v9_v9fr_f7zdoPQezQeH7Xnbfak4ZO5Z7W8fBoIglgot0onuYzQ6n2a17mM0Oi1iiNF2kE33R73YZHj6XvyKWCE4X6UTod7ss6j9ykMVurliM5pLFcC4ZrRIAAAAAAAAAgCWYZroJAAAAgJNBDSebzWqdDmayGq4Wq-UCuICZ1PXTq7wCoqtctislUIlvuw5bolhjjzXcw2x2OM1u3cNsdlgZwIXLN7PNPiOItVotawAAAALYAAAAArjpxpsAsiju____fxwAAAAZOfQAAADo9wFN6fTAjV4r_ANQIdZqtbrdWKvVClhAq8VoM4EABDYj!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:cb40:4a86:732c:5dc5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:50 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
x.bidswitch.net/ Frame B7C0 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8aAwCLAYA_4MpY_SMXRAA_gdTxugZuygAAABgYID-AAlOBivbaONcK2Ymm1u03I3cCsdwtJZ5Rs6Fa-ZZ-IaLISDByWBlG22ca8XMZHOLlruRW-EYjtYyz8i5cM08C99wMQUXxnKZDGqBkO92GR4-l0FFN5ldns8bYKDpdPhc93rd73fXPcxmh13jtyvNfjkAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BAIpDwv3NNqPD57L7AwAAAAAIAAAAABIACOK_JQBicCdP_P_________HGKDPvJHx____f8OgB8CDD4AHIQAAAB9DuDHLe_BdQAqIFIQWYQQAAAAgW04b48gknaBiUeX__7_fCsAVAICARNsKl6IsuoMSb2EAAAAAxAjBlxCN3PGgj1mgh8XvNzvsGr_bZf7_________zfyf-Ucj1MSVkiZowpVCzS8gAMCaX0AAADbjBgDgjQCckIOBptPhc93rdb_fXfcwmx12jd-uNPtFJyFWi8lkMJksVkchdsPZYjdbLCazAwAAAHDn____H48QfAnRyB0Puh6QWYwGm5VvtbBMhjPfbOZyzhymkcc0M25GHovNuD3UGckeXi9zj30ykO92GR4-l0FFN5ldns9BfNAwLCeDYH4mbDFaTSab5XC2XEwGw9FwNNqfgVisBmgiBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHQYGGxeCaztWxjGLlFg4ltrTAsTG7VyDTxLEa24Wa3WoteH9PF49kYVxsvEgwI2YvkaZFOFBvjYreZGCczw8hmGa1Gtt1isbK4BquNbWGc2CxiieZkkU5kl31nMRpsVr7VwjIZznyzmcs5c5hGHtPMuBl5LDbjvjRYWCyeyWwt2xhGbtFgYlsrDAuTWzUyTTyLkW242a3WotfHdPF4NsbVxt-YLQfL3Ww5HO4bs-VguZsth8N9h8n0TH3ORtct4_j4lItjzKG4OQ0Kl8Hi_UlMi2l3dhCdfEenzzpdFnVGv9_v9_v9fr_f7zdoPQezQeH7Xnbfak4ZO5Z7W8fBoIglgot0onuYzQ6n2a17mM0Oi1iiNF2kE33R73YZHj6XvyKWCE4X6UTod7ss6j9ykMVurliM5pLFcC4ZrRIAAAAAAAAAgCWYZroJAAAAgJNBDSebzWqdDmayGq4Wq-UCuICZ1PXTq7wCoqtctislUIlvuw5bolhjjzXcw2x2OM1u3cNsdlgZwIXLN7PNPiOItVotawAAAALYAAAAArjpxpsAsiju____fxwAAAAZOfQAAADo9wFN6fTAjV4r_ANQIdZqtbrdWKvVClhAq8VoM4EABDYj!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.113.49 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-113-49.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
gen_204
pagead2.googlesyndication.com/pagead/ Frame 205E 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.3.583.1&bgai=BQgq33ULKZIjbD9GP9fgPxKW8cAAAAAA4AeAEAg&bg=!gYKlgtbNAAZGOVy5Zjk7ADkAdvg8Wp7COL_O3DvnNR3uMWOE406QFWixCHL8RM2PsYDSDaYefHwGpC7EU156VGZrLBb_TlNiC40CAAAAXlIAAAAEaAEHmQLjkyMGDAj3sxu__y-g-jM1eOvFWP6mkjnmf45t6YsYy2W_B1w8s6vJJ5C8zMRCYa6HaLKZMgbTLylH7dnmZW_U8o4fFjx1-lqkykKC_BPhUy5KXC1DfLEMK4NHGtq7LwVP4DxmQGb58O42KD20JqKHsMk_uDaLk3JU3RCrE6EpYH6iQ4ihKIGWLD4A-HgJzzANn_t0Yl5hb4vCXtTEOqm32mT0gAqHV2aVyEnpyH_k-cUYcGyPaEO1a-V4od0jnN5POgn6b8igNBPYZkAiXdirNNpAw_WWRKuRlymKK-U_rOQqOqOdUm2gmIVPnod9R7YfsaolapOWdcJbQoctDvbxDop77fsCHKvvaG1XDppMq2-ns_EztcIlLvFnU7OjGX3Bf3798ne8Pb7XHJs4gZGQa98vgobhVSylTHswqfu27d4o7N7HTSscGOADoJw8HqjM-6T3QX_popsLqHrEEs4x_YE5PPk7DJ_CnHQzGsfax6UXYZbcv9UGLf6--Unnuqp03MCGGhPfsh7AVpDptp9N95mS1VCoU1Ps2bCIAEXlXPvAdq7VGS-nab2RvcC9LXgpmhZQBRxSwJ5sYeALRcC69zKDEzhw7H366AgoYR5lKh9c-VfpZuw6MJZ2bh0dRHzNIAV5SdK_TqRlo0eIKHj4glfe2BTMgfCWIIf-zEQFQxJBSya-VJL2hAqoOmISFe1zeGFhNIv7OWvL5uSTrYn10iHOJUekGh7rfI-Vv7RHtYEvtUaAjSIrsMfZsArnid57j_AXAG_vfO3IQrja7P_EVOeZFlbJGpDoYVGCQAMyAPvfAe9pc5S7nV9dOMvTMLkyIY7lj8vKpN7CxGk2xSnT5nEmjXLXXTLdyZmWXd9AieRKNUtLGd7x9pJX6KgNn8M0ORL48Ai_OWa3RZ6pKs9_ExbBpmC32S5ihuNXx_3fOlxmHiclwGoAyL4_MZ0cBOENyUMDzjolea6VCpAWPD-Bbp5PYQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=144338807&t=event&_s=1&dl=https%3A%2F%2Fwww.walla.co.il%2F&ul=en-us&de=UTF-8&dt=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D%20%D7%A9%D7%95%D7%98%D7%A4%D7%99%D7%9D&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Video&ea=ForcedPlay&el=Google&_u=aHDAAEABEAAAACAUI~&jid=&gjid=&cid=2119126147.1690976987&tid=UA-4780630-1&_gid=1300387108.1690976987&gtm=45He37v0n71T728TH&cd1=2119126147.1690976987&cd2=173&cd3=&cd4=&cd6=&cd7=&cd8=&cd24=0&cd26=&cd27=&cd28=&cd29=&cd30=&cd31=&cd32=%D7%95%D7%95%D7%90%D7%9C%D7%94&cd33=not&cd34=&cd51=&cd53=&cd54=&cd55=&cd56=&cd59=&cd62=&cd63=&cd65=no&cd69=0&cd76=&cd98=&cd107=&cd108=no&cd109=no&cd110=&cd113=1&cd115=https%3A%2F%2Fwww.walla.co.il&cd116=0&cd122=GTM%20video%20event%20To%20GA&cd123=https%3A%2F%2Fwww.walla.co.il%2F&cd124=&cd35=editorial&cd38=Live&cd39=Live&cd44=true&cd45=Google&cd47=Live&cd49=&cd50=Live&cd72=true&cm9=1&z=1919539896
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Aug 2023 19:48:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
57660
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
container.html
1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B0ED 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js?cb=31076660
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 02 Aug 2023 11:49:48 GMT
expires
Thu, 01 Aug 2024 11:49:48 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7622 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js?cb=31076660
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 02 Aug 2023 11:49:48 GMT
expires
Thu, 01 Aug 2024 11:49:48 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame D827 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssnk9yCEwpEfZe7F_F_8mLuxoDFuq-XlU6HKpcufNWRKaQ3V4OhRPZb7icIPcH0iHCT2so_9Ox6uwqvZJP11GQ8StRT--laH2UFGxeo5FmrtPUcCt_H2lX5cTvdHei7JppD0gXzPHIdXcSclROdOSRTa6ntya9MFFTH8N-TwjDlRx6g0RZZQ9q-RPy1QhTOMvMZfGywuDogDhQsqE3X3lF0VK2yec-6F0pVizKH_Hbjb0mz9yOnNTY-suDdeTDizq59JQ81QpFQA20UQ2eNhtvKOg8kKfORAKsuV1A8QA0OO5cUptF6h4B5t0qFB3MzoDGz0ml9HgEasGkXL0uMEhoWnkCAEXq0r8PbOSW7ebXJ&sai=AMfl-YSY7sAjfqXCnBfTb5lkYgYEb72EsqRRb_-HxlqrfSuMJgqANzRDM_ThMYgHlh5o2RRY5NfwxsqjfiuaYCfy9_6eohLizjjmr18ai2ocNjlxvxCel0ChRo9vmAViPAw&sig=Cg0ArKJSzA1Po1caiaw2EAE&uach_m=[UACH]&adurl=
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:50 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230731/r20110914/client/ Frame D827 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230731/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js?cb=31076660
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 06:48:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
18084
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Aug 2023 06:48:26 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D827 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js?cb=31076660
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57355
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1690371356542162"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Aug 2023 11:49:50 GMT
4404360090008543822
tpc.googlesyndication.com/simgad/ Frame D827 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/4404360090008543822
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js?cb=31076660
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
026a089688456c68238f86bbf1abbbe0d80a547711220a147b529dbc91d2a730
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 06:13:44 GMT
x-content-type-options
nosniff
age
365766
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39120
x-xss-protection
0
last-modified
Sun, 09 Jul 2023 12:24:58 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 28 Jul 2024 06:13:44 GMT
l
www.google.com/ads/measurement/ Frame D827 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRzyEnSNf0i0Ykp_S-EsvPK9ijzwfGsXrrVPUzkPHuuGn9ojTjRiNDBSCcjRDR6Vb34bs86YdYBgxF99qBJTf-tWIsapg
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js?cb=31076660
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers
container.html
1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5544 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js?cb=31076660
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 02 Aug 2023 11:49:48 GMT
expires
Thu, 01 Aug 2024 11:49:48 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 12E2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvWRB-G0yPPFvclbyXN32C9MmEKs3XQnsoEl8bvcyKs-5udPdj1U8Wp-px75xCr_rn3mUF0xkGXzwQZZBRH958sffb-qaFFfMU24Hb4c_MgVThxeqaPcrtul55aUo5WqBWEyh1DAjCmWiLUSO-3WtmhXnAmVaajAS4KJw00ylLUhS8vzYQPWxvlMRC7UGGTIZyhB4CF1RcS1GCKiU4qb8X89xvy2PRni41gynHFMvVBP3YV1Ez3O8KHjHmBA9JY49sf772HcqB0-8Qdq-VWMWUp9jHKDj10__Asdk3-Ft4vNKuUUAVMqJruIJQJDrjVVt840Euu0tuTSd_LO6q-FUIe0pLS-q7lOa2AnSZBZw&sai=AMfl-YSPaQxQ86B5BL2OypmCHFOY-tsh5j8PQyC8pJENPq1xCFbV7uoFuDQU7wBL0shkRYwa9J-NwFVFOenQdrixDR5ms0r39BYWJrSjmNc8hGgFY-gV8cYh1LCvN8de8AY&sig=Cg0ArKJSzNFZtZ-2EWwVEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:50 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230731/r20110914/client/ Frame 12E2 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230731/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js?cb=31076660
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 06:48:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
18084
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Aug 2023 06:48:26 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 12E2 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js?cb=31076660
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57355
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1690371356542162"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Aug 2023 11:49:50 GMT
13210602460672685764
tpc.googlesyndication.com/simgad/ Frame 12E2 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13210602460672685764
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js?cb=31076660
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b5c00549ffea334564e92da54007efda3b15638bd64babde024b439891e1165b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 07:23:08 GMT
x-content-type-options
nosniff
age
102402
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50175
x-xss-protection
0
last-modified
Tue, 01 Aug 2023 07:21:53 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 31 Jul 2024 07:23:08 GMT
l
www.google.com/ads/measurement/ Frame 12E2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR7VeMd0irAh2Vpi2PjLVu5kxpcS4TrmzxXKtD-sCRHQ49svFBWRix6uOect1z6NIQ2TfEaTityKZKmJI4l7XwdrmU96g
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js?cb=31076660
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers
truncated
/ Frame D827 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0f7d8517a9252b589b6d574954c9c7a74539894b8a87b9e31e4d2e0cb8d4dfa3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 12E2 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
de6cd2ebe2b44ff08a6c8b7c126c46911b5b52400247fdeffc8814ab21669343

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
image/png
pixel
googleads.g.doubleclick.net/xbbe/ Frame F5E3 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLO_UBCb3VAYn_iJ6gEwAQ&v=APEucNU-OEStg66X8nyeOAWy8tH_WZLtlbbCpV-2K333LmPwsrqLPtbJTeDq1FztpRe-UfJzuWBJtBKJP2AF6b15WQpOg0o1NvRBIwntcwpw2SjQpldKV9wNGAJGorm_3uwcCsdjCpgIn8bKlw_f6i6tGDWRgyqGYxiYdq2vf8dl6n1oktvzrEY
Requested by
Host: 1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com
URL: https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 02 Aug 2023 11:49:50 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame B0ED 		86 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com
URL: https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30167
x-xss-protection
0
server
cafe
etag
12949109546734229676
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 02 Aug 2023 11:49:50 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B0ED 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Cx9AltvRXbFfG6jAH2oQbYSe2uTa83wECzaia5rZwwEpKlPIaj8kybceI8JQBVfQCz6m-AnVqOsvoL4e3dnLT7Yy4QRnJGvXHzOd77_z5wSeV3wb8
Requested by
Host: 1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com
URL: https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B0ED 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=7694688194193671696&x=1&ct=76
Requested by
Host: 1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com
URL: https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230731/r20110914/client/ Frame B0ED 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230731/r20110914/client/window_focus_fy2021.js
Requested by
Host: 1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com
URL: https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 06:48:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
18084
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Aug 2023 06:48:26 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230731/r20110914/client/ Frame B0ED 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230731/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com
URL: https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
701511a8f659a2d9900ee663be0d19caa776005208107690d1f43ce6d8bd870e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 17:57:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
64326
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8273
x-xss-protection
0
server
cafe
etag
9725510470914717636
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 15 Aug 2023 17:57:44 GMT
l
www.google.com/ads/measurement/ Frame B0ED 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSO3NcMBYsTADlWCkQ-eguKlJYqq2yZXRUofy_H-6IcqANsn83qZWNjTage0xYnOiUuB7TALY5ONGhUrIZ5GgsYLyDW0g
Requested by
Host: 1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com
URL: https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B0ED 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com
URL: https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57355
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1690371356542162"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Aug 2023 11:49:50 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame ED94 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYvd7jwAEwAQ&v=APEucNUWAOxz2ye827coPQLSzwVC5jUgYfdpwveI37t5c5SR1rumfbM-MEZNIOUNNp-KzoRm5hrUWPpA2EgJl2II1KQ5jFuNhSk4FklsYrcOIjJB87kOt-o_5L2ZqdjzcSW_sUoI1Jpm4cRX1H77X2DvA8Fek8KqR9SMQZujIfJRoUTwYbW0B0U
Requested by
Host: 1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com
URL: https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 02 Aug 2023 11:49:50 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 7622 		86 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com
URL: https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30167
x-xss-protection
0
server
cafe
etag
12949109546734229676
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 02 Aug 2023 11:49:50 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7622 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BG35MRVoRTu2loXAyQnI4o0-maDBWEBVTV6AIgB44_f9vFLMT7ScP9g3iyqRMRFDsBEFEfwTooyUcxbEwi70r356944LdThAoFLKH1Kb2cz6W0hCw
Requested by
Host: 1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com
URL: https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7622 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=18274985154457165761&x=1&ct=76
Requested by
Host: 1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com
URL: https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230731/r20110914/client/ Frame 7622 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230731/r20110914/client/window_focus_fy2021.js
Requested by
Host: 1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com
URL: https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 06:48:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
18084
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Aug 2023 06:48:26 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230731/r20110914/client/ Frame 7622 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230731/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com
URL: https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
701511a8f659a2d9900ee663be0d19caa776005208107690d1f43ce6d8bd870e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 17:57:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
64326
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8273
x-xss-protection
0
server
cafe
etag
9725510470914717636
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 15 Aug 2023 17:57:44 GMT
l
www.google.com/ads/measurement/ Frame 7622 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRaASWy32dIZm9reWLOqcw-gUkgDok091wM-NgJDn5l9HNXwygbFK4ivqJ2TzH6KXwbIIrudy94Rs2rU4VaNV1qE1W9rA
Requested by
Host: 1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com
URL: https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7622 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com
URL: https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57355
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1690371356542162"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Aug 2023 11:49:50 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 83A4 		640 B
262 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY5er4xgEwAQ&v=APEucNXJaaEhoKRLOFWNYxKSA7o_3qcwL_XAJE9M3Vb9WxcSV-YVaX4rip2TkzCr2bFBwu4wIYrnqLyBU3gov5tqlJHcGpZpqqDy8j1NQ4umuLO1cUFUFaCNfeMSG-1dktEsUbNj-dqsmrm09EV2fT8_WYXt17A-WzvtkELChSplrPR1BDtOkHs
Requested by
Host: 1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com
URL: https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 02 Aug 2023 11:49:50 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 5544 		86 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com
URL: https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30167
x-xss-protection
0
server
cafe
etag
12949109546734229676
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 02 Aug 2023 11:49:50 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5544 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B5bOHuj1IPxM0CI8m1hHzQMgI_7i57SwtJuSt1aI71VW_jaBv4rlseKK1QJmQWSTIO39JH8YB1qamNxbeo_3dzytgV4TX_ZF9abeQcAGWUFcvOlnI
Requested by
Host: 1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com
URL: https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5544 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=7756739584864327148&x=1&ct=76
Requested by
Host: 1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com
URL: https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230731/r20110914/client/ Frame 5544 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230731/r20110914/client/window_focus_fy2021.js
Requested by
Host: 1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com
URL: https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 06:48:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
18084
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Aug 2023 06:48:26 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230731/r20110914/client/ Frame 5544 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230731/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com
URL: https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
701511a8f659a2d9900ee663be0d19caa776005208107690d1f43ce6d8bd870e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 17:57:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
64326
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8273
x-xss-protection
0
server
cafe
etag
9725510470914717636
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 15 Aug 2023 17:57:44 GMT
l
www.google.com/ads/measurement/ Frame 5544 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQzM3c4Z-FkODEclTKvoHdjvOzOKUErpJVGno1sCad3Nxsi-EFewbQF6H6PmDShChNFLcr9bjWCStplnzSsjqI0QEGxkQ
Requested by
Host: 1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com
URL: https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5544 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com
URL: https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57355
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1690371356542162"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Aug 2023 11:49:50 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame D827 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst1XcIWdMPT0Gb9X8yx10mBMgFN9Pc41fG0D24adH2kuTw7QQUk0Beo8HB2pzYLfCbhvQIADe_iYrOkeidoEAA87sMF27ZC0VkYb_kzW7XLOG4hPVmALXzSDIv9ayP-MMEmTjoZ2sNS0yRz_CoNb17UAvND7q1EU6GfupT9DbS9sJFnK01cuKx_FPpfjxnLovF_69BozicIRpKJebFUa7b4hEuFU0rYoM0nFEPuuO9o0fwMy-83ujFFGtMDjIP0I3TUHAevVOh8mb4yF3EZ8BFTQVMWnzvy9vLEj6GRaA0aWlrua95CtMATATUSI7kUYYTfdYQ3qH9ieMk8BQtAHC0v-KYNx1rjqfUyC142zNcrafU&sai=AMfl-YRhB2NS6C99CKz9VttAHgvZB_98psu5nQQlv-LOPFIbyPykWtZTXOIp479iU-S6wSBuuWFoOWnn-5FEvArsfqunwQwBLi9tvdyfIj5Dlkb8NivL2otHFPnzD1aapt4&sig=Cg0ArKJSzMPdSNXZSJPrEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:50 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 02 Aug 2023 11:49:50 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 12E2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuJ7EnCxgC3WAjVCJyzygtnWAhMEEn0U1qmMxudF_N8HzX33EZRBG3rOH8dgOlFEvGKS_IAwT2FderRu-jDwcbNf5FSEHZJta5rD4qNPtTMRzW6dF1tO15yxwwSkvP8-up0FO5bH4Xwd7gq845JLjHUGC1tIO3GZcs-nYZOzGdhet7Ev6mt4n1wo8005Y6SOtGyi0W7jtj3fjfJK1rqTu1HvVM3y2MsWnLdM4zXNEgZ-NJ10kePz9CRNRqn9wi4y2JWqJa-paxZW1Xw44NNW460m4Kw12j0OvtAOQMjXCdBqOGDIepczH6awmWQYTzQQhQwbevUsFl40BB-s61Ch0OQ9eIJ17J0EQkEcmaJHgnp&sai=AMfl-YRobGgeYJRx0dfR0Hmh9K82_dffSxUC5ukFxdRKJ04Tmsm_AmydO9pj-FVfd2ecrB6oUPSMVKNolkqt5tSOKc2_lweM447xSCsk3gWpySqMAqfdXGc-yAMztuzsw54&sig=Cg0ArKJSzBG0kI_yth4fEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:50 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 02 Aug 2023 11:49:50 GMT
rum
dsum-sec.casalemedia.com/ Frame F5E3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOsM_sjSmAq6i9oi3MNB5iM&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOsM_sjSmAq6i9oi3MNB5iM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLO_UBCb3VAYn_iJ6gEwAQ&v=APEucNU-OEStg66X8nyeOAWy8tH_WZLtlbbCpV-2K333LmPwsrqLPtbJTeDq1FztpRe-UfJzuWBJtBKJP2AF6b15WQpOg0o1NvRBIwntcwpw2SjQpldKV9wNGAJGorm_3uwcCsdjCpgIn8bKlw_f6i6tGDWRgyqGYxiYdq2vf8dl6n1oktvzrEY
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Aug 2023 11:49:50 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOsM_sjSmAq6i9oi3MNB5iM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame F5E3
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZMpC3hY46L.Ts4Y28pudWQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOsM_sjSmAq6i9oi3MNB5iM&google_cver=1&google_hm=2
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOsM_sjSmAq6i9oi3MNB5iM&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLO_UBCb3VAYn_iJ6gEwAQ&v=APEucNU-OEStg66X8nyeOAWy8tH_WZLtlbbCpV-2K333LmPwsrqLPtbJTeDq1FztpRe-UfJzuWBJtBKJP2AF6b15WQpOg0o1NvRBIwntcwpw2SjQpldKV9wNGAJGorm_3uwcCsdjCpgIn8bKlw_f6i6tGDWRgyqGYxiYdq2vf8dl6n1oktvzrEY
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Aug 2023 11:49:50 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOsM_sjSmAq6i9oi3MNB5iM&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame F5E3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEAT_7VjrR6-LzRwaIwGN3mM&google_cver=1
43 B
841 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEAT_7VjrR6-LzRwaIwGN3mM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLO_UBCb3VAYn_iJ6gEwAQ&v=APEucNU-OEStg66X8nyeOAWy8tH_WZLtlbbCpV-2K333LmPwsrqLPtbJTeDq1FztpRe-UfJzuWBJtBKJP2AF6b15WQpOg0o1NvRBIwntcwpw2SjQpldKV9wNGAJGorm_3uwcCsdjCpgIn8bKlw_f6i6tGDWRgyqGYxiYdq2vf8dl6n1oktvzrEY
Protocol
H2
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:50 GMT
an-x-request-uuid
7cdaabda-c8ca-4d9f-80d5-6b1fbf85d672
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
217.114.218.24; 217.114.218.24; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEAT_7VjrR6-LzRwaIwGN3mM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F5E3
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzgzNDcxNzM1Mjk3MDkwOTkwNQ%3D%3D
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzgzNDcxNzM1Mjk3MDkwOTkwNQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLO_UBCb3VAYn_iJ6gEwAQ&v=APEucNU-OEStg66X8nyeOAWy8tH_WZLtlbbCpV-2K333LmPwsrqLPtbJTeDq1FztpRe-UfJzuWBJtBKJP2AF6b15WQpOg0o1NvRBIwntcwpw2SjQpldKV9wNGAJGorm_3uwcCsdjCpgIn8bKlw_f6i6tGDWRgyqGYxiYdq2vf8dl6n1oktvzrEY
Protocol
H2
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:50 GMT
an-x-request-uuid
fbae55cb-7c79-4761-b9af-141cb652c765
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzgzNDcxNzM1Mjk3MDkwOTkwNQ%3D%3D
x-proxy-origin
217.114.218.24; 217.114.218.24; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame ED94
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOsM_sjSmAq6i9oi3MNB5iM&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOsM_sjSmAq6i9oi3MNB5iM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYvd7jwAEwAQ&v=APEucNUWAOxz2ye827coPQLSzwVC5jUgYfdpwveI37t5c5SR1rumfbM-MEZNIOUNNp-KzoRm5hrUWPpA2EgJl2II1KQ5jFuNhSk4FklsYrcOIjJB87kOt-o_5L2ZqdjzcSW_sUoI1Jpm4cRX1H77X2DvA8Fek8KqR9SMQZujIfJRoUTwYbW0B0U
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Aug 2023 11:49:50 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOsM_sjSmAq6i9oi3MNB5iM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame ED94
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZMpC3hY46L.Ts4Y28pudWQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOsM_sjSmAq6i9oi3MNB5iM&google_cver=1&google_hm=2
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOsM_sjSmAq6i9oi3MNB5iM&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYvd7jwAEwAQ&v=APEucNUWAOxz2ye827coPQLSzwVC5jUgYfdpwveI37t5c5SR1rumfbM-MEZNIOUNNp-KzoRm5hrUWPpA2EgJl2II1KQ5jFuNhSk4FklsYrcOIjJB87kOt-o_5L2ZqdjzcSW_sUoI1Jpm4cRX1H77X2DvA8Fek8KqR9SMQZujIfJRoUTwYbW0B0U
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Aug 2023 11:49:50 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOsM_sjSmAq6i9oi3MNB5iM&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame ED94
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEAT_7VjrR6-LzRwaIwGN3mM&google_cver=1
43 B
841 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEAT_7VjrR6-LzRwaIwGN3mM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYvd7jwAEwAQ&v=APEucNUWAOxz2ye827coPQLSzwVC5jUgYfdpwveI37t5c5SR1rumfbM-MEZNIOUNNp-KzoRm5hrUWPpA2EgJl2II1KQ5jFuNhSk4FklsYrcOIjJB87kOt-o_5L2ZqdjzcSW_sUoI1Jpm4cRX1H77X2DvA8Fek8KqR9SMQZujIfJRoUTwYbW0B0U
Protocol
H2
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:50 GMT
an-x-request-uuid
99bad897-45cd-4d80-8e0d-8a83fc02409d
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
217.114.218.24; 217.114.218.24; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEAT_7VjrR6-LzRwaIwGN3mM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame ED94
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzgzNDcxNzM1Mjk3MDkwOTkwNQ%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzgzNDcxNzM1Mjk3MDkwOTkwNQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYvd7jwAEwAQ&v=APEucNUWAOxz2ye827coPQLSzwVC5jUgYfdpwveI37t5c5SR1rumfbM-MEZNIOUNNp-KzoRm5hrUWPpA2EgJl2II1KQ5jFuNhSk4FklsYrcOIjJB87kOt-o_5L2ZqdjzcSW_sUoI1Jpm4cRX1H77X2DvA8Fek8KqR9SMQZujIfJRoUTwYbW0B0U
Protocol
H2
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:50 GMT
an-x-request-uuid
fcf3bd0e-1a1a-4047-8192-7ab5e580a6a0
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzgzNDcxNzM1Mjk3MDkwOTkwNQ%3D%3D
x-proxy-origin
217.114.218.24; 217.114.218.24; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 83A4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENX6zVsd3Id1MCuW0SAhp2k&google_cver=1
43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENX6zVsd3Id1MCuW0SAhp2k&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY5er4xgEwAQ&v=APEucNXJaaEhoKRLOFWNYxKSA7o_3qcwL_XAJE9M3Vb9WxcSV-YVaX4rip2TkzCr2bFBwu4wIYrnqLyBU3gov5tqlJHcGpZpqqDy8j1NQ4umuLO1cUFUFaCNfeMSG-1dktEsUbNj-dqsmrm09EV2fT8_WYXt17A-WzvtkELChSplrPR1BDtOkHs
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:50 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENX6zVsd3Id1MCuW0SAhp2k&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 83A4 		43 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY5er4xgEwAQ&v=APEucNXJaaEhoKRLOFWNYxKSA7o_3qcwL_XAJE9M3Vb9WxcSV-YVaX4rip2TkzCr2bFBwu4wIYrnqLyBU3gov5tqlJHcGpZpqqDy8j1NQ4umuLO1cUFUFaCNfeMSG-1dktEsUbNj-dqsmrm09EV2fT8_WYXt17A-WzvtkELChSplrPR1BDtOkHs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:50 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame 83A4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEBqPQCmqa3vEQksvDOlVtLU&google_cver=1
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEBqPQCmqa3vEQksvDOlVtLU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY5er4xgEwAQ&v=APEucNXJaaEhoKRLOFWNYxKSA7o_3qcwL_XAJE9M3Vb9WxcSV-YVaX4rip2TkzCr2bFBwu4wIYrnqLyBU3gov5tqlJHcGpZpqqDy8j1NQ4umuLO1cUFUFaCNfeMSG-1dktEsUbNj-dqsmrm09EV2fT8_WYXt17A-WzvtkELChSplrPR1BDtOkHs
Protocol
H2
Server
104.102.35.84 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-35-84.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

expires
Wed, 02 Aug 2023 11:49:50 GMT
pragma
no-cache
date
Wed, 02 Aug 2023 11:49:50 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEBqPQCmqa3vEQksvDOlVtLU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 83A4 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY5er4xgEwAQ&v=APEucNXJaaEhoKRLOFWNYxKSA7o_3qcwL_XAJE9M3Vb9WxcSV-YVaX4rip2TkzCr2bFBwu4wIYrnqLyBU3gov5tqlJHcGpZpqqDy8j1NQ4umuLO1cUFUFaCNfeMSG-1dktEsUbNj-dqsmrm09EV2fT8_WYXt17A-WzvtkELChSplrPR1BDtOkHs
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.102.35.84 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-35-84.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

expires
Wed, 02 Aug 2023 11:49:50 GMT
pragma
no-cache
date
Wed, 02 Aug 2023 11:49:50 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif
generic
match.adsrvr.org/track/cmf/ Frame 8CB4 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8aAwCLAYA_4MpY_SMXRAA_gdTxugZuygAAABgYID-AAlOBivbaONcK2Ymm1u03I3cCsdwtJZ5Rs6Fa-ZZ-IaLISDByWBlG22ca8XMZHOLlruRW-EYjtYyz8i5cM08C99wMQUXxnKZDGqBkO92GR4-l0FFN5ldns8bYKDpdPhc93rd73fXPcxmh13jtyvNfjkAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BAIpDwv3NNqPD57L7AwAAAAAIAAAAABIACOK_JQBicCdP_P_________HGKDPvJHx____f8OgB8CDD4AHIQAAAB9DuDHLe_BdQAqIFIQWYQQAAAAgW04b48gknaBiUeX__7_fCsAVAICARNsKl6IsuoMSb2EAAAAAxAjBlxCN3PGgj1mgh8XvNzvsGr_bZf7_________zfyf-Ucj1MSVkiZowpVCzS8gAMCaX0AAADbjBgDgjQCckIOBptPhc93rdb_fXfcwmx12jd-uNPtFJyFWi8lkMJksVkchdsPZYjdbLCazAwAAAHDn____H48QfAnRyB0Puh6QWYwGm5VvtbBMhjPfbOZyzhymkcc0M25GHovNuD3UGckeXi9zj30ykO92GR4-l0FFN5ldns9BfNAwLCeDYH4mbDFaTSab5XC2XEwGw9FwNNqfgVisBmgiBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHQYGGxeCaztWxjGLlFg4ltrTAsTG7VyDTxLEa24Wa3WoteH9PF49kYVxsvEgwI2YvkaZFOFBvjYreZGCczw8hmGa1Gtt1isbK4BquNbWGc2CxiieZkkU5kl31nMRpsVr7VwjIZznyzmcs5c5hGHtPMuBl5LDbjvjRYWCyeyWwt2xhGbtFgYlsrDAuTWzUyTTyLkW242a3WotfHdPF4NsbVxt-YLQfL3Ww5HO4bs-VguZsth8N9h8n0TH3ORtct4_j4lItjzKG4OQ0Kl8Hi_UlMi2l3dhCdfEenzzpdFnVGv9_v9_v9fr_f7zdoPQezQeH7Xnbfak4ZO5Z7W8fBoIglgot0onuYzQ6n2a17mM0Oi1iiNF2kE33R73YZHj6XvyKWCE4X6UTod7ss6j9ykMVurliM5pLFcC4ZrRIAAAAAAAAAgCWYZroJAAAAgJNBDSebzWqdDmayGq4Wq-UCuICZ1PXTq7wCoqtctislUIlvuw5bolhjjzXcw2x2OM1u3cNsdlgZwIXLN7PNPiOItVotawAAAALYAAAAArjpxpsAsiju____fxwAAAAZOfQAAADo9wFN6fTAjV4r_ANQIdZqtbrdWKvVClhAq8VoM4EABDYj!&cmcv=&pix=undefined&cb=1690976989735&uv=3312&tms=1690976989735&abt=ll418_vB!nonrv_vA!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=820e64c9-1fdf-497d-a184-f3d9a5f3a781&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 02 Aug 2023 11:49:50 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
40abb326-6c0d-40b6-a0ad-5d4b31d68375-tuctbc3c85c
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 8CB4 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/40abb326-6c0d-40b6-a0ad-5d4b31d68375-tuctbc3c85c?gdpr=1&us_privacy=1---
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8aAwCLAYA_4MpY_SMXRAA_gdTxugZuygAAABgYID-AAlOBivbaONcK2Ymm1u03I3cCsdwtJZ5Rs6Fa-ZZ-IaLISDByWBlG22ca8XMZHOLlruRW-EYjtYyz8i5cM08C99wMQUXxnKZDGqBkO92GR4-l0FFN5ldns8bYKDpdPhc93rd73fXPcxmh13jtyvNfjkAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BAIpDwv3NNqPD57L7AwAAAAAIAAAAABIACOK_JQBicCdP_P_________HGKDPvJHx____f8OgB8CDD4AHIQAAAB9DuDHLe_BdQAqIFIQWYQQAAAAgW04b48gknaBiUeX__7_fCsAVAICARNsKl6IsuoMSb2EAAAAAxAjBlxCN3PGgj1mgh8XvNzvsGr_bZf7_________zfyf-Ucj1MSVkiZowpVCzS8gAMCaX0AAADbjBgDgjQCckIOBptPhc93rdb_fXfcwmx12jd-uNPtFJyFWi8lkMJksVkchdsPZYjdbLCazAwAAAHDn____H48QfAnRyB0Puh6QWYwGm5VvtbBMhjPfbOZyzhymkcc0M25GHovNuD3UGckeXi9zj30ykO92GR4-l0FFN5ldns9BfNAwLCeDYH4mbDFaTSab5XC2XEwGw9FwNNqfgVisBmgiBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHQYGGxeCaztWxjGLlFg4ltrTAsTG7VyDTxLEa24Wa3WoteH9PF49kYVxsvEgwI2YvkaZFOFBvjYreZGCczw8hmGa1Gtt1isbK4BquNbWGc2CxiieZkkU5kl31nMRpsVr7VwjIZznyzmcs5c5hGHtPMuBl5LDbjvjRYWCyeyWwt2xhGbtFgYlsrDAuTWzUyTTyLkW242a3WotfHdPF4NsbVxt-YLQfL3Ww5HO4bs-VguZsth8N9h8n0TH3ORtct4_j4lItjzKG4OQ0Kl8Hi_UlMi2l3dhCdfEenzzpdFnVGv9_v9_v9fr_f7zdoPQezQeH7Xnbfak4ZO5Z7W8fBoIglgot0onuYzQ6n2a17mM0Oi1iiNF2kE33R73YZHj6XvyKWCE4X6UTod7ss6j9ykMVurliM5pLFcC4ZrRIAAAAAAAAAgCWYZroJAAAAgJNBDSebzWqdDmayGq4Wq-UCuICZ1PXTq7wCoqtctislUIlvuw5bolhjjzXcw2x2OM1u3cNsdlgZwIXLN7PNPiOItVotawAAAALYAAAAArjpxpsAsiju____fxwAAAAZOfQAAADo9wFN6fTAjV4r_ANQIdZqtbrdWKvVClhAq8VoM4EABDYj!&cmcv=&pix=undefined&cb=1690976989735&uv=3312&tms=1690976989735&abt=ll418_vB!nonrv_vA!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=820e64c9-1fdf-497d-a184-f3d9a5f3a781&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:cb40:4a86:732c:5dc5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:50 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
x.bidswitch.net/ Frame 8CB4 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8aAwCLAYA_4MpY_SMXRAA_gdTxugZuygAAABgYID-AAlOBivbaONcK2Ymm1u03I3cCsdwtJZ5Rs6Fa-ZZ-IaLISDByWBlG22ca8XMZHOLlruRW-EYjtYyz8i5cM08C99wMQUXxnKZDGqBkO92GR4-l0FFN5ldns8bYKDpdPhc93rd73fXPcxmh13jtyvNfjkAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BAIpDwv3NNqPD57L7AwAAAAAIAAAAABIACOK_JQBicCdP_P_________HGKDPvJHx____f8OgB8CDD4AHIQAAAB9DuDHLe_BdQAqIFIQWYQQAAAAgW04b48gknaBiUeX__7_fCsAVAICARNsKl6IsuoMSb2EAAAAAxAjBlxCN3PGgj1mgh8XvNzvsGr_bZf7_________zfyf-Ucj1MSVkiZowpVCzS8gAMCaX0AAADbjBgDgjQCckIOBptPhc93rdb_fXfcwmx12jd-uNPtFJyFWi8lkMJksVkchdsPZYjdbLCazAwAAAHDn____H48QfAnRyB0Puh6QWYwGm5VvtbBMhjPfbOZyzhymkcc0M25GHovNuD3UGckeXi9zj30ykO92GR4-l0FFN5ldns9BfNAwLCeDYH4mbDFaTSab5XC2XEwGw9FwNNqfgVisBmgiBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHQYGGxeCaztWxjGLlFg4ltrTAsTG7VyDTxLEa24Wa3WoteH9PF49kYVxsvEgwI2YvkaZFOFBvjYreZGCczw8hmGa1Gtt1isbK4BquNbWGc2CxiieZkkU5kl31nMRpsVr7VwjIZznyzmcs5c5hGHtPMuBl5LDbjvjRYWCyeyWwt2xhGbtFgYlsrDAuTWzUyTTyLkW242a3WotfHdPF4NsbVxt-YLQfL3Ww5HO4bs-VguZsth8N9h8n0TH3ORtct4_j4lItjzKG4OQ0Kl8Hi_UlMi2l3dhCdfEenzzpdFnVGv9_v9_v9fr_f7zdoPQezQeH7Xnbfak4ZO5Z7W8fBoIglgot0onuYzQ6n2a17mM0Oi1iiNF2kE33R73YZHj6XvyKWCE4X6UTod7ss6j9ykMVurliM5pLFcC4ZrRIAAAAAAAAAgCWYZroJAAAAgJNBDSebzWqdDmayGq4Wq-UCuICZ1PXTq7wCoqtctislUIlvuw5bolhjjzXcw2x2OM1u3cNsdlgZwIXLN7PNPiOItVotawAAAALYAAAAArjpxpsAsiju____fxwAAAAZOfQAAADo9wFN6fTAjV4r_ANQIdZqtbrdWKvVClhAq8VoM4EABDYj!&cmcv=&pix=undefined&cb=1690976989735&uv=3312&tms=1690976989735&abt=ll418_vB!nonrv_vA!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=820e64c9-1fdf-497d-a184-f3d9a5f3a781&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.113.49 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-113-49.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
gen_204
pagead2.googlesyndication.com/pagead/ Frame B0ED 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8086517330724&version=m202307240101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B0ED 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8086517330724&version=m202307240101&ct=76&x=1&cor=7694688194193672000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame B0ED 		88 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DUnDTKX4uBtVe93kiHs_h04YD9-3VJ1XGekTTplanPO1bx-r-QLHKq4r726_GHH--S1oG6UYpdaJ-79VrVkcD4DAJAiw&cry=1&dbm_d=AKAmf-CjNHZ52hJ90ZHtrWJiD965l2Esmowj5O-ez6odp5AATgkuY_a--oAPuYaTnknZjh4Yu44a5Y9A0-3y2pl1F2OOFZFbkUFh0wWwJrKmr9Tg071F48DLwmq5HQyRrOHbOlgY67LmuU3lFZmLpglXYXKH3ydmRkYqXEy1yHNaRgB34OtTk2JHyzuzuiemFJ6frmjog1BOz3PHkCAiHX-NomUrkD3HdOxHStCp5MXY-qssuEknnSwUoKhI0V5xQumTyi9c4MiJsx4RepXImjpfU3zDcY9bOeQz7MpKXNB7PysG-hNjnWVh17Jgqq95yq2CzF-5JHYJdqILWqXZ3dsU_IKjv0nm4Nru-S_PZoMTQ--YREbYDoWfuuyCGp_SepIh6ELLP7yzTbXI6nUXZukYO0n4zjesSzc5MqpWkFgYLYAzo-FMd49GylHB1Qgwuj5bSXgoFnp7fZZjEntBo2EQHekIhMPpcTzYNxhki-5xqn0b86XkWHLW03Fw0ZIzjQXclKgOxQKvewG6ncfWdkFX-0JotPXZXjzID-XPbPhZcJ00etOon5e__KvJPJi3zOCy0ShnCoAue1rhwNl-ZhFx0TcXBn-FaRwuxr4MnzWMrbGCCAnTlS_d1shyqxIYlGs_g-UbuwGMSKmsB7vwV9Ycc33Ez6gr-U_yKobbVF_3Ylt-XbFdQes5hepjv_52XE2Ks1RJctVH7faGc7RAlXKONYJXT5Op09qpqtW14E2YvxRsirxDqwBV6UsfZ0HBgbod-AvW5Uf0jbcBFaL8qqAkT1544NgxnXr8Anihp1zMx4NfFn7ThVi0ScWQGpO2ZdCIt-VsuOtb9A8hjxs7sga5L2tDNPzv4SU8_nP-c24MkYUMZAM7eh0ZupJO2D5GA6sfzkcjoe3InuM8Dxo9_iUW9RiN7ZiHBPEbR3j9QpNATdim0nuZead1w2oZDuyGMm-_owWIBHblzZfY9Gne1N7v4ybCR920nl6cf2Tte8MxamnM3A7SwXNaSFo566gNjbA4vYsjq9lF9GQUbjtKjQxW8cCuV8hM-JlEMhW4xumYDCi4duwq4Fw46DYJO4GiMDKoFIza9qlMDWez7zu7uDWrSykiPqN7EBF_nbwZw4Rh4F6uNlx_0qdAPe7aPvZwMTWOYoW-aCPbYKIH3zITgPEYc0BFkPNT_EeCjE__J3X5SNPgTxzBvykoxmHB8FxLGCFWyNVfUy3FtCWZf2mHPxmtuzEh52dA1zxzYYdGGiz2X4fUSYjn2PTvFozyy5EL2qy1tsoK7FFJl0fUc1ql9_OASXwDs2W4RfgSBwk1eU0_ySHS3OY2IB9C9jN7SLbHG3uJtHAAYkN943ysGf9qL0es5aQrAInzLIl-cJFZovBRV82slmAxpt4X9IXwrKczQrdT2tme-xFErn7AVpAHHIHVTUUIrHfGFI17wMNQ54B2se4QXxQxsQHFryhyeCe7LQ2V02hZO8fLUmrdoOOaLiLMUgflYWkOoNnJF60nXNBkriTkD-0z12MxvRLfjNN8hTO_WowhlXjJR-7Ffj6rfAiHuKEjueAEuP0Fak7a7KiD7ZB7_Mi0kGOS2iFKVaQRR93ZpkBNzvx8srrvLwqKi_cZ-rxTh1fwdlSsmilhVYgMUXxrvpif-ZMwdTE8Xvh8YHym_7c1gPj7P-9zFrydWIfNAYNi6Xo_235E9gnqWnUHnYm0kJdiLHWfv5uCWDqKjNueRBAuhq0YrQhXHPVl_HwlmdQvtBvMExsyim9CtykcVqtsWSYXzyFx4vCj2z-kgvFkmg3OK9GGl3KdWfaKP-NJK_Qrn-P8EJmtYP1pp47saT-kpCqR5Jwot6m1IINASn7JpGTpl5FktQ294HroJ6yKoB-XRopWbN8CMSyRth8_aajm_J-pBYmQyQIbkb_oJ2NESt95nux106ezhvQBO-5BZcUN6yFPZq1RcCKk4YVcvgQhZEBypHSLjdGoX8MCx9AyPV6_tnJjEaFjgtbIOgox7KY9CrHkd4V706wCf4DbsgWS_6CkdbQQ-wyZEEL8ONnDIVM4VRzuNcnx2V1CxoSoZVrMzwFykA4o9rnJxCYoYlfJZ5Z4SC6FU_XrzoIcrKmYuQs2efaLEvkn5h857QLwI0P7Brx9JBxTll0FRye8B_nMKUIgkCz184UGqYshZL_0JLR8Cv5c0z430NRGsHUsotxYjkc4NzrHrqL21DepPqyiBx6IOEcDIhJ36VExy0ivGlNS5PJshBfNtzEDTCfDywN64BABaPTTFcfUCYTsTDb7ST4a7c7VbcG32z80uv650UdDwtLBUfCpwPcBh2aD3aoInoymA4JB8qtxVNntn65XZM4fX99ZliwzqVbUipHZNB5VjzFmAdqzP0IsDn3wqSZ7pRV-su9f6hrpgMlEEpRSO759XtkABixkQ_n8lxrS2edqrWzn6Cr186wmVymskTZU0pjPPIBIiCQQbjR4GAKSRXMf5tsPdK0tpUyOL3NPCx1sr9JayroT_MCJf-0l32_jRDuByu53Iq2LGYKhv1mLa9wXyx-I_yMlmy96w0u5PX4-BjpDq5M9CF_prWPopucQUFqo5dOCAabqDtdOgCgIzPEHc__SHJLrVB5K6g1JmjJqKDmZUR0GO9euvpfzJb8UkU2djRz5FpJi0LW5wBExPOfaZ1P1NJTLwTKyTEKy8859cV7RX5W2CRZhBmaoLkBv1Tm9kcoDoa-iho2lDqmXX3A3nSoR69D_k6j8nH1uK2Gf9lC1qVwAMEXwU1rlmvLjoYrkQypSbiYenPk-X87S-auVkf2UOxOdRGP0IbXqafZDp3lIobrSNrnzILduuMDhBzt4CdSrFtZhmJKPLPYO-gMdSLyaGrTnUtB09zszvCRuboMwyS9Y0kMV5xpPZjRsRpsvkyY-4uQOY3kQqH6LXIh5Z0P-_lMIsPVB5lUvzKocnK3gqrc3c9f95Ci_mWgW3aQtLAqxG1nRaV_8DmXQ44nyUnK66pXUIRVbUIGE5SV8lGBFi6mJbrgT-LpgIrGJ_AyrENrup_H_LBwZX9hANNBj8nGSwvXfoF9763a8L2vDkOEEACyluu-dAegzp5OGPMdSdcSqr6qQONBfWs5BEnwIEEDLncxyAGVBu0broV3DEG69-unaWBbiEFK_Bou0zTTkjI6pvVF9GPZDMq9IfsatfIovezSfPq1dHcQPTT17BR2OKhrBrQePPMqJ7dsm7fxX3UR9FuVMoFFLMX4RB5q6FmPH30ipz7pITMIN21PKiFIx-31DOC9RbdrKHGR7DZemUFgMbfNIGNup-lJru_-yOcjxEhXIhGGHi89uuFH2-yQ2dZe9tZGxtLiENTXYq03HfsG2amDlVAnI9DFAWtUHlAWeM10TecPWUbuJi5IMl6POE0MaAb4swxcnr0EevM3J0g&cid=CAQSPABpAlJWKTAjV-VNk8W0i_xZg4r3sdASqjCwd4qKtphtuRQXPNh2QKxOBGgtrae17XzV95t8YH11j7uwIhgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.walla.co.il%2F&ds=l&xdt=1&iif=1&cor=7694688194193672000&adk=548554675&idt=161&cac=0&dtd=70
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c42eec61276b3b65bb70f1383f73437e43de68f57a5bacac54409cb95ad09111
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:50 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37573
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5544 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8879576855245&version=m202307240101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5544 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8879576855245&version=m202307240101&ct=76&x=1&cor=7756739584864327000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 5544 		95 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DdKROfYH8Wnp8mh5zrsCwAQMtSqcAuqncVyuGvFxPGDPiC5610J1pAZ9PPNIVeGIZiEgTIFHPWONHaadmUGv4tRvp66eC6O9ebAMIsSn13fcZDEJpm6Cev_Stx0ibzfwRDb4I31h0qDZpxv9uZpbagqqZFEd14w_z-W-YKepY2imcqGBI&dbm_d=AKAmf-AASyptqRMSZVCF5ZL47RTO2Snuz5b2DJYstl-N2grhV4tCNZb1t0Bn1FLsfrPQzZffNNCViarwaxlpg-IFffKnn-9DnBM2OeEj4jvNvGVeluInC30KOyMCFJW-aRdzVE30ITEr3XZgeyxLJS1EdNX1_y29Rm1m6HZJSpzLWnauW71XQjSxr1H_GN0y98GkrdCU2CdfGbjb278XZrB8x7-oikTYwrEPbcR8MaPxknlkpJmL3ZhZ8u47rZVj_r9S08ohEpTFkzkiyQ_5rShHAQjKt0Owk6L-9PBqZ2lGJloJobhYBnI4TvT1DXQgQXDaMtEtoYq7MKvIH0VvLJ89oC99ZmfpxqZyDXh2HsD8G2Ut_ryd6vRLE9kKVkzilf6UKz2W2HeTVnL8i3ggTmvKJc6k9SSpYezqvtdUB9rnKSUJLfbEjQhxkvCP_FYlipax_RFB8Ge70arMA9RAmXIYgFDnCBY-mgkyba4OgQByohUQiYmGvPCQDPhZPkH_b9DqVUSHIugSs-BXDkd3mBUyadqzSlGzscFKjoBEn9Bg6c6iu1pKyQEq4jS-0RXngW0Ae1EHmVL4C9N9GbCLOOclF12G72fiyb4Qd_GhMExYg7xsV9jpiMN1nWhGvW3nMrC8OEUyLrAbX5zHqli551tf1bU5aZjJ0tAVyp0qV9T7VJnbW687jiTzZMYFOyR0nbZ_eOykCCD-mkkuzHCuEDLPq73BdlQ29Oto-t0YWcZDXTNa_-YTxcK4anvqb4_d5cyyLRMrPpaikMIMdOphhvrzOTz7x6VpJij84VT1wcfok-4kXr5gI7E3YhRV9V5o__diJFI4IW9ZJikwHtZFdtEjiXHUip5n8_dnt6yScv5auzj7Ko4JjaPIW_WaEAdTg72VVxY9Ro_Ul5oo1DxjSCrGf2uJS8UCm86Q0My7FuIEB4cWmkd2krzJaU0XrR-iiNWJJI1fbZITK-dfeaJLZ5fFtu9dzF2d-X2PK0qi2myoQyezd4pMV9-YsJwdE-ybGxSafUtP_E6tL96t8pVdOAZ4bPXkVp53FfXAELggKVETe-kddrbKRxSIV8dJ_zU-msZtJCANHEJLUGBBx4JA4G_6DD92rzUnYKKVjst0tCEcROziJwp24-v9gzA8aZzVZp8DqCinj5BzoE9jdupTIcaDyvaQwl-3yLHBLnQw24GtbP1QDoDahWbjU2fH3dD1AAVAtoY8qXPpWUa06i1rTcEAeTyJnu_lLExmVGMmHTEaio77nlLSJcaXIvzYIzw3dhI_htbeDOH9AbmrN4CoIOE7C21wCeoBS8raGwMToU6uz7hXjtNn61np4-SVtizRH4PRy4sO80t2IGk2BuhmSJyDCT806WdfyjxqdPxr4UqXFd94HjT4y48P_yzu-64h65FFMRxG0D0o3mW5qNmOmZ7HRmykzNeDBNbKhW_FQNfFo83VDwTbwC--pi_YMFhMaUD11AjLDATMVzOnPsXWSt_7HH98yhWu3tmitn_TLgIinHzWAmgm1ZxBee-IHEuW36xxo0lI-diQitGQRIBU6q-r56NYd7on1jdoQZI7kkRYdAkDE-cMXYgxIjycC2YhueEY32OcVMyZ3I-aD-LZDqdyT6ZmxCLiSUnoywvCZoNvf-KEzDrurUE13X9DgSsflQJr4qWNxFrel-__fPj5ZzbpMUhx3q_dcjuWNypGIPJLHh2T5IA6aJ2dJUJmZvR1_S3lfBKEvuDRS2JUXcGpUCKtm72zEgHs5bqg0K8T8yamL8oOWEGIzwpzib8te0H5VX9G9pOvStItd69KuMhWiJcuGzOkrnLviSTqyexC1skKS5-_5-1jVld8lxijN3apt1sMkhtdv0w3yWI2vXxxCm2ieG7-iq3SJq93e7LFPFQ4P5XDusLr7BBJ44ipmAY_mOXsLoHtQW7QvvGoc9FHBEMySpMgtAGvGChFmj875_Sh3IeKSeNdNr5V_eSqDCUsABT7TUlIaxL6WQyLndhbdNFjVRD3LoQZUSKYH4ZO2snvz5Cva-8RwY5whabLyu-chmymzz75Y2qaU9jb6qsEQB_41ijIQ2D2Z4iTApffUpWk_5Q2fT8ycawwj9AXg6yNAvON9v7JgcwUq8oludAGzay_ji4wd-3Y5PRF4R-kSmvtoBkARah72EyT4j0_M1D5vNOd0LSRAf6ZMfsXnbKn60bXC4-P6iAMoGhrJ4_2ZvtrjURP4IH1-MJwfH316haglj7s-UhiJbP865ZE43GxBY5Lop3BFe0F_3Be57ofcrWFIXvz9U43srV1sShy1Mcq-foc5SrYLoAUtdqwzViH8EugxZul3qOiYvBRCq4z7TXhODQ5sLKoOU9ZhSEUzgTqHZlbOsuyr8ISyNe49webBPaRwmje1lX88h5sRJWG_bQqtX172a0uOqnmXFfPhlZ4pdtuL-sltT_c7erN6ZExfA0zhCFOFjWwte4wBxAyr-1FTdBUJQ1m_qxcXzJftuPps4L6798h4RjGmbz2BV30xcz8TmJas60wygbDJc64PG_BCSNq12D1qYdxZWtoAJvawl1aoYNNu9pWZai8R-YQsCQTiDNpODrkBYOS-Gxt0mphD6TkIPHaWhJd5bXhESQsQcwr5s2IJp6jYD3sEehZvIOzdPZxHRUF8Tfw7uV_T6t-PkF7UHDXq9spPL8NRIBm-56R3mlpyN4qwqTShl_Ew7o_yHrrQL3KUtWaX82zaHF3MSh_FNIrQdKpkQ5DnXqM2ZzghtswvC60dtdHH-HPvcqX1vgtjZtYV2DPLGlMzzqTxzD4SKcwL2SNSxAV79M0vSop2zxQoZtWmMqIVm-KPqvHvuxQguFUuwaLhXWmbVGD-q-pZrUoVy_PcYWSSjb3S4cZpumEtAz0bYBAerqoyopD6q3hjCPtfbqUhgApru87gstFX49ZaJRSoGG-E7SENQrMsKyDZ_cJohmeMcCTCxCMQr6OWqlfkFl6Ak-ZNlShfTNSbesxCn6J7IU-yDFkAopX8JoB4BopoomG2HVFOo9guS3gTqSrSv5ur7yahJqOovhv_UhQa_6hsMClyf_6T-bWfy22yPbrkMWu5pfp_e0LFMMN9afOHD-UQEgSWLBXzvqn7Uzm4ua0YmIO4SxjVhtybdoRarB6kVP8BxpzMujmIUaMKUpBhAHOT-czXxtJoq-c6WjOXBi7Lg4IpYnHO77mHLR7CxDMvhyq_Btcx3DMHfT9RqwpGwcFLqpjM_iVzgDvvcH1C1VH9DA6miLIO5kzdjVpcZCcmnQXGaUPLvyiH01MZJwzqWZhTPRBGP-WbkK4p4lBDEQAzYQIcCgTbPUBAihwLOZ-qpnDYZhx03l7UN2B15o_YCnlp2RwZoJG6bCkjSrEI3c_81RFfFWPVfjvIDT5qAfur63P9qkQ224NwlpXX-0XB8dRidoQL-R3VmU3l4TsA1yBqSVMMwXS18xq4e3Z6St2Q_aWe9SBK6rQ_6pR_fvVuFxEO9xk-zqqdO7jarKO0iDRB0JdhTZIfYQHwE5CSZ7Udxd2SSS6cmRGf2fdXljv1kvsjUL7gDBqMTXQVL8Edn5Q0nOGoh2-hR5ZMtUq_29DdAYVAVD-bxofqtSF98NSZr6MriJIAHyWx_bqKEKYz-2Zfjr6NcKQ161rwHE-USY6VM2gl3THmEIeeTV7dZWgUy2Xon76ZpFaY-rZerHA5ltI9__RLVIucfKRmMNrXTUZsM2nEKkTykepY4x1Ah94xhCMr6ScAe2LuIejjgK-7hrreWL2GVj-qHvqmcgWyoGbVHjpUnuCClmLL_OIobH_ZNo8GptTg-GhQr9ptCEmFCmnR40UiygDNdvRPlNX3x_V&cid=CAQSPABpAlJWKTAjV-VNk8W0i_xZg4r3sdASqjCwd4qKtphtuRQXPNh2QKxOBGgtrae17XzV95t8YH11j7uwIhgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.walla.co.il%2F&ds=l&xdt=1&iif=1&cor=7756739584864327000&adk=72288713&idt=203&cac=0&dtd=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8a52b24971743a95b1653a9e971dc63dc76973ff2aba3e1f19fad2b440d9b1a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:50 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38840
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7622 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7284906445394&version=m202307240101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7622 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7284906445394&version=m202307240101&ct=76&x=1&cor=18274985154457166000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 7622 		103 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CO_tFrkaDK-g_YdE-aaQL8cJhZCwRbbS6zSIbL8HMalSe9ak0YNf7K0SYkmZzz-SJDSby0T7UjZr95_mSyv-Wvkp5CQ7v4lHwxR_tuQD2WqqiPVtsw_z7lZa4uXgG_HXGp0RPMh9q0sldlqCAL6RgBz_cIdH7f-XdCQPEeOm2wJhCgJqA&dbm_d=AKAmf-BeiRj9srnbt2qPC9A2Fco4n-K0Y4A-rHFAtqSlx5mmfJAK5ogRlxOXdIr7M-OKET4X8CSsD-2QUHmRW1o5Vc3_gctLrI-rPaXLFmt6DXMjEOwYQX6mREBPP6RLexSPdQLHxwXCG2XVa9fVXrEQ4ilKv5ZmtDn2gwR4bpvWuYGUi8FQHLjix2uvqj1zA3SRynGOa--jL-8lNWTxWfricrChioTZH8rM7_QpX08iUMrsRzU8-98L8mRpy0zxeiGKXb5NOhXrQJNW8hTZrifXembctY1AXjqHAgZNPIWz4827v3FfwZ-KB4ZoBt1Xh2m7OZLNTP3PsOGKYLXkXymJXhb6gttPdYJGn9qtKAjx-2VkTwHo9rHw9bI4U-cu_A7oNlqERz7fipZzC30rIBRzacDFGZLchxQU9_hS-wiuCFiJdFGegqIDXi2vRlQlzzaYd2XT6x-qXSgHtq6rh03ACDRBMHPvF4hKu3Po-jhTRR8hMVAmziNp0iAN4gqwZQVwnVkiU0xPehPKxbee8XOeAgidyrdRJz4qsXxtBjd-Feos98HIMPhZTFs1DuXQAh6D13kRHxB5BIKyOv-Wtj_XHsFNBQ_-qhfcQ-5Hag1xzKl4wkcqEOCz-AhaCfhWlI_iqyu4EFxbzA4CARYZ_xW_RnFId4wld4d7SbJ8OAKPQlXVEc0m0Tc9zpvePj0AR9HIQvMh628IoCzZo5cA5SPyFpmfSqbLjx78uPHz9osyuhAD4CC7cmtMpzyRn8MQPGdGuoIE3AvbogRHLXVK2ZFnOOyABWurfpru6AiS50nWDMoioEMCEJZs2lhQjlLnyMD2oLyEXvtvdkodLUud9gxGpdcJIxs5kcMFTLEhdiJQN4N93G5YkZ229_qgsxW5qGOb3ETRp84jyd_DUZfs8mhG0VrjkxJtmBs2fdriEAdQgbIx0m4pwsXmAdpHuFkE407LSS7e43b0jFRQas1t_uFiSFPa8N7p9iNBiiW4iXb-Tk1GGbZwhtj4I-TztBqaWmkGJ2z57iluNJgF2qup0x3mn88Pz9VTqRa4sywdw5wPZQ9vEUrC85mWvvDcUIoFHymMs0bBv01nHREXmYYgO91QiGPH0ydtvtpw0jKpAX5IExo-v3-qFPWpgcni_7CnRSyEPPBw9sdlAN8vwBEOh-avgTfSCG6hfaOy9b2VAFkfGHE3QMcATRe1lhUNPCXHSE9mfK9LIaqx84kiFjtMu-atqx__WEqmGhCyqqhRukhcOD1HsAZDBtsVm5FeL-a6e5htnsi71GI9apStdYOzgcvnoQ45MDezBGAtVYN7cebI05Yj3RGEnLlFiacCknfNlz-DzGVIbCXbMMCnJ8n2Gc7yWGfCwKbKF9iqUvS17ci4LLtjbQI-sSeE9oByJfsuzveQAdsrC9rFbO51UCLLahfg7uYyj-ALqHcfbf5ikBWtUC0OZ-if7xi7PUospGsMmcR9KJ-6ra-qf-GkTKacmcIxJ_H1teE-gmuf8glHs3UGDjzYRr2m4srF_pCVImvxDA-wU85gPcT2rt12T--zDUa6tuZ2xSIns_FeEf_R6XdrLKKCilwpOUhxefwahrbfctGm1mVGvP1id2w_wpSgZqKBbdSfbtAJQGRn9XI8-70r-whYq9m7z2t-Cc1FGfoLNAjg1kMxNrr7rAlfhXWbrglwyUqzgTG-a37NVxUut1XOcy5U_T34cNm4a2OQNntqy720aEnfk1HYytHkAW9t_Sdipzy0RXDOakBzuo4mQd-UeMP8EZoMZdYWAbihhLK-FiGjCBpO5L3MT7wWfsu_kVL3oq5F-KfgBc7oj68h7wUUVgtA8vlQ_o0ul_CZIp6AQLGrsgGJqQapldCe8FqcjjtOHJUDbxol-DFWmfKyPdmFf0KtA7Grbkzz_OiPqsH7r2n9dfJ8D1D_QSqe0NcPfKo2mK7EtzIsMMFhH3ZUa1bD0gDccp0r_C5C6G029-OamnWx720H1iq7TttHPbwGUv7CB7y2KHysaw6czZGxHh7dH5oITba-sDgTP4IZvVrofBih49MC1PcxifUdgYhWlnpnw7ZhwQ34PpSU5-2Fsc_sPXgSaPc9hNAiGt2PcRzaysGVudYpoa_7d-dJE0cBtqL0ZOP5Jz-pkiplsKwhxHDsCyvAZyhtpUdak6tp2RcI8KZUopHl_zuUKZPV126nItLRUmMbqxrt4Dn6UlFtckuoQMJjig5aSAGJs-qujc0__FBhezLA9_823KHJ8hldMRCjFHSsApPBd10hOsiAnPS5LSre8U1TH3_qfKstcE6zte2nAovMATBfsphlD9mhuzoJBwHh6v8Y8Z5r_HZXheLxkzqYrW-M-NpN4QO9sJka0E4OsHSS1ca1vC1_SSNLYcpP2j_ktmefts4LLYr6HdDh0yEDInj6iI53IqzxfTasEzckku-HvleKlEX2dT9uxmAUXNXoM4i9JBwhX8hXaM6JN-sbHZrrhlGXsQ0kgiU55v6upxbT6AALk4sr9a0BPE7OLiRMj8x94aR2zz-gtgucB0_BgudWmPXWG3NozlurmfYQm7GYKYqXZJLtzsLE_s8haMT9CTUceAbAx3_l7pBMGMP7APOl2C8A3WCwNaI1zlM8Y38d4Lnu8EXsreCfnwx3FWtWqFnJBXJGv9DA2oiWtP1yW6oPkfeNGLv7x2FMRfmmgqSJEmi6SKtRNDTW1wpJ2BQpx_ohOOK2mxDS4HJEyS5Yj3fX-bCg3JiDwyNr0VReaVZ4-Lkg9JhAtJ3ggrh39Dd2BxAizzGb1CrNHK7Ld4WzMXoGEoaJu6qt4Jqk290A-BKQbMMMNzBvgx11ZHJQQRZ3Ezi43LCiYOe1vGkjWoM09HsEXOsxAK_4yNSqJjA8rxdMRy2kxlsGqWjnsHMk7iYmBBit9uh12Qr9cG_JBGzZXUAJUpY_ocOogPkMdromxc1CG7jBlgk1R2wDfwNl6B3EfqXVw3mmPtDyzlj15SysXqryrOfnRtLiDY8NLs4hg0m2J6WHtGyeOSDZ_SBFF3mkuZ68QcDSaTIjulMGDyAanGYbQA3NqXBqnVgZpHAmB_W41tBBVjt2-SG5l8Rw0m5Td5zbrjvyrNyHlBw0rylng53HooIkh4cJgNjl7UNQNFbz4Ico9SbjX6jkiZwakdBsYubbFd4ADz75idPIaA36_Md78jXvyUHwVCJXy8vmQaVN6XZN7Obuv7kyWVRetFPu4hCCnRiAVeYzBPjG59rgP7O7FARdUwpE6OA6woVX6F52VxQMA0oBS2P-C_T7VNGLBOaW4fCy8CJhw2p4kvqaodKN3xv-NFHvmoO5nK-5ySj6pDxo22X6BGevdOGZFLd0vhdU2z03SX08084Pm6hYDGoZQjPGteHUDWRy84stXKuCfV1ZmBgAC7u7N810AP07oPnBu_LsNQ11FashHSb6d7g0knjhSU6FaAWtHzNYqqfVE23GyOmiE1HMzNlffRgc-giAbf76VJxvgZmk0u_37W9shX4eKtzpLwSF_i-LIncyHELW_NM69pO1pnZ1oQEd-DqRHKmGki2FfzT0u6kr7WXQPlsIEZeiWsaMr3oAKr5ExBmj6DoDqRbDoFd8912C73Rc6sBK8iytoBRGC2Jdk0uMvi_fprmko23tcXVMDYITE_yy932H_BXtoFkMCyq4FqXsBnz8nMXPV1htZ3TYlht3H3WyuUnSbZBgWSnzwlAR8dYCggeQFNZDxpjh61wFB7yZv45HHnmiohy9XQbYLnzO22SQiMmXoA82qfIjoJBNNqZ_nfPwMQL0m-yqitblBrfDwQr7rDuTpWe4GRmE0fVaiq_linfkaPCd-HpHCIgOg6aP&cid=CAQSPABpAlJWKTAjV-VNk8W0i_xZg4r3sdASqjCwd4qKtphtuRQXPNh2QKxOBGgtrae17XzV95t8YH11j7uwIhgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.walla.co.il%2F&ds=l&xdt=1&iif=1&cor=18274985154457166000&adk=531095043&idt=211&cac=0&dtd=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9efc937921f32143bb9ff6026a84610dde3909d749563deb3ff75a7219a21f91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:50 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39146
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame B0ED 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/
Origin
https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 18:51:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61129
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 02 Aug 2023 18:51:01 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230731/r20110914/elements/html/ Frame B0ED 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230731/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DUnDTKX4uBtVe93kiHs_h04YD9-3VJ1XGekTTplanPO1bx-r-QLHKq4r726_GHH--S1oG6UYpdaJ-79VrVkcD4DAJAiw&cry=1&dbm_d=AKAmf-CjNHZ52hJ90ZHtrWJiD965l2Esmowj5O-ez6odp5AATgkuY_a--oAPuYaTnknZjh4Yu44a5Y9A0-3y2pl1F2OOFZFbkUFh0wWwJrKmr9Tg071F48DLwmq5HQyRrOHbOlgY67LmuU3lFZmLpglXYXKH3ydmRkYqXEy1yHNaRgB34OtTk2JHyzuzuiemFJ6frmjog1BOz3PHkCAiHX-NomUrkD3HdOxHStCp5MXY-qssuEknnSwUoKhI0V5xQumTyi9c4MiJsx4RepXImjpfU3zDcY9bOeQz7MpKXNB7PysG-hNjnWVh17Jgqq95yq2CzF-5JHYJdqILWqXZ3dsU_IKjv0nm4Nru-S_PZoMTQ--YREbYDoWfuuyCGp_SepIh6ELLP7yzTbXI6nUXZukYO0n4zjesSzc5MqpWkFgYLYAzo-FMd49GylHB1Qgwuj5bSXgoFnp7fZZjEntBo2EQHekIhMPpcTzYNxhki-5xqn0b86XkWHLW03Fw0ZIzjQXclKgOxQKvewG6ncfWdkFX-0JotPXZXjzID-XPbPhZcJ00etOon5e__KvJPJi3zOCy0ShnCoAue1rhwNl-ZhFx0TcXBn-FaRwuxr4MnzWMrbGCCAnTlS_d1shyqxIYlGs_g-UbuwGMSKmsB7vwV9Ycc33Ez6gr-U_yKobbVF_3Ylt-XbFdQes5hepjv_52XE2Ks1RJctVH7faGc7RAlXKONYJXT5Op09qpqtW14E2YvxRsirxDqwBV6UsfZ0HBgbod-AvW5Uf0jbcBFaL8qqAkT1544NgxnXr8Anihp1zMx4NfFn7ThVi0ScWQGpO2ZdCIt-VsuOtb9A8hjxs7sga5L2tDNPzv4SU8_nP-c24MkYUMZAM7eh0ZupJO2D5GA6sfzkcjoe3InuM8Dxo9_iUW9RiN7ZiHBPEbR3j9QpNATdim0nuZead1w2oZDuyGMm-_owWIBHblzZfY9Gne1N7v4ybCR920nl6cf2Tte8MxamnM3A7SwXNaSFo566gNjbA4vYsjq9lF9GQUbjtKjQxW8cCuV8hM-JlEMhW4xumYDCi4duwq4Fw46DYJO4GiMDKoFIza9qlMDWez7zu7uDWrSykiPqN7EBF_nbwZw4Rh4F6uNlx_0qdAPe7aPvZwMTWOYoW-aCPbYKIH3zITgPEYc0BFkPNT_EeCjE__J3X5SNPgTxzBvykoxmHB8FxLGCFWyNVfUy3FtCWZf2mHPxmtuzEh52dA1zxzYYdGGiz2X4fUSYjn2PTvFozyy5EL2qy1tsoK7FFJl0fUc1ql9_OASXwDs2W4RfgSBwk1eU0_ySHS3OY2IB9C9jN7SLbHG3uJtHAAYkN943ysGf9qL0es5aQrAInzLIl-cJFZovBRV82slmAxpt4X9IXwrKczQrdT2tme-xFErn7AVpAHHIHVTUUIrHfGFI17wMNQ54B2se4QXxQxsQHFryhyeCe7LQ2V02hZO8fLUmrdoOOaLiLMUgflYWkOoNnJF60nXNBkriTkD-0z12MxvRLfjNN8hTO_WowhlXjJR-7Ffj6rfAiHuKEjueAEuP0Fak7a7KiD7ZB7_Mi0kGOS2iFKVaQRR93ZpkBNzvx8srrvLwqKi_cZ-rxTh1fwdlSsmilhVYgMUXxrvpif-ZMwdTE8Xvh8YHym_7c1gPj7P-9zFrydWIfNAYNi6Xo_235E9gnqWnUHnYm0kJdiLHWfv5uCWDqKjNueRBAuhq0YrQhXHPVl_HwlmdQvtBvMExsyim9CtykcVqtsWSYXzyFx4vCj2z-kgvFkmg3OK9GGl3KdWfaKP-NJK_Qrn-P8EJmtYP1pp47saT-kpCqR5Jwot6m1IINASn7JpGTpl5FktQ294HroJ6yKoB-XRopWbN8CMSyRth8_aajm_J-pBYmQyQIbkb_oJ2NESt95nux106ezhvQBO-5BZcUN6yFPZq1RcCKk4YVcvgQhZEBypHSLjdGoX8MCx9AyPV6_tnJjEaFjgtbIOgox7KY9CrHkd4V706wCf4DbsgWS_6CkdbQQ-wyZEEL8ONnDIVM4VRzuNcnx2V1CxoSoZVrMzwFykA4o9rnJxCYoYlfJZ5Z4SC6FU_XrzoIcrKmYuQs2efaLEvkn5h857QLwI0P7Brx9JBxTll0FRye8B_nMKUIgkCz184UGqYshZL_0JLR8Cv5c0z430NRGsHUsotxYjkc4NzrHrqL21DepPqyiBx6IOEcDIhJ36VExy0ivGlNS5PJshBfNtzEDTCfDywN64BABaPTTFcfUCYTsTDb7ST4a7c7VbcG32z80uv650UdDwtLBUfCpwPcBh2aD3aoInoymA4JB8qtxVNntn65XZM4fX99ZliwzqVbUipHZNB5VjzFmAdqzP0IsDn3wqSZ7pRV-su9f6hrpgMlEEpRSO759XtkABixkQ_n8lxrS2edqrWzn6Cr186wmVymskTZU0pjPPIBIiCQQbjR4GAKSRXMf5tsPdK0tpUyOL3NPCx1sr9JayroT_MCJf-0l32_jRDuByu53Iq2LGYKhv1mLa9wXyx-I_yMlmy96w0u5PX4-BjpDq5M9CF_prWPopucQUFqo5dOCAabqDtdOgCgIzPEHc__SHJLrVB5K6g1JmjJqKDmZUR0GO9euvpfzJb8UkU2djRz5FpJi0LW5wBExPOfaZ1P1NJTLwTKyTEKy8859cV7RX5W2CRZhBmaoLkBv1Tm9kcoDoa-iho2lDqmXX3A3nSoR69D_k6j8nH1uK2Gf9lC1qVwAMEXwU1rlmvLjoYrkQypSbiYenPk-X87S-auVkf2UOxOdRGP0IbXqafZDp3lIobrSNrnzILduuMDhBzt4CdSrFtZhmJKPLPYO-gMdSLyaGrTnUtB09zszvCRuboMwyS9Y0kMV5xpPZjRsRpsvkyY-4uQOY3kQqH6LXIh5Z0P-_lMIsPVB5lUvzKocnK3gqrc3c9f95Ci_mWgW3aQtLAqxG1nRaV_8DmXQ44nyUnK66pXUIRVbUIGE5SV8lGBFi6mJbrgT-LpgIrGJ_AyrENrup_H_LBwZX9hANNBj8nGSwvXfoF9763a8L2vDkOEEACyluu-dAegzp5OGPMdSdcSqr6qQONBfWs5BEnwIEEDLncxyAGVBu0broV3DEG69-unaWBbiEFK_Bou0zTTkjI6pvVF9GPZDMq9IfsatfIovezSfPq1dHcQPTT17BR2OKhrBrQePPMqJ7dsm7fxX3UR9FuVMoFFLMX4RB5q6FmPH30ipz7pITMIN21PKiFIx-31DOC9RbdrKHGR7DZemUFgMbfNIGNup-lJru_-yOcjxEhXIhGGHi89uuFH2-yQ2dZe9tZGxtLiENTXYq03HfsG2amDlVAnI9DFAWtUHlAWeM10TecPWUbuJi5IMl6POE0MaAb4swxcnr0EevM3J0g&cid=CAQSPABpAlJWKTAjV-VNk8W0i_xZg4r3sdASqjCwd4qKtphtuRQXPNh2QKxOBGgtrae17XzV95t8YH11j7uwIhgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.walla.co.il%2F&ds=l&xdt=1&iif=1&cor=7694688194193672000&adk=548554675&idt=161&cac=0&dtd=70
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 02:55:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
32058
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4172
x-xss-protection
0
server
cafe
etag
16731591232229431525
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Aug 2023 02:55:32 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230731/r20110914/ Frame B0ED 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230731/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DUnDTKX4uBtVe93kiHs_h04YD9-3VJ1XGekTTplanPO1bx-r-QLHKq4r726_GHH--S1oG6UYpdaJ-79VrVkcD4DAJAiw&cry=1&dbm_d=AKAmf-CjNHZ52hJ90ZHtrWJiD965l2Esmowj5O-ez6odp5AATgkuY_a--oAPuYaTnknZjh4Yu44a5Y9A0-3y2pl1F2OOFZFbkUFh0wWwJrKmr9Tg071F48DLwmq5HQyRrOHbOlgY67LmuU3lFZmLpglXYXKH3ydmRkYqXEy1yHNaRgB34OtTk2JHyzuzuiemFJ6frmjog1BOz3PHkCAiHX-NomUrkD3HdOxHStCp5MXY-qssuEknnSwUoKhI0V5xQumTyi9c4MiJsx4RepXImjpfU3zDcY9bOeQz7MpKXNB7PysG-hNjnWVh17Jgqq95yq2CzF-5JHYJdqILWqXZ3dsU_IKjv0nm4Nru-S_PZoMTQ--YREbYDoWfuuyCGp_SepIh6ELLP7yzTbXI6nUXZukYO0n4zjesSzc5MqpWkFgYLYAzo-FMd49GylHB1Qgwuj5bSXgoFnp7fZZjEntBo2EQHekIhMPpcTzYNxhki-5xqn0b86XkWHLW03Fw0ZIzjQXclKgOxQKvewG6ncfWdkFX-0JotPXZXjzID-XPbPhZcJ00etOon5e__KvJPJi3zOCy0ShnCoAue1rhwNl-ZhFx0TcXBn-FaRwuxr4MnzWMrbGCCAnTlS_d1shyqxIYlGs_g-UbuwGMSKmsB7vwV9Ycc33Ez6gr-U_yKobbVF_3Ylt-XbFdQes5hepjv_52XE2Ks1RJctVH7faGc7RAlXKONYJXT5Op09qpqtW14E2YvxRsirxDqwBV6UsfZ0HBgbod-AvW5Uf0jbcBFaL8qqAkT1544NgxnXr8Anihp1zMx4NfFn7ThVi0ScWQGpO2ZdCIt-VsuOtb9A8hjxs7sga5L2tDNPzv4SU8_nP-c24MkYUMZAM7eh0ZupJO2D5GA6sfzkcjoe3InuM8Dxo9_iUW9RiN7ZiHBPEbR3j9QpNATdim0nuZead1w2oZDuyGMm-_owWIBHblzZfY9Gne1N7v4ybCR920nl6cf2Tte8MxamnM3A7SwXNaSFo566gNjbA4vYsjq9lF9GQUbjtKjQxW8cCuV8hM-JlEMhW4xumYDCi4duwq4Fw46DYJO4GiMDKoFIza9qlMDWez7zu7uDWrSykiPqN7EBF_nbwZw4Rh4F6uNlx_0qdAPe7aPvZwMTWOYoW-aCPbYKIH3zITgPEYc0BFkPNT_EeCjE__J3X5SNPgTxzBvykoxmHB8FxLGCFWyNVfUy3FtCWZf2mHPxmtuzEh52dA1zxzYYdGGiz2X4fUSYjn2PTvFozyy5EL2qy1tsoK7FFJl0fUc1ql9_OASXwDs2W4RfgSBwk1eU0_ySHS3OY2IB9C9jN7SLbHG3uJtHAAYkN943ysGf9qL0es5aQrAInzLIl-cJFZovBRV82slmAxpt4X9IXwrKczQrdT2tme-xFErn7AVpAHHIHVTUUIrHfGFI17wMNQ54B2se4QXxQxsQHFryhyeCe7LQ2V02hZO8fLUmrdoOOaLiLMUgflYWkOoNnJF60nXNBkriTkD-0z12MxvRLfjNN8hTO_WowhlXjJR-7Ffj6rfAiHuKEjueAEuP0Fak7a7KiD7ZB7_Mi0kGOS2iFKVaQRR93ZpkBNzvx8srrvLwqKi_cZ-rxTh1fwdlSsmilhVYgMUXxrvpif-ZMwdTE8Xvh8YHym_7c1gPj7P-9zFrydWIfNAYNi6Xo_235E9gnqWnUHnYm0kJdiLHWfv5uCWDqKjNueRBAuhq0YrQhXHPVl_HwlmdQvtBvMExsyim9CtykcVqtsWSYXzyFx4vCj2z-kgvFkmg3OK9GGl3KdWfaKP-NJK_Qrn-P8EJmtYP1pp47saT-kpCqR5Jwot6m1IINASn7JpGTpl5FktQ294HroJ6yKoB-XRopWbN8CMSyRth8_aajm_J-pBYmQyQIbkb_oJ2NESt95nux106ezhvQBO-5BZcUN6yFPZq1RcCKk4YVcvgQhZEBypHSLjdGoX8MCx9AyPV6_tnJjEaFjgtbIOgox7KY9CrHkd4V706wCf4DbsgWS_6CkdbQQ-wyZEEL8ONnDIVM4VRzuNcnx2V1CxoSoZVrMzwFykA4o9rnJxCYoYlfJZ5Z4SC6FU_XrzoIcrKmYuQs2efaLEvkn5h857QLwI0P7Brx9JBxTll0FRye8B_nMKUIgkCz184UGqYshZL_0JLR8Cv5c0z430NRGsHUsotxYjkc4NzrHrqL21DepPqyiBx6IOEcDIhJ36VExy0ivGlNS5PJshBfNtzEDTCfDywN64BABaPTTFcfUCYTsTDb7ST4a7c7VbcG32z80uv650UdDwtLBUfCpwPcBh2aD3aoInoymA4JB8qtxVNntn65XZM4fX99ZliwzqVbUipHZNB5VjzFmAdqzP0IsDn3wqSZ7pRV-su9f6hrpgMlEEpRSO759XtkABixkQ_n8lxrS2edqrWzn6Cr186wmVymskTZU0pjPPIBIiCQQbjR4GAKSRXMf5tsPdK0tpUyOL3NPCx1sr9JayroT_MCJf-0l32_jRDuByu53Iq2LGYKhv1mLa9wXyx-I_yMlmy96w0u5PX4-BjpDq5M9CF_prWPopucQUFqo5dOCAabqDtdOgCgIzPEHc__SHJLrVB5K6g1JmjJqKDmZUR0GO9euvpfzJb8UkU2djRz5FpJi0LW5wBExPOfaZ1P1NJTLwTKyTEKy8859cV7RX5W2CRZhBmaoLkBv1Tm9kcoDoa-iho2lDqmXX3A3nSoR69D_k6j8nH1uK2Gf9lC1qVwAMEXwU1rlmvLjoYrkQypSbiYenPk-X87S-auVkf2UOxOdRGP0IbXqafZDp3lIobrSNrnzILduuMDhBzt4CdSrFtZhmJKPLPYO-gMdSLyaGrTnUtB09zszvCRuboMwyS9Y0kMV5xpPZjRsRpsvkyY-4uQOY3kQqH6LXIh5Z0P-_lMIsPVB5lUvzKocnK3gqrc3c9f95Ci_mWgW3aQtLAqxG1nRaV_8DmXQ44nyUnK66pXUIRVbUIGE5SV8lGBFi6mJbrgT-LpgIrGJ_AyrENrup_H_LBwZX9hANNBj8nGSwvXfoF9763a8L2vDkOEEACyluu-dAegzp5OGPMdSdcSqr6qQONBfWs5BEnwIEEDLncxyAGVBu0broV3DEG69-unaWBbiEFK_Bou0zTTkjI6pvVF9GPZDMq9IfsatfIovezSfPq1dHcQPTT17BR2OKhrBrQePPMqJ7dsm7fxX3UR9FuVMoFFLMX4RB5q6FmPH30ipz7pITMIN21PKiFIx-31DOC9RbdrKHGR7DZemUFgMbfNIGNup-lJru_-yOcjxEhXIhGGHi89uuFH2-yQ2dZe9tZGxtLiENTXYq03HfsG2amDlVAnI9DFAWtUHlAWeM10TecPWUbuJi5IMl6POE0MaAb4swxcnr0EevM3J0g&cid=CAQSPABpAlJWKTAjV-VNk8W0i_xZg4r3sdASqjCwd4qKtphtuRQXPNh2QKxOBGgtrae17XzV95t8YH11j7uwIhgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.walla.co.il%2F&ds=l&xdt=1&iif=1&cor=7694688194193672000&adk=548554675&idt=161&cac=0&dtd=70
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a8441b850c7e2bfa72c090b01c2468fadb48dd4a71e97ae7b2f26f9ca238ae36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 18:03:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
63953
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11554
x-xss-protection
0
server
cafe
etag
6686664146103606086
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 15 Aug 2023 18:03:57 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame B0ED 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 23:47:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
388944
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 27 Jul 2024 23:47:26 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 6E9C 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com
URL: https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
30280
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 02 Aug 2023 03:25:10 GMT
etag
48472445140208031
expires
Thu, 03 Aug 2023 03:25:10 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame B0ED 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bcf7bc5e84340b80fb05a2240efc79e4325d8cd4372b865a3ab35f0e4343c14d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
image/png
bulk
trc.taboola.com/wallail-walla/log/3/ 		0
288 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/wallail-walla/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=6
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230731-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
16
date
Wed, 02 Aug 2023 11:49:50 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
13878
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-cph2320025-CPH
pragma
no-cache
server
nginx
x-timer
S1690976990.477518,VS0,VE16
content-type
image/gif
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 5544 		172 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/
Origin
https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 20:24:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
55516
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 02 Aug 2023 20:24:34 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230731/r20110914/elements/html/ Frame 5544 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230731/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DdKROfYH8Wnp8mh5zrsCwAQMtSqcAuqncVyuGvFxPGDPiC5610J1pAZ9PPNIVeGIZiEgTIFHPWONHaadmUGv4tRvp66eC6O9ebAMIsSn13fcZDEJpm6Cev_Stx0ibzfwRDb4I31h0qDZpxv9uZpbagqqZFEd14w_z-W-YKepY2imcqGBI&dbm_d=AKAmf-AASyptqRMSZVCF5ZL47RTO2Snuz5b2DJYstl-N2grhV4tCNZb1t0Bn1FLsfrPQzZffNNCViarwaxlpg-IFffKnn-9DnBM2OeEj4jvNvGVeluInC30KOyMCFJW-aRdzVE30ITEr3XZgeyxLJS1EdNX1_y29Rm1m6HZJSpzLWnauW71XQjSxr1H_GN0y98GkrdCU2CdfGbjb278XZrB8x7-oikTYwrEPbcR8MaPxknlkpJmL3ZhZ8u47rZVj_r9S08ohEpTFkzkiyQ_5rShHAQjKt0Owk6L-9PBqZ2lGJloJobhYBnI4TvT1DXQgQXDaMtEtoYq7MKvIH0VvLJ89oC99ZmfpxqZyDXh2HsD8G2Ut_ryd6vRLE9kKVkzilf6UKz2W2HeTVnL8i3ggTmvKJc6k9SSpYezqvtdUB9rnKSUJLfbEjQhxkvCP_FYlipax_RFB8Ge70arMA9RAmXIYgFDnCBY-mgkyba4OgQByohUQiYmGvPCQDPhZPkH_b9DqVUSHIugSs-BXDkd3mBUyadqzSlGzscFKjoBEn9Bg6c6iu1pKyQEq4jS-0RXngW0Ae1EHmVL4C9N9GbCLOOclF12G72fiyb4Qd_GhMExYg7xsV9jpiMN1nWhGvW3nMrC8OEUyLrAbX5zHqli551tf1bU5aZjJ0tAVyp0qV9T7VJnbW687jiTzZMYFOyR0nbZ_eOykCCD-mkkuzHCuEDLPq73BdlQ29Oto-t0YWcZDXTNa_-YTxcK4anvqb4_d5cyyLRMrPpaikMIMdOphhvrzOTz7x6VpJij84VT1wcfok-4kXr5gI7E3YhRV9V5o__diJFI4IW9ZJikwHtZFdtEjiXHUip5n8_dnt6yScv5auzj7Ko4JjaPIW_WaEAdTg72VVxY9Ro_Ul5oo1DxjSCrGf2uJS8UCm86Q0My7FuIEB4cWmkd2krzJaU0XrR-iiNWJJI1fbZITK-dfeaJLZ5fFtu9dzF2d-X2PK0qi2myoQyezd4pMV9-YsJwdE-ybGxSafUtP_E6tL96t8pVdOAZ4bPXkVp53FfXAELggKVETe-kddrbKRxSIV8dJ_zU-msZtJCANHEJLUGBBx4JA4G_6DD92rzUnYKKVjst0tCEcROziJwp24-v9gzA8aZzVZp8DqCinj5BzoE9jdupTIcaDyvaQwl-3yLHBLnQw24GtbP1QDoDahWbjU2fH3dD1AAVAtoY8qXPpWUa06i1rTcEAeTyJnu_lLExmVGMmHTEaio77nlLSJcaXIvzYIzw3dhI_htbeDOH9AbmrN4CoIOE7C21wCeoBS8raGwMToU6uz7hXjtNn61np4-SVtizRH4PRy4sO80t2IGk2BuhmSJyDCT806WdfyjxqdPxr4UqXFd94HjT4y48P_yzu-64h65FFMRxG0D0o3mW5qNmOmZ7HRmykzNeDBNbKhW_FQNfFo83VDwTbwC--pi_YMFhMaUD11AjLDATMVzOnPsXWSt_7HH98yhWu3tmitn_TLgIinHzWAmgm1ZxBee-IHEuW36xxo0lI-diQitGQRIBU6q-r56NYd7on1jdoQZI7kkRYdAkDE-cMXYgxIjycC2YhueEY32OcVMyZ3I-aD-LZDqdyT6ZmxCLiSUnoywvCZoNvf-KEzDrurUE13X9DgSsflQJr4qWNxFrel-__fPj5ZzbpMUhx3q_dcjuWNypGIPJLHh2T5IA6aJ2dJUJmZvR1_S3lfBKEvuDRS2JUXcGpUCKtm72zEgHs5bqg0K8T8yamL8oOWEGIzwpzib8te0H5VX9G9pOvStItd69KuMhWiJcuGzOkrnLviSTqyexC1skKS5-_5-1jVld8lxijN3apt1sMkhtdv0w3yWI2vXxxCm2ieG7-iq3SJq93e7LFPFQ4P5XDusLr7BBJ44ipmAY_mOXsLoHtQW7QvvGoc9FHBEMySpMgtAGvGChFmj875_Sh3IeKSeNdNr5V_eSqDCUsABT7TUlIaxL6WQyLndhbdNFjVRD3LoQZUSKYH4ZO2snvz5Cva-8RwY5whabLyu-chmymzz75Y2qaU9jb6qsEQB_41ijIQ2D2Z4iTApffUpWk_5Q2fT8ycawwj9AXg6yNAvON9v7JgcwUq8oludAGzay_ji4wd-3Y5PRF4R-kSmvtoBkARah72EyT4j0_M1D5vNOd0LSRAf6ZMfsXnbKn60bXC4-P6iAMoGhrJ4_2ZvtrjURP4IH1-MJwfH316haglj7s-UhiJbP865ZE43GxBY5Lop3BFe0F_3Be57ofcrWFIXvz9U43srV1sShy1Mcq-foc5SrYLoAUtdqwzViH8EugxZul3qOiYvBRCq4z7TXhODQ5sLKoOU9ZhSEUzgTqHZlbOsuyr8ISyNe49webBPaRwmje1lX88h5sRJWG_bQqtX172a0uOqnmXFfPhlZ4pdtuL-sltT_c7erN6ZExfA0zhCFOFjWwte4wBxAyr-1FTdBUJQ1m_qxcXzJftuPps4L6798h4RjGmbz2BV30xcz8TmJas60wygbDJc64PG_BCSNq12D1qYdxZWtoAJvawl1aoYNNu9pWZai8R-YQsCQTiDNpODrkBYOS-Gxt0mphD6TkIPHaWhJd5bXhESQsQcwr5s2IJp6jYD3sEehZvIOzdPZxHRUF8Tfw7uV_T6t-PkF7UHDXq9spPL8NRIBm-56R3mlpyN4qwqTShl_Ew7o_yHrrQL3KUtWaX82zaHF3MSh_FNIrQdKpkQ5DnXqM2ZzghtswvC60dtdHH-HPvcqX1vgtjZtYV2DPLGlMzzqTxzD4SKcwL2SNSxAV79M0vSop2zxQoZtWmMqIVm-KPqvHvuxQguFUuwaLhXWmbVGD-q-pZrUoVy_PcYWSSjb3S4cZpumEtAz0bYBAerqoyopD6q3hjCPtfbqUhgApru87gstFX49ZaJRSoGG-E7SENQrMsKyDZ_cJohmeMcCTCxCMQr6OWqlfkFl6Ak-ZNlShfTNSbesxCn6J7IU-yDFkAopX8JoB4BopoomG2HVFOo9guS3gTqSrSv5ur7yahJqOovhv_UhQa_6hsMClyf_6T-bWfy22yPbrkMWu5pfp_e0LFMMN9afOHD-UQEgSWLBXzvqn7Uzm4ua0YmIO4SxjVhtybdoRarB6kVP8BxpzMujmIUaMKUpBhAHOT-czXxtJoq-c6WjOXBi7Lg4IpYnHO77mHLR7CxDMvhyq_Btcx3DMHfT9RqwpGwcFLqpjM_iVzgDvvcH1C1VH9DA6miLIO5kzdjVpcZCcmnQXGaUPLvyiH01MZJwzqWZhTPRBGP-WbkK4p4lBDEQAzYQIcCgTbPUBAihwLOZ-qpnDYZhx03l7UN2B15o_YCnlp2RwZoJG6bCkjSrEI3c_81RFfFWPVfjvIDT5qAfur63P9qkQ224NwlpXX-0XB8dRidoQL-R3VmU3l4TsA1yBqSVMMwXS18xq4e3Z6St2Q_aWe9SBK6rQ_6pR_fvVuFxEO9xk-zqqdO7jarKO0iDRB0JdhTZIfYQHwE5CSZ7Udxd2SSS6cmRGf2fdXljv1kvsjUL7gDBqMTXQVL8Edn5Q0nOGoh2-hR5ZMtUq_29DdAYVAVD-bxofqtSF98NSZr6MriJIAHyWx_bqKEKYz-2Zfjr6NcKQ161rwHE-USY6VM2gl3THmEIeeTV7dZWgUy2Xon76ZpFaY-rZerHA5ltI9__RLVIucfKRmMNrXTUZsM2nEKkTykepY4x1Ah94xhCMr6ScAe2LuIejjgK-7hrreWL2GVj-qHvqmcgWyoGbVHjpUnuCClmLL_OIobH_ZNo8GptTg-GhQr9ptCEmFCmnR40UiygDNdvRPlNX3x_V&cid=CAQSPABpAlJWKTAjV-VNk8W0i_xZg4r3sdASqjCwd4qKtphtuRQXPNh2QKxOBGgtrae17XzV95t8YH11j7uwIhgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.walla.co.il%2F&ds=l&xdt=1&iif=1&cor=7756739584864327000&adk=72288713&idt=203&cac=0&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 02:55:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
32058
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4172
x-xss-protection
0
server
cafe
etag
16731591232229431525
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Aug 2023 02:55:32 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230731/r20110914/ Frame 5544 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230731/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DdKROfYH8Wnp8mh5zrsCwAQMtSqcAuqncVyuGvFxPGDPiC5610J1pAZ9PPNIVeGIZiEgTIFHPWONHaadmUGv4tRvp66eC6O9ebAMIsSn13fcZDEJpm6Cev_Stx0ibzfwRDb4I31h0qDZpxv9uZpbagqqZFEd14w_z-W-YKepY2imcqGBI&dbm_d=AKAmf-AASyptqRMSZVCF5ZL47RTO2Snuz5b2DJYstl-N2grhV4tCNZb1t0Bn1FLsfrPQzZffNNCViarwaxlpg-IFffKnn-9DnBM2OeEj4jvNvGVeluInC30KOyMCFJW-aRdzVE30ITEr3XZgeyxLJS1EdNX1_y29Rm1m6HZJSpzLWnauW71XQjSxr1H_GN0y98GkrdCU2CdfGbjb278XZrB8x7-oikTYwrEPbcR8MaPxknlkpJmL3ZhZ8u47rZVj_r9S08ohEpTFkzkiyQ_5rShHAQjKt0Owk6L-9PBqZ2lGJloJobhYBnI4TvT1DXQgQXDaMtEtoYq7MKvIH0VvLJ89oC99ZmfpxqZyDXh2HsD8G2Ut_ryd6vRLE9kKVkzilf6UKz2W2HeTVnL8i3ggTmvKJc6k9SSpYezqvtdUB9rnKSUJLfbEjQhxkvCP_FYlipax_RFB8Ge70arMA9RAmXIYgFDnCBY-mgkyba4OgQByohUQiYmGvPCQDPhZPkH_b9DqVUSHIugSs-BXDkd3mBUyadqzSlGzscFKjoBEn9Bg6c6iu1pKyQEq4jS-0RXngW0Ae1EHmVL4C9N9GbCLOOclF12G72fiyb4Qd_GhMExYg7xsV9jpiMN1nWhGvW3nMrC8OEUyLrAbX5zHqli551tf1bU5aZjJ0tAVyp0qV9T7VJnbW687jiTzZMYFOyR0nbZ_eOykCCD-mkkuzHCuEDLPq73BdlQ29Oto-t0YWcZDXTNa_-YTxcK4anvqb4_d5cyyLRMrPpaikMIMdOphhvrzOTz7x6VpJij84VT1wcfok-4kXr5gI7E3YhRV9V5o__diJFI4IW9ZJikwHtZFdtEjiXHUip5n8_dnt6yScv5auzj7Ko4JjaPIW_WaEAdTg72VVxY9Ro_Ul5oo1DxjSCrGf2uJS8UCm86Q0My7FuIEB4cWmkd2krzJaU0XrR-iiNWJJI1fbZITK-dfeaJLZ5fFtu9dzF2d-X2PK0qi2myoQyezd4pMV9-YsJwdE-ybGxSafUtP_E6tL96t8pVdOAZ4bPXkVp53FfXAELggKVETe-kddrbKRxSIV8dJ_zU-msZtJCANHEJLUGBBx4JA4G_6DD92rzUnYKKVjst0tCEcROziJwp24-v9gzA8aZzVZp8DqCinj5BzoE9jdupTIcaDyvaQwl-3yLHBLnQw24GtbP1QDoDahWbjU2fH3dD1AAVAtoY8qXPpWUa06i1rTcEAeTyJnu_lLExmVGMmHTEaio77nlLSJcaXIvzYIzw3dhI_htbeDOH9AbmrN4CoIOE7C21wCeoBS8raGwMToU6uz7hXjtNn61np4-SVtizRH4PRy4sO80t2IGk2BuhmSJyDCT806WdfyjxqdPxr4UqXFd94HjT4y48P_yzu-64h65FFMRxG0D0o3mW5qNmOmZ7HRmykzNeDBNbKhW_FQNfFo83VDwTbwC--pi_YMFhMaUD11AjLDATMVzOnPsXWSt_7HH98yhWu3tmitn_TLgIinHzWAmgm1ZxBee-IHEuW36xxo0lI-diQitGQRIBU6q-r56NYd7on1jdoQZI7kkRYdAkDE-cMXYgxIjycC2YhueEY32OcVMyZ3I-aD-LZDqdyT6ZmxCLiSUnoywvCZoNvf-KEzDrurUE13X9DgSsflQJr4qWNxFrel-__fPj5ZzbpMUhx3q_dcjuWNypGIPJLHh2T5IA6aJ2dJUJmZvR1_S3lfBKEvuDRS2JUXcGpUCKtm72zEgHs5bqg0K8T8yamL8oOWEGIzwpzib8te0H5VX9G9pOvStItd69KuMhWiJcuGzOkrnLviSTqyexC1skKS5-_5-1jVld8lxijN3apt1sMkhtdv0w3yWI2vXxxCm2ieG7-iq3SJq93e7LFPFQ4P5XDusLr7BBJ44ipmAY_mOXsLoHtQW7QvvGoc9FHBEMySpMgtAGvGChFmj875_Sh3IeKSeNdNr5V_eSqDCUsABT7TUlIaxL6WQyLndhbdNFjVRD3LoQZUSKYH4ZO2snvz5Cva-8RwY5whabLyu-chmymzz75Y2qaU9jb6qsEQB_41ijIQ2D2Z4iTApffUpWk_5Q2fT8ycawwj9AXg6yNAvON9v7JgcwUq8oludAGzay_ji4wd-3Y5PRF4R-kSmvtoBkARah72EyT4j0_M1D5vNOd0LSRAf6ZMfsXnbKn60bXC4-P6iAMoGhrJ4_2ZvtrjURP4IH1-MJwfH316haglj7s-UhiJbP865ZE43GxBY5Lop3BFe0F_3Be57ofcrWFIXvz9U43srV1sShy1Mcq-foc5SrYLoAUtdqwzViH8EugxZul3qOiYvBRCq4z7TXhODQ5sLKoOU9ZhSEUzgTqHZlbOsuyr8ISyNe49webBPaRwmje1lX88h5sRJWG_bQqtX172a0uOqnmXFfPhlZ4pdtuL-sltT_c7erN6ZExfA0zhCFOFjWwte4wBxAyr-1FTdBUJQ1m_qxcXzJftuPps4L6798h4RjGmbz2BV30xcz8TmJas60wygbDJc64PG_BCSNq12D1qYdxZWtoAJvawl1aoYNNu9pWZai8R-YQsCQTiDNpODrkBYOS-Gxt0mphD6TkIPHaWhJd5bXhESQsQcwr5s2IJp6jYD3sEehZvIOzdPZxHRUF8Tfw7uV_T6t-PkF7UHDXq9spPL8NRIBm-56R3mlpyN4qwqTShl_Ew7o_yHrrQL3KUtWaX82zaHF3MSh_FNIrQdKpkQ5DnXqM2ZzghtswvC60dtdHH-HPvcqX1vgtjZtYV2DPLGlMzzqTxzD4SKcwL2SNSxAV79M0vSop2zxQoZtWmMqIVm-KPqvHvuxQguFUuwaLhXWmbVGD-q-pZrUoVy_PcYWSSjb3S4cZpumEtAz0bYBAerqoyopD6q3hjCPtfbqUhgApru87gstFX49ZaJRSoGG-E7SENQrMsKyDZ_cJohmeMcCTCxCMQr6OWqlfkFl6Ak-ZNlShfTNSbesxCn6J7IU-yDFkAopX8JoB4BopoomG2HVFOo9guS3gTqSrSv5ur7yahJqOovhv_UhQa_6hsMClyf_6T-bWfy22yPbrkMWu5pfp_e0LFMMN9afOHD-UQEgSWLBXzvqn7Uzm4ua0YmIO4SxjVhtybdoRarB6kVP8BxpzMujmIUaMKUpBhAHOT-czXxtJoq-c6WjOXBi7Lg4IpYnHO77mHLR7CxDMvhyq_Btcx3DMHfT9RqwpGwcFLqpjM_iVzgDvvcH1C1VH9DA6miLIO5kzdjVpcZCcmnQXGaUPLvyiH01MZJwzqWZhTPRBGP-WbkK4p4lBDEQAzYQIcCgTbPUBAihwLOZ-qpnDYZhx03l7UN2B15o_YCnlp2RwZoJG6bCkjSrEI3c_81RFfFWPVfjvIDT5qAfur63P9qkQ224NwlpXX-0XB8dRidoQL-R3VmU3l4TsA1yBqSVMMwXS18xq4e3Z6St2Q_aWe9SBK6rQ_6pR_fvVuFxEO9xk-zqqdO7jarKO0iDRB0JdhTZIfYQHwE5CSZ7Udxd2SSS6cmRGf2fdXljv1kvsjUL7gDBqMTXQVL8Edn5Q0nOGoh2-hR5ZMtUq_29DdAYVAVD-bxofqtSF98NSZr6MriJIAHyWx_bqKEKYz-2Zfjr6NcKQ161rwHE-USY6VM2gl3THmEIeeTV7dZWgUy2Xon76ZpFaY-rZerHA5ltI9__RLVIucfKRmMNrXTUZsM2nEKkTykepY4x1Ah94xhCMr6ScAe2LuIejjgK-7hrreWL2GVj-qHvqmcgWyoGbVHjpUnuCClmLL_OIobH_ZNo8GptTg-GhQr9ptCEmFCmnR40UiygDNdvRPlNX3x_V&cid=CAQSPABpAlJWKTAjV-VNk8W0i_xZg4r3sdASqjCwd4qKtphtuRQXPNh2QKxOBGgtrae17XzV95t8YH11j7uwIhgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.walla.co.il%2F&ds=l&xdt=1&iif=1&cor=7756739584864327000&adk=72288713&idt=203&cac=0&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a8441b850c7e2bfa72c090b01c2468fadb48dd4a71e97ae7b2f26f9ca238ae36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 18:03:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
63953
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11554
x-xss-protection
0
server
cafe
etag
6686664146103606086
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 15 Aug 2023 18:03:57 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 5544 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 23:47:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
388944
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 27 Jul 2024 23:47:26 GMT
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 7622 		172 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/
Origin
https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 20:24:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
55516
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 02 Aug 2023 20:24:34 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230731/r20110914/elements/html/ Frame 7622 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230731/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CO_tFrkaDK-g_YdE-aaQL8cJhZCwRbbS6zSIbL8HMalSe9ak0YNf7K0SYkmZzz-SJDSby0T7UjZr95_mSyv-Wvkp5CQ7v4lHwxR_tuQD2WqqiPVtsw_z7lZa4uXgG_HXGp0RPMh9q0sldlqCAL6RgBz_cIdH7f-XdCQPEeOm2wJhCgJqA&dbm_d=AKAmf-BeiRj9srnbt2qPC9A2Fco4n-K0Y4A-rHFAtqSlx5mmfJAK5ogRlxOXdIr7M-OKET4X8CSsD-2QUHmRW1o5Vc3_gctLrI-rPaXLFmt6DXMjEOwYQX6mREBPP6RLexSPdQLHxwXCG2XVa9fVXrEQ4ilKv5ZmtDn2gwR4bpvWuYGUi8FQHLjix2uvqj1zA3SRynGOa--jL-8lNWTxWfricrChioTZH8rM7_QpX08iUMrsRzU8-98L8mRpy0zxeiGKXb5NOhXrQJNW8hTZrifXembctY1AXjqHAgZNPIWz4827v3FfwZ-KB4ZoBt1Xh2m7OZLNTP3PsOGKYLXkXymJXhb6gttPdYJGn9qtKAjx-2VkTwHo9rHw9bI4U-cu_A7oNlqERz7fipZzC30rIBRzacDFGZLchxQU9_hS-wiuCFiJdFGegqIDXi2vRlQlzzaYd2XT6x-qXSgHtq6rh03ACDRBMHPvF4hKu3Po-jhTRR8hMVAmziNp0iAN4gqwZQVwnVkiU0xPehPKxbee8XOeAgidyrdRJz4qsXxtBjd-Feos98HIMPhZTFs1DuXQAh6D13kRHxB5BIKyOv-Wtj_XHsFNBQ_-qhfcQ-5Hag1xzKl4wkcqEOCz-AhaCfhWlI_iqyu4EFxbzA4CARYZ_xW_RnFId4wld4d7SbJ8OAKPQlXVEc0m0Tc9zpvePj0AR9HIQvMh628IoCzZo5cA5SPyFpmfSqbLjx78uPHz9osyuhAD4CC7cmtMpzyRn8MQPGdGuoIE3AvbogRHLXVK2ZFnOOyABWurfpru6AiS50nWDMoioEMCEJZs2lhQjlLnyMD2oLyEXvtvdkodLUud9gxGpdcJIxs5kcMFTLEhdiJQN4N93G5YkZ229_qgsxW5qGOb3ETRp84jyd_DUZfs8mhG0VrjkxJtmBs2fdriEAdQgbIx0m4pwsXmAdpHuFkE407LSS7e43b0jFRQas1t_uFiSFPa8N7p9iNBiiW4iXb-Tk1GGbZwhtj4I-TztBqaWmkGJ2z57iluNJgF2qup0x3mn88Pz9VTqRa4sywdw5wPZQ9vEUrC85mWvvDcUIoFHymMs0bBv01nHREXmYYgO91QiGPH0ydtvtpw0jKpAX5IExo-v3-qFPWpgcni_7CnRSyEPPBw9sdlAN8vwBEOh-avgTfSCG6hfaOy9b2VAFkfGHE3QMcATRe1lhUNPCXHSE9mfK9LIaqx84kiFjtMu-atqx__WEqmGhCyqqhRukhcOD1HsAZDBtsVm5FeL-a6e5htnsi71GI9apStdYOzgcvnoQ45MDezBGAtVYN7cebI05Yj3RGEnLlFiacCknfNlz-DzGVIbCXbMMCnJ8n2Gc7yWGfCwKbKF9iqUvS17ci4LLtjbQI-sSeE9oByJfsuzveQAdsrC9rFbO51UCLLahfg7uYyj-ALqHcfbf5ikBWtUC0OZ-if7xi7PUospGsMmcR9KJ-6ra-qf-GkTKacmcIxJ_H1teE-gmuf8glHs3UGDjzYRr2m4srF_pCVImvxDA-wU85gPcT2rt12T--zDUa6tuZ2xSIns_FeEf_R6XdrLKKCilwpOUhxefwahrbfctGm1mVGvP1id2w_wpSgZqKBbdSfbtAJQGRn9XI8-70r-whYq9m7z2t-Cc1FGfoLNAjg1kMxNrr7rAlfhXWbrglwyUqzgTG-a37NVxUut1XOcy5U_T34cNm4a2OQNntqy720aEnfk1HYytHkAW9t_Sdipzy0RXDOakBzuo4mQd-UeMP8EZoMZdYWAbihhLK-FiGjCBpO5L3MT7wWfsu_kVL3oq5F-KfgBc7oj68h7wUUVgtA8vlQ_o0ul_CZIp6AQLGrsgGJqQapldCe8FqcjjtOHJUDbxol-DFWmfKyPdmFf0KtA7Grbkzz_OiPqsH7r2n9dfJ8D1D_QSqe0NcPfKo2mK7EtzIsMMFhH3ZUa1bD0gDccp0r_C5C6G029-OamnWx720H1iq7TttHPbwGUv7CB7y2KHysaw6czZGxHh7dH5oITba-sDgTP4IZvVrofBih49MC1PcxifUdgYhWlnpnw7ZhwQ34PpSU5-2Fsc_sPXgSaPc9hNAiGt2PcRzaysGVudYpoa_7d-dJE0cBtqL0ZOP5Jz-pkiplsKwhxHDsCyvAZyhtpUdak6tp2RcI8KZUopHl_zuUKZPV126nItLRUmMbqxrt4Dn6UlFtckuoQMJjig5aSAGJs-qujc0__FBhezLA9_823KHJ8hldMRCjFHSsApPBd10hOsiAnPS5LSre8U1TH3_qfKstcE6zte2nAovMATBfsphlD9mhuzoJBwHh6v8Y8Z5r_HZXheLxkzqYrW-M-NpN4QO9sJka0E4OsHSS1ca1vC1_SSNLYcpP2j_ktmefts4LLYr6HdDh0yEDInj6iI53IqzxfTasEzckku-HvleKlEX2dT9uxmAUXNXoM4i9JBwhX8hXaM6JN-sbHZrrhlGXsQ0kgiU55v6upxbT6AALk4sr9a0BPE7OLiRMj8x94aR2zz-gtgucB0_BgudWmPXWG3NozlurmfYQm7GYKYqXZJLtzsLE_s8haMT9CTUceAbAx3_l7pBMGMP7APOl2C8A3WCwNaI1zlM8Y38d4Lnu8EXsreCfnwx3FWtWqFnJBXJGv9DA2oiWtP1yW6oPkfeNGLv7x2FMRfmmgqSJEmi6SKtRNDTW1wpJ2BQpx_ohOOK2mxDS4HJEyS5Yj3fX-bCg3JiDwyNr0VReaVZ4-Lkg9JhAtJ3ggrh39Dd2BxAizzGb1CrNHK7Ld4WzMXoGEoaJu6qt4Jqk290A-BKQbMMMNzBvgx11ZHJQQRZ3Ezi43LCiYOe1vGkjWoM09HsEXOsxAK_4yNSqJjA8rxdMRy2kxlsGqWjnsHMk7iYmBBit9uh12Qr9cG_JBGzZXUAJUpY_ocOogPkMdromxc1CG7jBlgk1R2wDfwNl6B3EfqXVw3mmPtDyzlj15SysXqryrOfnRtLiDY8NLs4hg0m2J6WHtGyeOSDZ_SBFF3mkuZ68QcDSaTIjulMGDyAanGYbQA3NqXBqnVgZpHAmB_W41tBBVjt2-SG5l8Rw0m5Td5zbrjvyrNyHlBw0rylng53HooIkh4cJgNjl7UNQNFbz4Ico9SbjX6jkiZwakdBsYubbFd4ADz75idPIaA36_Md78jXvyUHwVCJXy8vmQaVN6XZN7Obuv7kyWVRetFPu4hCCnRiAVeYzBPjG59rgP7O7FARdUwpE6OA6woVX6F52VxQMA0oBS2P-C_T7VNGLBOaW4fCy8CJhw2p4kvqaodKN3xv-NFHvmoO5nK-5ySj6pDxo22X6BGevdOGZFLd0vhdU2z03SX08084Pm6hYDGoZQjPGteHUDWRy84stXKuCfV1ZmBgAC7u7N810AP07oPnBu_LsNQ11FashHSb6d7g0knjhSU6FaAWtHzNYqqfVE23GyOmiE1HMzNlffRgc-giAbf76VJxvgZmk0u_37W9shX4eKtzpLwSF_i-LIncyHELW_NM69pO1pnZ1oQEd-DqRHKmGki2FfzT0u6kr7WXQPlsIEZeiWsaMr3oAKr5ExBmj6DoDqRbDoFd8912C73Rc6sBK8iytoBRGC2Jdk0uMvi_fprmko23tcXVMDYITE_yy932H_BXtoFkMCyq4FqXsBnz8nMXPV1htZ3TYlht3H3WyuUnSbZBgWSnzwlAR8dYCggeQFNZDxpjh61wFB7yZv45HHnmiohy9XQbYLnzO22SQiMmXoA82qfIjoJBNNqZ_nfPwMQL0m-yqitblBrfDwQr7rDuTpWe4GRmE0fVaiq_linfkaPCd-HpHCIgOg6aP&cid=CAQSPABpAlJWKTAjV-VNk8W0i_xZg4r3sdASqjCwd4qKtphtuRQXPNh2QKxOBGgtrae17XzV95t8YH11j7uwIhgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.walla.co.il%2F&ds=l&xdt=1&iif=1&cor=18274985154457166000&adk=531095043&idt=211&cac=0&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 02:55:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
32058
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4172
x-xss-protection
0
server
cafe
etag
16731591232229431525
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Aug 2023 02:55:32 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230731/r20110914/ Frame 7622 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230731/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CO_tFrkaDK-g_YdE-aaQL8cJhZCwRbbS6zSIbL8HMalSe9ak0YNf7K0SYkmZzz-SJDSby0T7UjZr95_mSyv-Wvkp5CQ7v4lHwxR_tuQD2WqqiPVtsw_z7lZa4uXgG_HXGp0RPMh9q0sldlqCAL6RgBz_cIdH7f-XdCQPEeOm2wJhCgJqA&dbm_d=AKAmf-BeiRj9srnbt2qPC9A2Fco4n-K0Y4A-rHFAtqSlx5mmfJAK5ogRlxOXdIr7M-OKET4X8CSsD-2QUHmRW1o5Vc3_gctLrI-rPaXLFmt6DXMjEOwYQX6mREBPP6RLexSPdQLHxwXCG2XVa9fVXrEQ4ilKv5ZmtDn2gwR4bpvWuYGUi8FQHLjix2uvqj1zA3SRynGOa--jL-8lNWTxWfricrChioTZH8rM7_QpX08iUMrsRzU8-98L8mRpy0zxeiGKXb5NOhXrQJNW8hTZrifXembctY1AXjqHAgZNPIWz4827v3FfwZ-KB4ZoBt1Xh2m7OZLNTP3PsOGKYLXkXymJXhb6gttPdYJGn9qtKAjx-2VkTwHo9rHw9bI4U-cu_A7oNlqERz7fipZzC30rIBRzacDFGZLchxQU9_hS-wiuCFiJdFGegqIDXi2vRlQlzzaYd2XT6x-qXSgHtq6rh03ACDRBMHPvF4hKu3Po-jhTRR8hMVAmziNp0iAN4gqwZQVwnVkiU0xPehPKxbee8XOeAgidyrdRJz4qsXxtBjd-Feos98HIMPhZTFs1DuXQAh6D13kRHxB5BIKyOv-Wtj_XHsFNBQ_-qhfcQ-5Hag1xzKl4wkcqEOCz-AhaCfhWlI_iqyu4EFxbzA4CARYZ_xW_RnFId4wld4d7SbJ8OAKPQlXVEc0m0Tc9zpvePj0AR9HIQvMh628IoCzZo5cA5SPyFpmfSqbLjx78uPHz9osyuhAD4CC7cmtMpzyRn8MQPGdGuoIE3AvbogRHLXVK2ZFnOOyABWurfpru6AiS50nWDMoioEMCEJZs2lhQjlLnyMD2oLyEXvtvdkodLUud9gxGpdcJIxs5kcMFTLEhdiJQN4N93G5YkZ229_qgsxW5qGOb3ETRp84jyd_DUZfs8mhG0VrjkxJtmBs2fdriEAdQgbIx0m4pwsXmAdpHuFkE407LSS7e43b0jFRQas1t_uFiSFPa8N7p9iNBiiW4iXb-Tk1GGbZwhtj4I-TztBqaWmkGJ2z57iluNJgF2qup0x3mn88Pz9VTqRa4sywdw5wPZQ9vEUrC85mWvvDcUIoFHymMs0bBv01nHREXmYYgO91QiGPH0ydtvtpw0jKpAX5IExo-v3-qFPWpgcni_7CnRSyEPPBw9sdlAN8vwBEOh-avgTfSCG6hfaOy9b2VAFkfGHE3QMcATRe1lhUNPCXHSE9mfK9LIaqx84kiFjtMu-atqx__WEqmGhCyqqhRukhcOD1HsAZDBtsVm5FeL-a6e5htnsi71GI9apStdYOzgcvnoQ45MDezBGAtVYN7cebI05Yj3RGEnLlFiacCknfNlz-DzGVIbCXbMMCnJ8n2Gc7yWGfCwKbKF9iqUvS17ci4LLtjbQI-sSeE9oByJfsuzveQAdsrC9rFbO51UCLLahfg7uYyj-ALqHcfbf5ikBWtUC0OZ-if7xi7PUospGsMmcR9KJ-6ra-qf-GkTKacmcIxJ_H1teE-gmuf8glHs3UGDjzYRr2m4srF_pCVImvxDA-wU85gPcT2rt12T--zDUa6tuZ2xSIns_FeEf_R6XdrLKKCilwpOUhxefwahrbfctGm1mVGvP1id2w_wpSgZqKBbdSfbtAJQGRn9XI8-70r-whYq9m7z2t-Cc1FGfoLNAjg1kMxNrr7rAlfhXWbrglwyUqzgTG-a37NVxUut1XOcy5U_T34cNm4a2OQNntqy720aEnfk1HYytHkAW9t_Sdipzy0RXDOakBzuo4mQd-UeMP8EZoMZdYWAbihhLK-FiGjCBpO5L3MT7wWfsu_kVL3oq5F-KfgBc7oj68h7wUUVgtA8vlQ_o0ul_CZIp6AQLGrsgGJqQapldCe8FqcjjtOHJUDbxol-DFWmfKyPdmFf0KtA7Grbkzz_OiPqsH7r2n9dfJ8D1D_QSqe0NcPfKo2mK7EtzIsMMFhH3ZUa1bD0gDccp0r_C5C6G029-OamnWx720H1iq7TttHPbwGUv7CB7y2KHysaw6czZGxHh7dH5oITba-sDgTP4IZvVrofBih49MC1PcxifUdgYhWlnpnw7ZhwQ34PpSU5-2Fsc_sPXgSaPc9hNAiGt2PcRzaysGVudYpoa_7d-dJE0cBtqL0ZOP5Jz-pkiplsKwhxHDsCyvAZyhtpUdak6tp2RcI8KZUopHl_zuUKZPV126nItLRUmMbqxrt4Dn6UlFtckuoQMJjig5aSAGJs-qujc0__FBhezLA9_823KHJ8hldMRCjFHSsApPBd10hOsiAnPS5LSre8U1TH3_qfKstcE6zte2nAovMATBfsphlD9mhuzoJBwHh6v8Y8Z5r_HZXheLxkzqYrW-M-NpN4QO9sJka0E4OsHSS1ca1vC1_SSNLYcpP2j_ktmefts4LLYr6HdDh0yEDInj6iI53IqzxfTasEzckku-HvleKlEX2dT9uxmAUXNXoM4i9JBwhX8hXaM6JN-sbHZrrhlGXsQ0kgiU55v6upxbT6AALk4sr9a0BPE7OLiRMj8x94aR2zz-gtgucB0_BgudWmPXWG3NozlurmfYQm7GYKYqXZJLtzsLE_s8haMT9CTUceAbAx3_l7pBMGMP7APOl2C8A3WCwNaI1zlM8Y38d4Lnu8EXsreCfnwx3FWtWqFnJBXJGv9DA2oiWtP1yW6oPkfeNGLv7x2FMRfmmgqSJEmi6SKtRNDTW1wpJ2BQpx_ohOOK2mxDS4HJEyS5Yj3fX-bCg3JiDwyNr0VReaVZ4-Lkg9JhAtJ3ggrh39Dd2BxAizzGb1CrNHK7Ld4WzMXoGEoaJu6qt4Jqk290A-BKQbMMMNzBvgx11ZHJQQRZ3Ezi43LCiYOe1vGkjWoM09HsEXOsxAK_4yNSqJjA8rxdMRy2kxlsGqWjnsHMk7iYmBBit9uh12Qr9cG_JBGzZXUAJUpY_ocOogPkMdromxc1CG7jBlgk1R2wDfwNl6B3EfqXVw3mmPtDyzlj15SysXqryrOfnRtLiDY8NLs4hg0m2J6WHtGyeOSDZ_SBFF3mkuZ68QcDSaTIjulMGDyAanGYbQA3NqXBqnVgZpHAmB_W41tBBVjt2-SG5l8Rw0m5Td5zbrjvyrNyHlBw0rylng53HooIkh4cJgNjl7UNQNFbz4Ico9SbjX6jkiZwakdBsYubbFd4ADz75idPIaA36_Md78jXvyUHwVCJXy8vmQaVN6XZN7Obuv7kyWVRetFPu4hCCnRiAVeYzBPjG59rgP7O7FARdUwpE6OA6woVX6F52VxQMA0oBS2P-C_T7VNGLBOaW4fCy8CJhw2p4kvqaodKN3xv-NFHvmoO5nK-5ySj6pDxo22X6BGevdOGZFLd0vhdU2z03SX08084Pm6hYDGoZQjPGteHUDWRy84stXKuCfV1ZmBgAC7u7N810AP07oPnBu_LsNQ11FashHSb6d7g0knjhSU6FaAWtHzNYqqfVE23GyOmiE1HMzNlffRgc-giAbf76VJxvgZmk0u_37W9shX4eKtzpLwSF_i-LIncyHELW_NM69pO1pnZ1oQEd-DqRHKmGki2FfzT0u6kr7WXQPlsIEZeiWsaMr3oAKr5ExBmj6DoDqRbDoFd8912C73Rc6sBK8iytoBRGC2Jdk0uMvi_fprmko23tcXVMDYITE_yy932H_BXtoFkMCyq4FqXsBnz8nMXPV1htZ3TYlht3H3WyuUnSbZBgWSnzwlAR8dYCggeQFNZDxpjh61wFB7yZv45HHnmiohy9XQbYLnzO22SQiMmXoA82qfIjoJBNNqZ_nfPwMQL0m-yqitblBrfDwQr7rDuTpWe4GRmE0fVaiq_linfkaPCd-HpHCIgOg6aP&cid=CAQSPABpAlJWKTAjV-VNk8W0i_xZg4r3sdASqjCwd4qKtphtuRQXPNh2QKxOBGgtrae17XzV95t8YH11j7uwIhgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.walla.co.il%2F&ds=l&xdt=1&iif=1&cor=18274985154457166000&adk=531095043&idt=211&cac=0&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a8441b850c7e2bfa72c090b01c2468fadb48dd4a71e97ae7b2f26f9ca238ae36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 18:03:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
63953
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11554
x-xss-protection
0
server
cafe
etag
6686664146103606086
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 15 Aug 2023 18:03:57 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 7622 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 23:47:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
388944
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 27 Jul 2024 23:47:26 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 8077 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com
URL: https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
30280
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 02 Aug 2023 03:25:10 GMT
etag
48472445140208031
expires
Thu, 03 Aug 2023 03:25:10 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 5544 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bdfaf1494e9dc2a16a30af1a81a6c3bf6c35af2493044377b7e3d28861ddb49d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
image/png
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 8B3E 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com
URL: https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
30280
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 02 Aug 2023 03:25:10 GMT
etag
48472445140208031
expires
Thu, 03 Aug 2023 03:25:10 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 7622 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bdd296ab322e7c6544b26dfaa32a80f974e3c1f574924c160a01e5ea6d4a771f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 235F 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
367126
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 29 Jul 2023 05:51:04 GMT
expires
Sun, 28 Jul 2024 05:51:04 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
718 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Wed, 02 Aug 2023 11:49:50 GMT
via
1.1 varnish
x-amz-request-id
DDQ4N5PH847FSFFN
age
12927
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
aqXZ5TfXP8iRdMdELepuMA5C/5ciFi+p6Ky8KbHabejFtNJHH4peFIuNVRC4MRKY5KotSYHDQrQ=
x-served-by
cache-cph2320025-CPH
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1690976991.579718,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
90
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
1362
pixel
cm.g.doubleclick.net/ Frame 6E9C
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEIGDryXUOCBiIIB3YN15yKw&google_cver=1&google_push=AaAOQGG8AGSCJEzPBrntkngHl2qwJ9rHMXtNAxdNidbuNu2BD763FAKrNWEJU8dsXCODzTiqVNQx3htWuKee6i4vR1PzTVBbZPM2
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2A7AD850A6354339B09C1E152051765E&google_push=AaAOQGG8AGSCJEzPBrntkngHl2qwJ9rHMXtNAxdNidbuNu2BD763FAKrNWEJU8dsXCODzTiqVNQx3htWuKee6i4...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2A7AD850A6354339B09C1E152051765E&google_push=AaAOQGG8AGSCJEzPBrntkngHl2qwJ9rHMXtNAxdNidbuNu2BD763FAKrNWEJU8dsXCODzTiqVNQx3htWuKee6i4vR1PzTVBbZPM2
Requested by
Host: 1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com
URL: https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 02 Aug 2023 11:49:50 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2A7AD850A6354339B09C1E152051765E&google_push=AaAOQGG8AGSCJEzPBrntkngHl2qwJ9rHMXtNAxdNidbuNu2BD763FAKrNWEJU8dsXCODzTiqVNQx3htWuKee6i4vR1PzTVBbZPM2
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Tue, 01 Aug 2023 11:49:50 GMT
google
match.adsrvr.org/track/cmf/ Frame 6E9C 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEIvmn_tVoBC3CurQ8qlrmsQ&google_cver=1&google_push=AaAOQGFAxeD7_lSVo1QeXk4fhWobWs4qRqoLyuaBJAVYhE9qjsqdpbRlOl_Gah3BEg-iWdIMCIYmyhLxkXeBvCTJU352G0eiVASC
Requested by
Host: 1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com
URL: https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 02 Aug 2023 11:49:50 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 6E9C 		0
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEKfl9y-yREaftSOVpyWJTgw&google_cver=1&google_push=AaAOQGG15LdKYH2f7DIY4c0peHwklkPHlQitVrj3Olvr_zjzIq-bs9UWY8r2HftrTTivGmxoKvk_rF0VNqi4j7gfMci3w2QK9JM
Requested by
Host: 1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com
URL: https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:50 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame 6E9C
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=8pFJwlAMQgytA9WXigkpKA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=8pFJwlAMQgytA9WXigkpKA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AaAOQGH92_Hslwj--r8i7FT9bQ5_zkQ9W27OXd1XRxy0DXxUquTfr38MUHbCzDFbqLVuXX27M5gMxza509Doie5Gad6BfAUPdkCZ
Requested by
Host: 1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com
URL: https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=8pFJwlAMQgytA9WXigkpKA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AaAOQGH92_Hslwj--r8i7FT9bQ5_zkQ9W27OXd1XRxy0DXxUquTfr38MUHbCzDFbqLVuXX27M5gMxza509Doie5Gad6BfAUPdkCZ
date
Wed, 02 Aug 2023 11:49:50 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 6E9C
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEDVZHbieibr6ZMRRhY0e81c&google_cver=1&google_push=AaAOQGFa5-gmiYecu6SgGXOX3nLLitpFLReB_Ijt-MekKBelx-FRCl4C1KQxTfsp2nku6hgCnsMWmGR49A9NRabwZ...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEDVZHbieibr6ZMRRhY0e81c&google_cver=1&google_push=AaAOQGFa5-gmiYecu6SgGXOX3nLLitpFLReB_Ijt-MekKBelx-FRCl4C1KQxTfsp2nku6hgCnsMWmGR49A9NRabwZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AaAOQGFa5-gmiYecu6SgGXOX3nLLitpFLReB_Ijt-MekKBelx-FRCl4C1KQxTfsp2nku6hgCnsMWmGR49A9NRabwZnHYAf8V2D5u&google_hm=HFVlsGZHfXGRSmJESuGNAQTf
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AaAOQGFa5-gmiYecu6SgGXOX3nLLitpFLReB_Ijt-MekKBelx-FRCl4C1KQxTfsp2nku6hgCnsMWmGR49A9NRabwZnHYAf8V2D5u&google_hm=HFVlsGZHfXGRSmJESuGNAQTf
Requested by
Host: 1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com
URL: https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Wed, 02 Aug 2023 11:49:50 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AaAOQGFa5-gmiYecu6SgGXOX3nLLitpFLReB_Ijt-MekKBelx-FRCl4C1KQxTfsp2nku6hgCnsMWmGR49A9NRabwZnHYAf8V2D5u&google_hm=HFVlsGZHfXGRSmJESuGNAQTf
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 6E9C
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEEprlCHTwu-CEgoHNke_Njk&google_cver=1&google_push=AaAOQGHHwW2BeKCu5yZSZaCbOfVWtLonz3k9iI5c6nrY-Enn5yWIjLHtANaHLXR1Unzi8OTav0U_98Bxm1MV...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGHHwW2BeKCu5yZSZaCbOfVWtLonz3k9iI5c6nrY-Enn5yWIjLHtANaHLXR1Unzi8OTav0U_98Bxm1MVT3CyPvFRQtgv1LDO
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGHHwW2BeKCu5yZSZaCbOfVWtLonz3k9iI5c6nrY-Enn5yWIjLHtANaHLXR1Unzi8OTav0U_98Bxm1MVT3CyPvFRQtgv1LDO
Requested by
Host: 1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com
URL: https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGHHwW2BeKCu5yZSZaCbOfVWtLonz3k9iI5c6nrY-Enn5yWIjLHtANaHLXR1Unzi8OTav0U_98Bxm1MVT3CyPvFRQtgv1LDO
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
pixel
cm.g.doubleclick.net/ Frame 6E9C
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEJ...
  • https://sync.targeting.unrulymedia.com/csync/RX-7a457ebd-a963-49c3-b5a4-cd7d6143fdff-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAaAOQGGi-mVyabhRuR5hLKeSi...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AaAOQGGi-mVyabhRuR5hLKeSiYSd-9lgdXVg83FWSjMUwx0GQwpZA1o21dxvoKjI3k1ut_dlC5TOJk6VNLqwrasIKhhrWhviz2cw&google_hm=A3pFfr2pY0nDtaTNfWFD_f8
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AaAOQGGi-mVyabhRuR5hLKeSiYSd-9lgdXVg83FWSjMUwx0GQwpZA1o21dxvoKjI3k1ut_dlC5TOJk6VNLqwrasIKhhrWhviz2cw&google_hm=A3pFfr2pY0nDtaTNfWFD_f8
Requested by
Host: 1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com
URL: https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AaAOQGGi-mVyabhRuR5hLKeSiYSd-9lgdXVg83FWSjMUwx0GQwpZA1o21dxvoKjI3k1ut_dlC5TOJk6VNLqwrasIKhhrWhviz2cw&google_hm=A3pFfr2pY0nDtaTNfWFD_f8
date
Wed, 02 Aug 2023 11:49:50 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX7a457ebda96349c3b5a4cd7d6143fdff003
content-type
text/html
attr
cm.g.doubleclick.net/pixel/ Frame 6E9C 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JqBlyaSsI8Q-FGAbHNIARzWOUBBoNjoQlIH2O05dcjBXoyyDvYPI81MlSeGQ5ffLYebXPp
Requested by
Host: 1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com
URL: https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:50 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 0FC8 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
367126
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 29 Jul 2023 05:51:04 GMT
expires
Sun, 28 Jul 2024 05:51:04 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/16325822350322053850/ Frame 8D7B 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16325822350322053850/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
259370cf0a380366a96e31df0d482d4d7c5d59f52788c3e4db0119493c8e50cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
366707
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1306
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sat, 29 Jul 2023 05:58:03 GMT
expires
Sun, 28 Jul 2024 05:58:03 GMT
last-modified
Mon, 15 May 2023 15:36:33 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame B0ED 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsttsvmOUfGc1pIpn0A8Jlk-P8C_bdTgGNmiKrnCyq61XfZLiWupwJDVJ-7cP32ahnJ_-gRMq7ClD4Cl6quLksR4YivmZqBCva1DYPW7WlGJTm9reKTk13FqtZuUIcxFgUoFiZskebbcQQk1t022HpatcUWHSPrHcUC1dRZmCpmnLeXACZnVgGW91hvztNZiXm0uKNcWQbSMGRs-YMH0GNi2OqkGZf0-WcniVz4tsSZkmrXaz4jsTWnuk1amXGVdg8nW1-iVN9w7fw6AlgEhb18WW21d6j-w3meu8DAGn81RN6mKSpqm9gLbG_05PYyDIaLHVTbzpiXlmWqPhKPRbDllJmJJhgDMYnEunv7PAHe22kgLwjmMxVn5iAFLNIfeARSDkhcEIqSArL6SoNAvGCrvbZOKtMIGHKdeW98jpuwg8tvsCY8_N8tV61xgU24Wdu7Srbb6yjh496b9tOkMvE6eUDkI5RygdruckqpX4F2nYS8j3yAHFazkyMtbDfRUX-20jwCl49v1AHPvnTU3KbzDDn2CY-TBWBw4H3emj2sGGDpGZm-R6awSFpL9lWp-JYkd66f5XWnAARw99mTYaJUyDAfVjBgrXkwCuF3WhhFIKpGpmc2m-M19LPqY0KYZq6AiDlAY-FlLEAZ8Wo2Wy1aGAvrSUCHdTLr1wH2bPVHM6mvmh_U4Dbl8TZA2B7FdnauWUWOwebT-mUXAhYUyLBjq7R3-78Aaf1j9EK0APV6zwz4Y26fDlQa6z1VJdKRg-e_Vl3cY6nYklHRoCVLQ8o3MqjSFWxkWd1KxdkBNuHzMlEh8bg4G1_wNm4GEP5ojEizGBBe6Wq9pZn7h7bHyKqOyTYm0rUn4DhRqj-k_21GAUKOtRg1Ct2lDdnXWtNAbXQQ1PbwzIvXd0u1KzFyrHFQK6QlZi9SVwrpfzxyjIDSzWPqtVx15nLnS3h-WNpBS1Ycw2gX03rOlZiqFrBxD6CU9ysyO8I-Wkg7XRZ81tbk4QA5Gu5-mdeaye8tQ1D1-C0x-iPr7FvBI-GO-TY2xbV6ZGJiquI14B1vrFjpgnQxf8Ce8tHZkoUmdSuRhmbDQN7YDe7sTjCVuyfwKHNO0Ps0Qi33aUiC8lawWcUOuo697fMrCiI6uA96vdLZ6Ly12UXC_1YR57xfrtfviOndhvPfKM4ZDfUwGimrZCJBg-6M_sJR6nS2vsMtfruDKNPO9Ab78vCL6rznSpDtSQm0b46OLv3v_JOrGrKTcmOJHqFI9Fh0zhxMTSLj5uBZccgzsV-8UjEZKbUyHemxDp7wyAiZT9waxde4&sai=AMfl-YR_8RgBQWDMZHVKb5UcxQU57_TUWH7srBkarQYqmeXX0PO1eGTBkhHNGz3IZMxwPko6Sb2vr5csfQe5Z9k8tXeDtsBxkgrqsBkyOgmmxhsyakl3WMVxzCg_v6-ddd5E35MTCgepvsFWI9d-XC3fv-BU4hNM2PnitHARHMWhQjyWU9N5Jhxj7ISIb4au5dYd5TTrEDVYmMYty5mVviOhi0GHBYAG9Pch3feDegWC72GixMqBc68_B56zBvH0t-7IOaNUhn8&sig=Cg0ArKJSzBnYaN0Nzk51EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=172&cbvp=1&cstd=170&cisv=r20230731.02024&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 02 Aug 2023 11:49:50 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Wed, 02 Aug 2023 11:49:50 GMT
tag.tr
red.vtracy.de/ Frame B0ED 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://red.vtracy.de/tag.tr?tr_adid=k29986329_s3021957_p367017832_c191767345&tr_mid=0&tr_sync=true&tr_uid1=DC&t=1635071515&gdpr_consent=&gdpr=
Requested by
Host: 1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com
URL: https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.63.153 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-63-153.eu-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Wed, 02 Aug 2023 11:49:50 GMT
Server
Apache
Connection
keep-alive
transfer-encoding
chunked
Content-Type
text/javascript;charset=UTF-8
current
dclk-match.dotomi.com/match/bounce/ Frame 8077 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEN_IpUYpkm6tsgr20lBTj-Y&google_cver=1&google_push=AaAOQGFoUArRuuWgztFpYzYop3XORIKPgRJ0Q7xMOqUgZErRkcgaQCl5gpUGxYbv6bmQ6MuiWyq39Zd3Wu-3--zqb-VGFdvFSg
Requested by
Host: 1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com
URL: https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:20::2010 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:50 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
i.match
s.tribalfusion.com/z/ Frame 8077
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEOOCc0xdC76js04Dx1ItrFw&google_cver=1&google_push=AaAOQGHU8AFP0JgDySVd-4uKpmyNTwuUqzXosnTsf9IHzMXblalJ8rZF3YZQJ5n76N2FV8BECzBqLGkR9KftRSxiX8N4PWwr9w&re...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOOCc0xdC76js04Dx1ItrFw&google_cver=1&google_push=AaAOQGHU8AFP0JgDySVd-4uKpmyNTwuUqzXosnTsf9IHzMXblalJ8rZF3YZQJ5n76N2FV8BECzBqLGkR9KftRSxiX8N4PWwr9w&...
43 B
449 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOOCc0xdC76js04Dx1ItrFw&google_cver=1&google_push=AaAOQGHU8AFP0JgDySVd-4uKpmyNTwuUqzXosnTsf9IHzMXblalJ8rZF3YZQJ5n76N2FV8BECzBqLGkR9KftRSxiX8N4PWwr9w&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGHU8AFP0JgDySVd-4uKpmyNTwuUqzXosnTsf9IHzMXblalJ8rZF3YZQJ5n76N2FV8BECzBqLGkR9KftRSxiX8N4PWwr9w%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol
H2
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:51 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7f0619912a359113-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:50 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
359
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOOCc0xdC76js04Dx1ItrFw&google_cver=1&google_push=AaAOQGHU8AFP0JgDySVd-4uKpmyNTwuUqzXosnTsf9IHzMXblalJ8rZF3YZQJ5n76N2FV8BECzBqLGkR9KftRSxiX8N4PWwr9w&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGHU8AFP0JgDySVd-4uKpmyNTwuUqzXosnTsf9IHzMXblalJ8rZF3YZQJ5n76N2FV8BECzBqLGkR9KftRSxiX8N4PWwr9w%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7f06198fb8a29113-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8077
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Qa8vYd8eR623Xvy--Fhl3A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Qa8vYd8eR623Xvy--Fhl3A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AaAOQGFJCEipvg5bCkGFrzE0sllaN_pbuPOhkFx3ESQWGC2b9RXq2WTns4NI2rSpKuWNZWLf3-IkLv5g0eGN3CqATvd3zl-nw70
Requested by
Host: 1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com
URL: https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Qa8vYd8eR623Xvy--Fhl3A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AaAOQGFJCEipvg5bCkGFrzE0sllaN_pbuPOhkFx3ESQWGC2b9RXq2WTns4NI2rSpKuWNZWLf3-IkLv5g0eGN3CqATvd3zl-nw70
date
Wed, 02 Aug 2023 11:49:50 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 8077
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDYcvhJpJAHMDht6d2JtE8c&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDYcvhJpJAHMDht6d2JtE8c&google_hm=ZMpC3hY46L-Ts4Y28pudWQAADHgAAAAB&google_nid=index&google_push=AaAOQGFU6sN5i9z7_nWhSbPZlHUowLCZjvW_l...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDYcvhJpJAHMDht6d2JtE8c&google_hm=ZMpC3hY46L-Ts4Y28pudWQAADHgAAAAB&google_nid=index&google_push=AaAOQGFU6sN5i9z7_nWhSbPZlHUowLCZjvW_l0Jt74Xj5JgTTglEHgZunRQr4dRHQiRhzdWVJu5BurUZ92mNGlD1skmpAgbGRqc
Requested by
Host: 1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com
URL: https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 02 Aug 2023 11:49:50 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDYcvhJpJAHMDht6d2JtE8c&google_hm=ZMpC3hY46L-Ts4Y28pudWQAADHgAAAAB&google_nid=index&google_push=AaAOQGFU6sN5i9z7_nWhSbPZlHUowLCZjvW_l0Jt74Xj5JgTTglEHgZunRQr4dRHQiRhzdWVJu5BurUZ92mNGlD1skmpAgbGRqc
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
0
Expires
0
pixel
cm.g.doubleclick.net/ Frame 8077
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEDVZHbieibr6ZMRRhY0e81c&google_cver=1&google_push=AaAOQGF_O4-2YGKxMWQJhJxJQjFDzzgqUA0hUTIzZKS4UBR_yNKmWtLoxSkjumCvN1cJpTerpCszbQzFrpta-8Dsu...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEDVZHbieibr6ZMRRhY0e81c&google_cver=1&google_push=AaAOQGF_O4-2YGKxMWQJhJxJQjFDzzgqUA0hUTIzZKS4UBR_yNKmWtLoxSkjumCvN1cJpTerpCszbQzFrpta-8Dsu...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AaAOQGF_O4-2YGKxMWQJhJxJQjFDzzgqUA0hUTIzZKS4UBR_yNKmWtLoxSkjumCvN1cJpTerpCszbQzFrpta-8Dsu2YGPn4k8g&google_hm=HFVlsGZHfXGRSmJESuGNAQTf
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AaAOQGF_O4-2YGKxMWQJhJxJQjFDzzgqUA0hUTIzZKS4UBR_yNKmWtLoxSkjumCvN1cJpTerpCszbQzFrpta-8Dsu2YGPn4k8g&google_hm=HFVlsGZHfXGRSmJESuGNAQTf
Requested by
Host: 1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com
URL: https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Wed, 02 Aug 2023 11:49:50 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AaAOQGF_O4-2YGKxMWQJhJxJQjFDzzgqUA0hUTIzZKS4UBR_yNKmWtLoxSkjumCvN1cJpTerpCszbQzFrpta-8Dsu2YGPn4k8g&google_hm=HFVlsGZHfXGRSmJESuGNAQTf
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 8077
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEEprlCHTwu-CEgoHNke_Njk&google_cver=1&google_push=AaAOQGEf4p4zK4VsU5dF-H9d3vYPSdQ0ImJ5GvzE9kvJ7ict64bcxmhfRp-mcR_08JZPmhejgHMo7_zsPTse...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGEf4p4zK4VsU5dF-H9d3vYPSdQ0ImJ5GvzE9kvJ7ict64bcxmhfRp-mcR_08JZPmhejgHMo7_zsPTseH1duwiWMRz97ug
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGEf4p4zK4VsU5dF-H9d3vYPSdQ0ImJ5GvzE9kvJ7ict64bcxmhfRp-mcR_08JZPmhejgHMo7_zsPTseH1duwiWMRz97ug
Requested by
Host: 1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com
URL: https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGEf4p4zK4VsU5dF-H9d3vYPSdQ0ImJ5GvzE9kvJ7ict64bcxmhfRp-mcR_08JZPmhejgHMo7_zsPTseH1duwiWMRz97ug
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
pixel
cm.g.doubleclick.net/ Frame 8077
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEJ...
  • https://sync.targeting.unrulymedia.com/csync/RX-7a457ebd-a963-49c3-b5a4-cd7d6143fdff-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAaAOQGEUExGRDHrxKvfl4zZwU...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AaAOQGEUExGRDHrxKvfl4zZwUWdnkyF4TEP46FNsxJfivH2Aa5QuilCUffWjyw-Bq7O4OmHNx_Roo3iGOY2AhsdMx-CgWZNpFLY&google_hm=A3pFfr2pY0nDtaTNfWFD_f8
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AaAOQGEUExGRDHrxKvfl4zZwUWdnkyF4TEP46FNsxJfivH2Aa5QuilCUffWjyw-Bq7O4OmHNx_Roo3iGOY2AhsdMx-CgWZNpFLY&google_hm=A3pFfr2pY0nDtaTNfWFD_f8
Requested by
Host: 1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com
URL: https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AaAOQGEUExGRDHrxKvfl4zZwUWdnkyF4TEP46FNsxJfivH2Aa5QuilCUffWjyw-Bq7O4OmHNx_Roo3iGOY2AhsdMx-CgWZNpFLY&google_hm=A3pFfr2pY0nDtaTNfWFD_f8
date
Wed, 02 Aug 2023 11:49:50 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX7a457ebda96349c3b5a4cd7d6143fdff003
content-type
text/html
attr
cm.g.doubleclick.net/pixel/ Frame 8077 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LtPbxFLDgQ9lFQ2JzgT6wqfcYGneA6nN9N_A6x7isvqjmRrNuluwTdY8fKxZCPFI9c2_dM
Requested by
Host: 1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com
URL: https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:50 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
index.html
s0.2mdn.net/sadbundle/16903489346352849191/ Frame A53C 		15 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16903489346352849191/index.html?e=69&leftOffset=0&topOffset=0&c=ceYuvTh8B1&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e728fe40da58cadf21a03d28ed7d43ccc98bc825c608596883052911b570476c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2271
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 02 Aug 2023 11:49:50 GMT
expires
Thu, 01 Aug 2024 11:49:50 GMT
last-modified
Thu, 16 Feb 2023 16:01:06 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 5544 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstCJhVrSNE-ca7Ujx3leBEh33Ky-dtPHe4lDrE2UHBTNSEzwn0zTM0M5d7XlfEo-6tyrmrj06cMxxp_fcLS6-d1QidgaFnJOmNUqewpgd1-mYgfQYX3QalTIwqjLO-mZZ5nkhExJq4sitVzWkiFwrOlUnifMVKnW0_3_wq6pfiWU6D_wHVn1ufUMDDkbwULHkaYQt4iI3QmHw1KGM-EimX5nXVxW1TyRIO_VEMbATpUqiRUTeWorIDJ3odFewKvkkAXL4WSgqm-XFUj4eZOtFzlCTD3FuDcdmyehGGRSz3YmMshrCaEe4iQ9Yif9YYXkRL7xriGU6e_4leIFJT31VNZX9Zpe-Gn7sJ8OvIjAAnKqu6-WDcW-BndHp1w4-kk3I7CLc4h5vyiB29yVs4axAnOu2P7TTL6uFP8eVDS25KcRyw4QyjyqVUHf43SvlwMwIHTqDKjCzduXfSoFeHF2gZCp61P30X6H22k_qqafz2MwU07jK5pmcvkDbqHiKG2n_WqTw-az-eS9VvkmfmjK4Jsrhla0LFmTHJ-xiPsbBD9aKNcfjEE7SEUf7W9xgvSyecTwjgAb4OeY5WdUmb_xlTSHSu8tk_sXdBy7Hl_GNA5kMDLI-IwA-M2uJTNUHtrja_CkPOEs9ufnut70nj5CxUtMjvf2AGyO_2ogpd9tkGx_0ftQkQ2qh1BmNa7B27hUbrK3n4Aj80KaRWWKagDCI29bmko5i-xQiICnwLAtSRyk2Q6suKDf-MAncAjv5u728qsS20q6d1p7_ynCqnaPuT_vGuGTrchTaopu4_u9m9V9YYLA-4ELoE5BV53sucQYWQXGMC5MF5QT-9eel-u3_ylttDT5qpLo3OXkbh8JgQ26u2aDm5bKYCK4TkRvkhFRq9-Y3tr7H-WSzSaYJnHLGUxX6EyXKaWp1rhldok1lEWXc-bWOkZqtvQByb7_OY5C97WpVOAref1bI2SWz8GGJzTvuPtr_RR-3VE5Utdox2uZamg6B27fX4KLpV17u_ghjmdcazlskOsvebnBVRdayByqILK2yHMuaoZoP5FERXz0r_fE61rh0b6RJIBZZ3sdM6MNtCZEll9ck8AOxqkfCqMlXWHdkHIjVKBG1fPBZ_awf0aFvbL9mFLCljhpZwMsa0Asuc3xBJseTd4kKszJqQEnpmUN65WChxYdfIQRhxCpDN42u3o29zyYgBjaIHl7FFY1Rt51-vLYi53IetT6AQuLwHKzvglvDsDQmlM6gLoQ-hvIezGSEW7o8RF69g6BP0YuE1DebUolkZ5ddxAmqKpd3_24lwzzCxRzfvQC_QwM3d1jndAgUvnbrImiaXT5ePCCqDFyiR7aS4dXZXol3ib42nkPtlgwspQ6UXSCM9f&sai=AMfl-YSPUcsdWwGViiXtZgH5H5iRouu28dw00SNjZi0r_txyuFkbmVkLFO3PLRHx9PVHHoPUaf4hQ9qUxwboHlMIqeheAY-oJ0DkUmE2sEwzBOW6UNToJkuBHwpTJBA79yUBU7WzNfYkSfsmh1gDzxugun3NVuIttncc5j4sfNCtausUaOpw4Wp6owtOXPyl5aUoB0LZclF4pZH8vxPv3XdvJEKtXfMFvWSO1llyZmBO72Nyd9QJ83jlna5VCsbRISIcALq7lrk&sig=Cg0ArKJSzFgqotjccwK6EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=149&cbvp=1&cstd=142&cisv=r20230731.13655&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 02 Aug 2023 11:49:50 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Wed, 02 Aug 2023 11:49:50 GMT
index.html
s0.2mdn.net/sadbundle/6578138867263583433/ Frame 58AA 		673 B
521 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6578138867263583433/index.html?e=69&leftOffset=0&topOffset=0&c=DxqKZwJqII&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ab994d90fb6b4e3841442d2a52de882b13b872c9f09c7765a55319aca262a71c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
410
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 02 Aug 2023 11:49:50 GMT
expires
Thu, 01 Aug 2024 11:49:50 GMT
last-modified
Mon, 10 Jul 2023 11:56:20 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 7622 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssjl2L0-i-nwuakRv3rCzGBDFnrUxW6yTC5LbP3L7FlTNI9aDrNtpkKrBa2buIFaOxMv0Mqn5I9pJ33R1DkEndC-gEvEfTnCKGV6h6HYp3hULpUWG_Kjcm7pxbBjG42eB5UGCUt1D3BLeSTMCHHyo_WwN4u0b-ZVLEqSc8ImgftXQfn5B5Ut-ww1d9xdVaEOczE-hH5iMpzuDsfE1MUIEhOPS6NqLMUZAg02caF7XeqYjh1TtqGDP3HweZg4Mf7YG9pg0b-W9SwDf-2c4DtIUGWUfyMDKCx13qE6LiW2oYJr48aGxuCXCKtOsM8Ow9KZTL3sT4tihnUexUVvEsUEO6sewbRDwDDmYspv7-YgOnTKuBZHzhNbur6MYb7p76YUKOhsRv_AwfN-DfhHlGUaJaHfl5hRIi_PDXGEt9Ri0sLrBNMhQAxy3UOr-T6uIK4dHo5I9p9Ug2bTEu-yCkiFnX3cduGvlAvTLXjq3q8nfeIv2s-sdWgkGAVQsYyVEwk8XgSuERkjDa3zbXUqnjpBPGBnIR2Eo3tIyqBXWeuTZx2m4_AbFsjO7-f3_l5b1MttD57MJQbWw_u8_VmmqD5OwLcdoYfmWhWu2q_8MuPxb5ZGy_56wy__tO_I-MndICcIc2mrVvHcsZ0gD1AvsSwqKYA8q9tFydaXmDE5ARgVZLSr15PQ94Rz29NQDQNWf8kv7rryXLChqzAMFtE0DgmsJap07NZzr4vYrQg8ArZMRLu8et6B3VNISDSbLwDQKAl1pl5AR17qKmzbmJD1AUCCzpoV_obZ--d5QHJzlMJylfonQIwgZOHk7lp0HcCFvUcPyUD7aL7EiN-zDabYz8NkYU7OXkwMyQbGCq77JZdMdBV3jGImhkt31-QVje-UhYbH8_ucaWFhXZsrrP7UYkdZ53HvXG1uVcCyeXQNM-QE8-6lzMJkolyNgz3GBFPLQhWhmYynUmnsIXiAaAR5Qzhrkabdcd7_W5YJur1uZrBjEpLGc668OBhuR8CHI7zvqRW4k3V9zLkWhb6_sD3vf9MsOdVA3EpLiff3HrfDBHfq7V2VD0ld6QBwu3NWyeDTDCpvrWJuMmEjZCK5oiL6ChunYmn71octGMP3qYCmRxnb9KT51SxpQSvW6LJU_VDi_RkevoIziCDwuhcmo9BpRkEkSkl1AnF0fVC7kL0ivrNj7xRbhVCG98ehvkQ4i_JQxPG1bL4_GIvuFVyLT-303TB8bKGFsakNWa5KsiOTHYvNu0513r2lNIkUsuv6XDMYgI5cpMWC5nRoMzCqz_oIuRa90nU5OtMzpFTM-_TD2fMi2PCeApr7wUtHWYjVKsigpHT6J18RXq9Xlt_BDx6haZqF_CVsLzVgdcy0tZIFEs&sai=AMfl-YSUqSXHdblcAllEyxakWbJwtnitVSOcp_FMgf4Yaq5O5jOpcwtaI5mDtB1_eiRal_eIkHc4a9NiqADbaLfuX_b7R-t3z1nUnW5jq2uC0APcXLgBQltxRd9TEEBAgZtzEgP2z7H7ZGX1LFEDvYvVKLoQ2gkU_Mit-SqvXwvU5jzbrU3j9bTv68qSUTIgscucU8W67PZgm6Z6tkQNF65eJYtKl_cvU6-JwK5IBn1yepLkDW8AC709OofxjMorHI7OZnRY_9c&sig=Cg0ArKJSzDp5tDXlUScmEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=151&cbvp=1&cstd=144&cisv=r20230731.90351&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 02 Aug 2023 11:49:50 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Wed, 02 Aug 2023 11:49:50 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 5B77 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
367126
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 29 Jul 2023 05:51:04 GMT
expires
Sun, 28 Jul 2024 05:51:04 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
style.css
s0.2mdn.net/sadbundle/16325822350322053850/stylesheets/ Frame 8D7B 		1 KB
472 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16325822350322053850/stylesheets/style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16325822350322053850/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e3a62ce28a6b2342ee3b1cb6af4c227da5774fe49d128fbc5f471eb845e10b46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16325822350322053850/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 20:27:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
400935
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
443
x-xss-protection
0
last-modified
Mon, 15 May 2023 15:36:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 27 Jul 2024 20:27:35 GMT
tweenmax_1.18.0_499ba64a23378545748ff12d372e59e9_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 8D7B 		105 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.18.0_499ba64a23378545748ff12d372e59e9_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16325822350322053850/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
001acbb15d9c69510c0817e6dde361bff098406fad182ab3c367f86ff3da8343
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16325822350322053850/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35824
x-xss-protection
0
last-modified
Fri, 09 Oct 2015 14:01:28 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 02 Aug 2023 11:49:50 GMT
main.js
s0.2mdn.net/sadbundle/16325822350322053850/javascripts/ Frame 8D7B 		1 KB
580 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16325822350322053850/javascripts/main.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16325822350322053850/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
db2c529bd81e24285880e7644c808ece637a5e7d2ad1f757e87b131536890bf7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16325822350322053850/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 14:58:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
593507
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
551
x-xss-protection
0
last-modified
Mon, 15 May 2023 15:36:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 25 Jul 2024 14:58:03 GMT
Enabler_01_250.js
s0.2mdn.net/879366/ Frame 58AA 		120 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6578138867263583433/index.html?e=69&leftOffset=0&topOffset=0&c=DxqKZwJqII&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6578138867263583433/index.html?e=69&leftOffset=0&topOffset=0&c=DxqKZwJqII&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 06:12:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20256
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42247
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 21:28:42 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 03 Aug 2023 06:12:14 GMT
template-43bf74fd.js
s0.2mdn.net/sadbundle/6578138867263583433/ Frame 58AA 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6578138867263583433/template-43bf74fd.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6578138867263583433/index.html?e=69&leftOffset=0&topOffset=0&c=DxqKZwJqII&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1083d32b6bd31c5bb8b662eb0bd3840484d66a62b699da6acd56b83f7ba05a5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/6578138867263583433/index.html?e=69&leftOffset=0&topOffset=0&c=DxqKZwJqII&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 07:58:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
359508
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13999
x-xss-protection
0
last-modified
Mon, 10 Jul 2023 11:56:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 28 Jul 2024 07:58:02 GMT
index-09647504.css
s0.2mdn.net/sadbundle/6578138867263583433/ Frame 58AA 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6578138867263583433/index-09647504.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6578138867263583433/index.html?e=69&leftOffset=0&topOffset=0&c=DxqKZwJqII&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09647504671a7ef9bb925c74c26e6be969edc1ded8ef8a94aa4b1ab1cdfc60af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6578138867263583433/index.html?e=69&leftOffset=0&topOffset=0&c=DxqKZwJqII&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 08:00:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
359340
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1375
x-xss-protection
0
last-modified
Mon, 10 Jul 2023 11:56:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 28 Jul 2024 08:00:50 GMT
1676550659977.css
s0.2mdn.net/sadbundle/16903489346352849191/ Frame A53C 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16903489346352849191/1676550659977.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16903489346352849191/index.html?e=69&leftOffset=0&topOffset=0&c=ceYuvTh8B1&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4487a470b5b991aee82f852d6038c563fdf8e33f931870d00613828cca7aa619
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16903489346352849191/index.html?e=69&leftOffset=0&topOffset=0&c=ceYuvTh8B1&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 12:33:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
342957
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2258
x-xss-protection
0
last-modified
Thu, 16 Feb 2023 16:01:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 28 Jul 2024 12:33:53 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame A53C 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16903489346352849191/index.html?e=69&leftOffset=0&topOffset=0&c=ceYuvTh8B1&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16903489346352849191/index.html?e=69&leftOffset=0&topOffset=0&c=ceYuvTh8B1&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 05:58:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21093
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 03 Aug 2023 05:58:17 GMT
1676550659977.js
s0.2mdn.net/sadbundle/16903489346352849191/ Frame A53C 		20 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16903489346352849191/1676550659977.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16903489346352849191/index.html?e=69&leftOffset=0&topOffset=0&c=ceYuvTh8B1&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cff8001763a4cb0cb81352e07fb9927790673baaeda29140c072f30c5933cf10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16903489346352849191/index.html?e=69&leftOffset=0&topOffset=0&c=ceYuvTh8B1&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 11:21:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
433682
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5491
x-xss-protection
0
last-modified
Thu, 16 Feb 2023 16:01:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 27 Jul 2024 11:21:48 GMT
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 8B3E
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEFRNpvZnax1ZMRFZdts3BMI&google_cver=1&google_push=AaAOQGHS-66wNSqtHvW4naIEDK0xRj-f0ZnniHDI8o7eqzLRMSetIy7c3GXW376R17gbYKVNWbRh7ntHnB990s6BNTIyGxi52KQ9
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODIxNTkwNjIzMzk5NDc2NDc2NQ==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFRNpvZnax1ZMRFZdts3BMI&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFRNpvZnax1ZMRFZdts3BMI&google_cver=1
Requested by
Host: 1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com
URL: https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 02 Aug 2023 11:49:49 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFRNpvZnax1ZMRFZdts3BMI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8B3E
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEKn5vTgZ67DhwWqMGFyeGFE&google_cver=1&google_push=AaAOQGFBbWE55xdvHXbCrj7EN30d0i08E9Ae6mLZWlX6crum36otSM0OjJ7cr73vr34oQFfls4hZHYzvnb1c5H4N...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGFBbWE55xdvHXbCrj7EN30d0i08E9Ae6mLZWlX6crum36otSM0OjJ7cr73vr34oQFfls4hZHYzvnb1c5H4NUiLYNocsxd-a
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGFBbWE55xdvHXbCrj7EN30d0i08E9Ae6mLZWlX6crum36otSM0OjJ7cr73vr34oQFfls4hZHYzvnb1c5H4NUiLYNocsxd-a
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Wed, 02 Aug 2023 11:49:50 GMT
Server
MT3 1031 59fd23a master zrh zrh-pixel-x29 config_version:"1524"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGFBbWE55xdvHXbCrj7EN30d0i08E9Ae6mLZWlX6crum36otSM0OjJ7cr73vr34oQFfls4hZHYzvnb1c5H4NUiLYNocsxd-a
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 02 Aug 2023 11:49:49 GMT
pixel
cm.g.doubleclick.net/ Frame 8B3E
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENkR1s4gIetcYP5te-Z6sto&google_push=AaAOQGHd7c08SSOYXl_VXiq55mjdoUjUWtrXBGzN58Vhbaz6oQQkJ7PhsU...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENkR1s4gIetcYP5te-Z6sto&google_push=AaAOQGHd7c08SSOYXl_VXiq55mjdoUjUWtrXBGzN58Vhbaz6oQQkJ7PhsUc3OySm5Y1159pNHgpj_mbQhFUeJFN4Z4Vb3lX5sdzz
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-cph2320056-CPH
pragma
no-cache
date
Wed, 02 Aug 2023 11:49:50 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1690976991.850914,VS0,VE95
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENkR1s4gIetcYP5te-Z6sto&google_push=AaAOQGHd7c08SSOYXl_VXiq55mjdoUjUWtrXBGzN58Vhbaz6oQQkJ7PhsUc3OySm5Y1159pNHgpj_mbQhFUeJFN4Z4Vb3lX5sdzz
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 8B3E
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEEXKdZ-7kD4Schu9xy6zeTA&google_cver=1&google_push=AaAOQGHkNFtLZZr0T2uMvHdK2eT-Jx8cV6ieqgQuRMaodm011Qr1AYweIdsYnyKZ40fDeEa4SVI6rzHJ3DF5U--KUdHmH5I...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGHkNFtLZZr0T2uMvHdK2eT-Jx8cV6ieqgQuRMaodm011Qr1AYweIdsYnyKZ40fDeEa4SVI6rzHJ3DF5U--KUdHmH5ImBgLM&google_hm=eS1GY2VjMmFCRTJwRWF0N1...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGHkNFtLZZr0T2uMvHdK2eT-Jx8cV6ieqgQuRMaodm011Qr1AYweIdsYnyKZ40fDeEa4SVI6rzHJ3DF5U--KUdHmH5ImBgLM&google_hm=eS1GY2VjMmFCRTJwRWF0N1lvdXFTUEtxZ1dhVWxjX2Jkb35B
Requested by
Host: 1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com
URL: https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 02 Aug 2023 11:49:50 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGHkNFtLZZr0T2uMvHdK2eT-Jx8cV6ieqgQuRMaodm011Qr1AYweIdsYnyKZ40fDeEa4SVI6rzHJ3DF5U--KUdHmH5ImBgLM&google_hm=eS1GY2VjMmFCRTJwRWF0N1lvdXFTUEtxZ1dhVWxjX2Jkb35B
content-length
0
pixel
cm.g.doubleclick.net/ Frame 8B3E
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEDVZHbieibr6ZMRRhY0e81c&google_cver=1&google_push=AaAOQGH8CzdArx2K1MitwzUq9q738f0gkPUzwCsjPmqgSqHYIzgXwtiKvz-6dI3i0JmVkZSt83MQjfrgEf78ms5r1...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AaAOQGH8CzdArx2K1MitwzUq9q738f0gkPUzwCsjPmqgSqHYIzgXwtiKvz-6dI3i0JmVkZSt83MQjfrgEf78ms5r1Lrk_Jxgn3ty&google_hm=HFVlsGZHfXGRSmJESuGNAQTf
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AaAOQGH8CzdArx2K1MitwzUq9q738f0gkPUzwCsjPmqgSqHYIzgXwtiKvz-6dI3i0JmVkZSt83MQjfrgEf78ms5r1Lrk_Jxgn3ty&google_hm=HFVlsGZHfXGRSmJESuGNAQTf
Requested by
Host: 1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com
URL: https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Wed, 02 Aug 2023 11:49:50 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AaAOQGH8CzdArx2K1MitwzUq9q738f0gkPUzwCsjPmqgSqHYIzgXwtiKvz-6dI3i0JmVkZSt83MQjfrgEf78ms5r1Lrk_Jxgn3ty&google_hm=HFVlsGZHfXGRSmJESuGNAQTf
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 8B3E
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEEprlCHTwu-CEgoHNke_Njk&google_cver=1&google_push=AaAOQGGRxMCJNaD8ZvxnmQotP9gGIryWskOZ2zT0zzXUw_0Z8U9vYz1N2679eOzHueEKiDE-0vsOhkRNq7KB...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGGRxMCJNaD8ZvxnmQotP9gGIryWskOZ2zT0zzXUw_0Z8U9vYz1N2679eOzHueEKiDE-0vsOhkRNq7KBRxmQu0vzZsYtk_w
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGGRxMCJNaD8ZvxnmQotP9gGIryWskOZ2zT0zzXUw_0Z8U9vYz1N2679eOzHueEKiDE-0vsOhkRNq7KBRxmQu0vzZsYtk_w
Requested by
Host: 1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com
URL: https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGGRxMCJNaD8ZvxnmQotP9gGIryWskOZ2zT0zzXUw_0Z8U9vYz1N2679eOzHueEKiDE-0vsOhkRNq7KBRxmQu0vzZsYtk_w
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
sync
ssbsync.smartadserver.com/api/ Frame 8B3E 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEISj4hQjTfJ7ZASIePHVl6g&google_cver=1&google_push=AaAOQGEBma_ZIqbGvCyzDS_8ibvnGNwGdrg4-42tVfLjF6LRVQ07Aekiv9HsQInPm4OZUZAbiKaoe8RFVxbirwwtnuR5swGH4nM
Requested by
Host: 1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com
URL: https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.151 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:50 GMT
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 8B3E 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LI-3j_33NrzH2uk4k-dHblPgQ5MhZ7mRzIXUoNlBzpz39Bg-Cs0hMA7lwQGh_8ko4GptjS
Requested by
Host: 1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com
URL: https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:50 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
fEcdG_B7pUQXAq0S1D0jGwFCW0QHifFmsZMHxcblrt4.js
pagead2.googlesyndication.com/bg/ Frame 235F 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/fEcdG_B7pUQXAq0S1D0jGwFCW0QHifFmsZMHxcblrt4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c471d1bf07ba5441702ad12d43d231b01425b440789f166b19307c5c6e5aede
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 09:08:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
9701
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14619
x-xss-protection
0
last-modified
Mon, 24 Jul 2023 13:39:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 01 Aug 2024 09:08:09 GMT
fEcdG_B7pUQXAq0S1D0jGwFCW0QHifFmsZMHxcblrt4.js
pagead2.googlesyndication.com/bg/ Frame 0FC8 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/fEcdG_B7pUQXAq0S1D0jGwFCW0QHifFmsZMHxcblrt4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c471d1bf07ba5441702ad12d43d231b01425b440789f166b19307c5c6e5aede
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 09:08:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
9701
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14619
x-xss-protection
0
last-modified
Mon, 24 Jul 2023 13:39:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 01 Aug 2024 09:08:09 GMT
fEcdG_B7pUQXAq0S1D0jGwFCW0QHifFmsZMHxcblrt4.js
pagead2.googlesyndication.com/bg/ Frame 5B77 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/fEcdG_B7pUQXAq0S1D0jGwFCW0QHifFmsZMHxcblrt4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c471d1bf07ba5441702ad12d43d231b01425b440789f166b19307c5c6e5aede
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 09:08:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
9701
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14619
x-xss-protection
0
last-modified
Mon, 24 Jul 2023 13:39:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 01 Aug 2024 09:08:09 GMT
bg3.jpg
s0.2mdn.net/sadbundle/16325822350322053850/images/ Frame 8D7B 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16325822350322053850/images/bg3.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16325822350322053850/stylesheets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d845af1f0c23a4d6e415a829ee32ecd3b051e1b9539970687046dd38ae78c98d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16325822350322053850/stylesheets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 06:16:07 GMT
x-content-type-options
nosniff
age
365623
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25316
x-xss-protection
0
last-modified
Mon, 15 May 2023 15:36:33 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 28 Jul 2024 06:16:07 GMT
bg2.jpg
s0.2mdn.net/sadbundle/16325822350322053850/images/ Frame 8D7B 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16325822350322053850/images/bg2.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16325822350322053850/stylesheets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
861ac263132d0b6dff10b6b5a7c51c290e45f257bb628c92016f5a0790543516
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16325822350322053850/stylesheets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 20:14:13 GMT
x-content-type-options
nosniff
age
315337
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51515
x-xss-protection
0
last-modified
Mon, 15 May 2023 15:36:33 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 28 Jul 2024 20:14:13 GMT
bg1.jpg
s0.2mdn.net/sadbundle/16325822350322053850/images/ Frame 8D7B 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16325822350322053850/images/bg1.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16325822350322053850/stylesheets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc6edb8c4cd1b734aa8792ff58881ffe0ef9c71ebea0ce2434febd071224b707
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16325822350322053850/stylesheets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 08:26:06 GMT
x-content-type-options
nosniff
age
357824
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47375
x-xss-protection
0
last-modified
Mon, 15 May 2023 15:36:33 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 28 Jul 2024 08:26:06 GMT
logos.png
s0.2mdn.net/sadbundle/16325822350322053850/images/ Frame 8D7B 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16325822350322053850/images/logos.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16325822350322053850/stylesheets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
44eeb4568b704c0f0a9909aed03ad7458799c0face22b0b8d1333ce5cbd5cfed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16325822350322053850/stylesheets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 16:13:30 GMT
x-content-type-options
nosniff
age
416180
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5232
x-xss-protection
0
last-modified
Mon, 15 May 2023 15:36:33 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 27 Jul 2024 16:13:30 GMT
push01.png
s0.2mdn.net/sadbundle/16325822350322053850/images/ Frame 8D7B 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16325822350322053850/images/push01.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16325822350322053850/stylesheets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c877d16fba023f3bd02c5a3a27a9e70886fab643d424a2e5ff2707f6b545f78b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16325822350322053850/stylesheets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 10:18:18 GMT
x-content-type-options
nosniff
age
351092
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6031
x-xss-protection
0
last-modified
Mon, 15 May 2023 15:36:33 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 28 Jul 2024 10:18:18 GMT
push01b.png
s0.2mdn.net/sadbundle/16325822350322053850/images/ Frame 8D7B 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16325822350322053850/images/push01b.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16325822350322053850/stylesheets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9966325185672707cb236f7080ded8154b0d073f9fb42b90f4e39009f2973e88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16325822350322053850/stylesheets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 23:53:04 GMT
x-content-type-options
nosniff
age
388606
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7762
x-xss-protection
0
last-modified
Mon, 15 May 2023 15:36:33 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 27 Jul 2024 23:53:04 GMT
push02.png
s0.2mdn.net/sadbundle/16325822350322053850/images/ Frame 8D7B 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16325822350322053850/images/push02.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16325822350322053850/stylesheets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b83f885e4b5c5702a89c7ab944f16e40f1a59b33157baa872196124d128e68cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16325822350322053850/stylesheets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 03:28:33 GMT
x-content-type-options
nosniff
age
375677
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6513
x-xss-protection
0
last-modified
Mon, 15 May 2023 15:36:33 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 28 Jul 2024 03:28:33 GMT
push02b.png
s0.2mdn.net/sadbundle/16325822350322053850/images/ Frame 8D7B 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16325822350322053850/images/push02b.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16325822350322053850/stylesheets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8ac4d31233baa94433f305d393674f22af5cca5e2f4c7b555c06d602135bcd13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16325822350322053850/stylesheets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 08:05:33 GMT
x-content-type-options
nosniff
age
359057
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7256
x-xss-protection
0
last-modified
Mon, 15 May 2023 15:36:33 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 28 Jul 2024 08:05:33 GMT
cta.png
s0.2mdn.net/sadbundle/16325822350322053850/images/ Frame 8D7B 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16325822350322053850/images/cta.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16325822350322053850/stylesheets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
46d23daa0a57a967ac07f516491d96b833bf2b56152dd035e85cb8ba89716bf0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16325822350322053850/stylesheets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 06:15:42 GMT
x-content-type-options
nosniff
age
365648
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6642
x-xss-protection
0
last-modified
Mon, 15 May 2023 15:36:33 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 28 Jul 2024 06:15:42 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame B0ED 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsttsvmOUfGc1pIpn0A8Jlk-P8C_bdTgGNmiKrnCyq61XfZLiWupwJDVJ-7cP32ahnJ_-gRMq7ClD4Cl6quLksR4YivmZqBCva1DYPW7WlGJTm9reKTk13FqtZuUIcxFgUoFiZskebbcQQk1t022HpatcUWHSPrHcUC1dRZmCpmnLeXACZnVgGW91hvztNZiXm0uKNcWQbSMGRs-YMH0GNi2OqkGZf0-WcniVz4tsSZkmrXaz4jsTWnuk1amXGVdg8nW1-iVN9w7fw6AlgEhb18WW21d6j-w3meu8DAGn81RN6mKSpqm9gLbG_05PYyDIaLHVTbzpiXlmWqPhKPRbDllJmJJhgDMYnEunv7PAHe22kgLwjmMxVn5iAFLNIfeARSDkhcEIqSArL6SoNAvGCrvbZOKtMIGHKdeW98jpuwg8tvsCY8_N8tV61xgU24Wdu7Srbb6yjh496b9tOkMvE6eUDkI5RygdruckqpX4F2nYS8j3yAHFazkyMtbDfRUX-20jwCl49v1AHPvnTU3KbzDDn2CY-TBWBw4H3emj2sGGDpGZm-R6awSFpL9lWp-JYkd66f5XWnAARw99mTYaJUyDAfVjBgrXkwCuF3WhhFIKpGpmc2m-M19LPqY0KYZq6AiDlAY-FlLEAZ8Wo2Wy1aGAvrSUCHdTLr1wH2bPVHM6mvmh_U4Dbl8TZA2B7FdnauWUWOwebT-mUXAhYUyLBjq7R3-78Aaf1j9EK0APV6zwz4Y26fDlQa6z1VJdKRg-e_Vl3cY6nYklHRoCVLQ8o3MqjSFWxkWd1KxdkBNuHzMlEh8bg4G1_wNm4GEP5ojEizGBBe6Wq9pZn7h7bHyKqOyTYm0rUn4DhRqj-k_21GAUKOtRg1Ct2lDdnXWtNAbXQQ1PbwzIvXd0u1KzFyrHFQK6QlZi9SVwrpfzxyjIDSzWPqtVx15nLnS3h-WNpBS1Ycw2gX03rOlZiqFrBxD6CU9ysyO8I-Wkg7XRZ81tbk4QA5Gu5-mdeaye8tQ1D1-C0x-iPr7FvBI-GO-TY2xbV6ZGJiquI14B1vrFjpgnQxf8Ce8tHZkoUmdSuRhmbDQN7YDe7sTjCVuyfwKHNO0Ps0Qi33aUiC8lawWcUOuo697fMrCiI6uA96vdLZ6Ly12UXC_1YR57xfrtfviOndhvPfKM4ZDfUwGimrZCJBg-6M_sJR6nS2vsMtfruDKNPO9Ab78vCL6rznSpDtSQm0b46OLv3v_JOrGrKTcmOJHqFI9Fh0zhxMTSLj5uBZccgzsV-8UjEZKbUyHemxDp7wyAiZT9waxde4&sai=AMfl-YR_8RgBQWDMZHVKb5UcxQU57_TUWH7srBkarQYqmeXX0PO1eGTBkhHNGz3IZMxwPko6Sb2vr5csfQe5Z9k8tXeDtsBxkgrqsBkyOgmmxhsyakl3WMVxzCg_v6-ddd5E35MTCgepvsFWI9d-XC3fv-BU4hNM2PnitHARHMWhQjyWU9N5Jhxj7ISIb4au5dYd5TTrEDVYmMYty5mVviOhi0GHBYAG9Pch3feDegWC72GixMqBc68_B56zBvH0t-7IOaNUhn8&sig=Cg0ArKJSzBnYaN0Nzk51EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=380&vt=11&dtpt=208&dett=3&cstd=170&cisv=r20230731.02024&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:50 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 02 Aug 2023 11:49:50 GMT
logo.svg
s0.2mdn.net/sadbundle/16903489346352849191/ Frame A53C 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16903489346352849191/logo.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16903489346352849191/1676550659977.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f88ad1b185e443ce4a39c76c65fa4b6f199c1521398535cc5452b19304d5f17
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16903489346352849191/1676550659977.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 21:31:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
310705
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1359
x-xss-protection
0
last-modified
Thu, 16 Feb 2023 16:01:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 28 Jul 2024 21:31:25 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 7622 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssjl2L0-i-nwuakRv3rCzGBDFnrUxW6yTC5LbP3L7FlTNI9aDrNtpkKrBa2buIFaOxMv0Mqn5I9pJ33R1DkEndC-gEvEfTnCKGV6h6HYp3hULpUWG_Kjcm7pxbBjG42eB5UGCUt1D3BLeSTMCHHyo_WwN4u0b-ZVLEqSc8ImgftXQfn5B5Ut-ww1d9xdVaEOczE-hH5iMpzuDsfE1MUIEhOPS6NqLMUZAg02caF7XeqYjh1TtqGDP3HweZg4Mf7YG9pg0b-W9SwDf-2c4DtIUGWUfyMDKCx13qE6LiW2oYJr48aGxuCXCKtOsM8Ow9KZTL3sT4tihnUexUVvEsUEO6sewbRDwDDmYspv7-YgOnTKuBZHzhNbur6MYb7p76YUKOhsRv_AwfN-DfhHlGUaJaHfl5hRIi_PDXGEt9Ri0sLrBNMhQAxy3UOr-T6uIK4dHo5I9p9Ug2bTEu-yCkiFnX3cduGvlAvTLXjq3q8nfeIv2s-sdWgkGAVQsYyVEwk8XgSuERkjDa3zbXUqnjpBPGBnIR2Eo3tIyqBXWeuTZx2m4_AbFsjO7-f3_l5b1MttD57MJQbWw_u8_VmmqD5OwLcdoYfmWhWu2q_8MuPxb5ZGy_56wy__tO_I-MndICcIc2mrVvHcsZ0gD1AvsSwqKYA8q9tFydaXmDE5ARgVZLSr15PQ94Rz29NQDQNWf8kv7rryXLChqzAMFtE0DgmsJap07NZzr4vYrQg8ArZMRLu8et6B3VNISDSbLwDQKAl1pl5AR17qKmzbmJD1AUCCzpoV_obZ--d5QHJzlMJylfonQIwgZOHk7lp0HcCFvUcPyUD7aL7EiN-zDabYz8NkYU7OXkwMyQbGCq77JZdMdBV3jGImhkt31-QVje-UhYbH8_ucaWFhXZsrrP7UYkdZ53HvXG1uVcCyeXQNM-QE8-6lzMJkolyNgz3GBFPLQhWhmYynUmnsIXiAaAR5Qzhrkabdcd7_W5YJur1uZrBjEpLGc668OBhuR8CHI7zvqRW4k3V9zLkWhb6_sD3vf9MsOdVA3EpLiff3HrfDBHfq7V2VD0ld6QBwu3NWyeDTDCpvrWJuMmEjZCK5oiL6ChunYmn71octGMP3qYCmRxnb9KT51SxpQSvW6LJU_VDi_RkevoIziCDwuhcmo9BpRkEkSkl1AnF0fVC7kL0ivrNj7xRbhVCG98ehvkQ4i_JQxPG1bL4_GIvuFVyLT-303TB8bKGFsakNWa5KsiOTHYvNu0513r2lNIkUsuv6XDMYgI5cpMWC5nRoMzCqz_oIuRa90nU5OtMzpFTM-_TD2fMi2PCeApr7wUtHWYjVKsigpHT6J18RXq9Xlt_BDx6haZqF_CVsLzVgdcy0tZIFEs&sai=AMfl-YSUqSXHdblcAllEyxakWbJwtnitVSOcp_FMgf4Yaq5O5jOpcwtaI5mDtB1_eiRal_eIkHc4a9NiqADbaLfuX_b7R-t3z1nUnW5jq2uC0APcXLgBQltxRd9TEEBAgZtzEgP2z7H7ZGX1LFEDvYvVKLoQ2gkU_Mit-SqvXwvU5jzbrU3j9bTv68qSUTIgscucU8W67PZgm6Z6tkQNF65eJYtKl_cvU6-JwK5IBn1yepLkDW8AC709OofxjMorHI7OZnRY_9c&sig=Cg0ArKJSzDp5tDXlUScmEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=364&vt=11&dtpt=213&dett=3&cstd=144&cisv=r20230731.90351&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:50 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 02 Aug 2023 11:49:50 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 5544 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstCJhVrSNE-ca7Ujx3leBEh33Ky-dtPHe4lDrE2UHBTNSEzwn0zTM0M5d7XlfEo-6tyrmrj06cMxxp_fcLS6-d1QidgaFnJOmNUqewpgd1-mYgfQYX3QalTIwqjLO-mZZ5nkhExJq4sitVzWkiFwrOlUnifMVKnW0_3_wq6pfiWU6D_wHVn1ufUMDDkbwULHkaYQt4iI3QmHw1KGM-EimX5nXVxW1TyRIO_VEMbATpUqiRUTeWorIDJ3odFewKvkkAXL4WSgqm-XFUj4eZOtFzlCTD3FuDcdmyehGGRSz3YmMshrCaEe4iQ9Yif9YYXkRL7xriGU6e_4leIFJT31VNZX9Zpe-Gn7sJ8OvIjAAnKqu6-WDcW-BndHp1w4-kk3I7CLc4h5vyiB29yVs4axAnOu2P7TTL6uFP8eVDS25KcRyw4QyjyqVUHf43SvlwMwIHTqDKjCzduXfSoFeHF2gZCp61P30X6H22k_qqafz2MwU07jK5pmcvkDbqHiKG2n_WqTw-az-eS9VvkmfmjK4Jsrhla0LFmTHJ-xiPsbBD9aKNcfjEE7SEUf7W9xgvSyecTwjgAb4OeY5WdUmb_xlTSHSu8tk_sXdBy7Hl_GNA5kMDLI-IwA-M2uJTNUHtrja_CkPOEs9ufnut70nj5CxUtMjvf2AGyO_2ogpd9tkGx_0ftQkQ2qh1BmNa7B27hUbrK3n4Aj80KaRWWKagDCI29bmko5i-xQiICnwLAtSRyk2Q6suKDf-MAncAjv5u728qsS20q6d1p7_ynCqnaPuT_vGuGTrchTaopu4_u9m9V9YYLA-4ELoE5BV53sucQYWQXGMC5MF5QT-9eel-u3_ylttDT5qpLo3OXkbh8JgQ26u2aDm5bKYCK4TkRvkhFRq9-Y3tr7H-WSzSaYJnHLGUxX6EyXKaWp1rhldok1lEWXc-bWOkZqtvQByb7_OY5C97WpVOAref1bI2SWz8GGJzTvuPtr_RR-3VE5Utdox2uZamg6B27fX4KLpV17u_ghjmdcazlskOsvebnBVRdayByqILK2yHMuaoZoP5FERXz0r_fE61rh0b6RJIBZZ3sdM6MNtCZEll9ck8AOxqkfCqMlXWHdkHIjVKBG1fPBZ_awf0aFvbL9mFLCljhpZwMsa0Asuc3xBJseTd4kKszJqQEnpmUN65WChxYdfIQRhxCpDN42u3o29zyYgBjaIHl7FFY1Rt51-vLYi53IetT6AQuLwHKzvglvDsDQmlM6gLoQ-hvIezGSEW7o8RF69g6BP0YuE1DebUolkZ5ddxAmqKpd3_24lwzzCxRzfvQC_QwM3d1jndAgUvnbrImiaXT5ePCCqDFyiR7aS4dXZXol3ib42nkPtlgwspQ6UXSCM9f&sai=AMfl-YSPUcsdWwGViiXtZgH5H5iRouu28dw00SNjZi0r_txyuFkbmVkLFO3PLRHx9PVHHoPUaf4hQ9qUxwboHlMIqeheAY-oJ0DkUmE2sEwzBOW6UNToJkuBHwpTJBA79yUBU7WzNfYkSfsmh1gDzxugun3NVuIttncc5j4sfNCtausUaOpw4Wp6owtOXPyl5aUoB0LZclF4pZH8vxPv3XdvJEKtXfMFvWSO1llyZmBO72Nyd9QJ83jlna5VCsbRISIcALq7lrk&sig=Cg0ArKJSzFgqotjccwK6EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=399&vt=11&dtpt=250&dett=3&cstd=142&cisv=r20230731.13655&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:50 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 02 Aug 2023 11:49:50 GMT
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1/ Frame A53C 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16903489346352849191/1676550659977.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 01:50:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
35962
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5437
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 01 Aug 2024 01:50:28 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame A53C 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8db8c284e5e2466a013f497b5b1ecee8adc2977abd9e4087e8fb67743c8c86cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:50 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5847
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 58AA 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0050922084fccb60b02397abadcb0cf88929765f12c2d817c5f675b935bcd196
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:50 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5779
x-xss-protection
0
06232023-053002206-background_quadratisch.png
s0.2mdn.net/4528404/ Frame 58AA 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/06232023-053002206-background_quadratisch.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a4338b399e437bda69b997b7de46a7869b9244a1f7cebc91ddaf57329c41e7ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/6578138867263583433/index.html?e=69&leftOffset=0&topOffset=0&c=DxqKZwJqII&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 17:24:56 GMT
x-content-type-options
nosniff
age
66294
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28774
x-xss-protection
0
last-modified
Fri, 23 Jun 2023 12:30:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 02 Aug 2023 17:24:56 GMT
annick_sitzend.png
s0.2mdn.net/4528404/ Frame 58AA 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/annick_sitzend.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7327225cdf3eb28cd7f8ed4ab98de9d079fe2f007c3d73fd58dc4c757cf6b4cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/6578138867263583433/index.html?e=69&leftOffset=0&topOffset=0&c=DxqKZwJqII&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 14:21:27 GMT
x-content-type-options
nosniff
age
77303
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2539328
x-xss-protection
0
last-modified
Fri, 23 Jun 2023 12:30:04 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 02 Aug 2023 14:21:27 GMT
congstar-stoerer_gb-plus_full.svg
s0.2mdn.net/4528404/1687525202405/ Frame 58AA 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/1687525202405/congstar-stoerer_gb-plus_full.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd5e51e4be28957472ed34851536685ff162bb43dec37c9a7be46de1c1b72ee9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/6578138867263583433/index.html?e=69&leftOffset=0&topOffset=0&c=DxqKZwJqII&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 06:01:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20899
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1929
x-xss-protection
0
last-modified
Fri, 23 Jun 2023 13:00:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 03 Aug 2023 06:01:31 GMT
logo.svg
s0.2mdn.net/4528404/1687521602712/ Frame 58AA 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/1687521602712/logo.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0d80991c6e4b62d5c77985c1e293aad44cc120e03aee7ae6936c79d25a0e467
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/6578138867263583433/index.html?e=69&leftOffset=0&topOffset=0&c=DxqKZwJqII&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 07:40:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14983
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1913
x-xss-protection
0
last-modified
Fri, 23 Jun 2023 12:00:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 03 Aug 2023 07:40:07 GMT
cta_mit-pfeil_01.svg
s0.2mdn.net/4528404/1687937402098/ Frame 58AA 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/1687937402098/cta_mit-pfeil_01.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a9cba16c5a30dc7cc3bdcbba2a45e9e2e28ec4437894302c6676369ed0ec732
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/6578138867263583433/index.html?e=69&leftOffset=0&topOffset=0&c=DxqKZwJqII&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 20:34:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54937
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1134
x-xss-protection
0
last-modified
Wed, 28 Jun 2023 07:30:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 02 Aug 2023 20:34:13 GMT
congstar-stoerer_gb-plus_small.svg
s0.2mdn.net/4528404/1687525202075/ Frame 58AA 		2 KB
1008 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/1687525202075/congstar-stoerer_gb-plus_small.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
644aace6e359180bf6b29b4a7b172f7b6cb8c937fa531eed22a6447fab6a2c8c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/6578138867263583433/index.html?e=69&leftOffset=0&topOffset=0&c=DxqKZwJqII&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 21:51:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
50294
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
974
x-xss-protection
0
last-modified
Fri, 23 Jun 2023 13:00:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 02 Aug 2023 21:51:36 GMT
logo-d0d80991.svg
s0.2mdn.net/sadbundle/6578138867263583433/ Frame 58AA 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6578138867263583433/logo-d0d80991.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0d80991c6e4b62d5c77985c1e293aad44cc120e03aee7ae6936c79d25a0e467
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6578138867263583433/index.html?e=69&leftOffset=0&topOffset=0&c=DxqKZwJqII&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 00:33:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
558991
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1913
x-xss-protection
0
last-modified
Mon, 10 Jul 2023 11:56:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 26 Jul 2024 00:33:19 GMT
publishertag.prebid.136.js
static.criteo.net/js/ld/ 		93 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.136.js
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1690934400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0c1ce1aa8e07e9cd49cd881147c0495b5c636dab10ab1c30ceb935b74a8c0ecd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:50 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 19 May 2023 17:15:21 GMT
server
nginx
etag
W/"6467aea9-175c4"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 03 Aug 2023 11:49:50 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame A53C 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 02 Aug 2023 11:49:51 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 235F 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B_Xlo3kLKZIyKFuWD4gGJpplIAAAAADgB4AQC&bg=!KimlKX3NAAZGOVy5Zjk7ADkAdvg8Wml-oDLxIHR7Judc-CmB3EL3PbCEbM0wt2r0Yf6kRR69pc_zKJU1OAo94SdZSUzii0IYv60CAAAA4lIAAAAGaAEHmQL19UpTSURjkXVh02wq9WTvZvyCEoqRiXjm3NUNTh4U9cCwU-fCuI9I0oFZNexsiypcPHobk0sh9cp9LPonHyZ2AJGRa5RtwHWdTsDYac1Sn2mb0XswyM3KCQxOtGtV-iD0ALelbzlJJJTCqm0kgRfSYnzZvhMo1HV-0kEAshsMcOwteZ8UQShZYzCZCElvI1yivcM-QOvywZ7MwTIJ9z9WV_uPHAap-FScVZ4Zp3YOdVbbT2CKI6JOjoPd6-wIkmTkV2Pv3aXmuPsxqYT4JAdETWzJYwqH7F8RB0oKW249jWku_va1dEXBEX5DjEFSq680qDzgfXq8k49YQN7itpd2TlvZXiMDZwPVLFOuJHPSLlm4sanIHm07rG2CqjnzfXCHrh_ZjcQfwp6z0bk2Jgiq4_DEOTQM2jW1lHnw89mepw3zqpBX6_FxqHrrWUWuaJlnA4Xh-Hq4Z7OcS7YjK0EAk0J6kb7Dqqa2OA1WpzJZ1-qbG3Ke9BaOcuFMUehQfjP0swIp1kdGkx-T3Apt3HTVIMI-223_2Ce6lwwtVjzsc13AJxDc4Ye9ij6rjkVtpbkJif88NmgHKuyY0LTtYefITnom2AzIB7lAQQz0GKHhRo0gyu_jB4Nb-duus3bNpouQdHn8oJTux9bjf3VF3tcxSis2sWMaP5YmznuduvTyGKVglS3-m_265R58nSDv3gE1Kh7W5POLStOBmClFZelLz6deiRg9iurBYCY-K9Tkf9LwykVLxcPh0yLiw_x7gJtPEix3My2awLmEqa9wmHCV6EmHjyXflDi-C-Ms_XcENii8VKAgch66eZAX3IsWWENFwitlMYe795gEEKh9K0_QhlcQUcrI_zNwx2Y_4wO242cucvMVYHWZ8mkVyXTQ9faLt_xttDiVRIGcW18GNiiY3H4ufZHRdouYGjynWpnuyXSIXlWLLbjPH5Et237GO8r5nICLW0XI4hGE5uF2xYk70yWJF_kDH28I3gwSsediCAiZvrKXGg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0FC8 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B-EqL3kLKZMqAF-qwx_APyquE6AkAAAAAOAHgBAI&bg=!UlGlUQXNAAZGOVy5Zjk7ADkAdvg8WgdXhixwgfL_8pz6hXIr2O9S0pq-hBglF8i0tfVwUWF7TEiAElmjM1KzERMOcuZJO3K724sCAAAA01IAAAAEaAEHCgCFjZQc4PohAyJsOuASPn2F5EKYhmVxhKchzEhSg6AV3NhCBiXBOO-gALpvh8kv4Sc2grGMUl4WfGTctfHFv5t4pLWP-oOqH9y_hpF7QrQ5edX6GWujUIYcusQ6PVr7B2k137Zm8Nqhtn0MsVTQxNc90dDvFbMkyJexBHLGE1cjtCvP6c6gR5kDAwaWqFra9nO5D3h4x-eCpfr2ChX3ujK7ZD4rxdCgnXLN4uFCYw8f5pmXc4U0ZpScQjywkKPjFHfzc7E-g3BfBmqHHdY-fVn8eaEYp0CJWB14w13ykAf21wsl3FrSXJy4XTZ-H1Fd0AH45Rk04vgj4QeJS-fV4lIRhoJ3Urj5qz-OCQXLZ8LD_2Kf4SKG_CIu_fWCkvWeO6MqPqnygkTiokI5IHbJHI0AZIA7Ft0dQR4qYu46eC_-zNtPliLiP8wjOS5ODR5IwTQRKuCFl6ODnBF7VXYiI5NOnN9yBZRRz8JtVOeTXfRbZkmV_3LVZgyrESEOLqX8wtgzzR1HDfadJl5fS83r3voPo1CTemWSM9hoeapgD41-W030lXs90W5ZsmWeLX7_kn7x8eXg5xu74Vr8Tsg97V-PZvc1EZuAD1QZqU5ORM1CQC--uj2x6519e3nDSEZfIuHXjJVmIsdEly6zTI1SLz30wBAkCUL5PRnKE6To0c9XZjyg4e60mlyVBdx7tbtu8YP1QNEXfURiiDx6Kem3_667_dR2kolS9yco-a30quvTTATVX0FAEQv2zKDjygfeoLChtLi6ftAtalDSv5DgsCGNyipIZFXrb5oeWDZjGR1SPKxPuoN_W6gJqOdswFk4lF_184HzveoEl89fg5v54i2Msi09kgYDozexI4TbI4UBUqxbp7WkHGaHlkxwZYX9zBrFTvUWsvBclH1sQAHPHLHPZb273WGWdNoYIuX9-3dlEbrsYLHhcUi0hNTs32Jmp_KoNpoYVuURcyiQrgG3VKY-m3NXjldfUyT-QGrF_T-cNjGuz-S7waBmAi7kYnO0_W5LAo2aqgoIrkyGgXUWHSmW_tLw_rsVk1XVbG1S3SH7Xl1E6Dv7MXlLZaz4HkffGCnIoz4LPM0tt_olQgoN6tc1CNKkhR-s-Fgrcn41nyjycorndn4Wz31PsGDihUc5rxTH7hCWOjPJmNzL9_8jE5hdgg9CRrxMBYalrTLsdkQ_en3nnkAUOjIEBBgl2Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5B77 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B-I133kLKZN36FsST4gGWm43ACAAAAAA4AeAEAg&bg=!JCelJ3PNAAZGOVy5Zjk7ADkAdvg8WkU7qd2fs2Hm__HAZ0l1NZ8Y0wh1DDhrm7U-Bqb-bZERTnXmDOwlAa9osWjqbO9ihLjCWLsCAAAAyVIAAAAFaAEHmQL0Rreq728GEbzf9--c6fBYBZo8aHlT7peaLHa2hK37YliyCFsd3Vn1903NyJIRyltzyUxSLEgQiEQmOBRvmYvcLWzFxPgicwH0CweqUPVfLRPdz471QfjDun4chWHAswmNTN2FkdGbOTwKuk-8IX2qK23u3WvDNKR01gQweMY7gqSUqKTQpau_NpnIyaHJtvIdTqIMVe0fxDzImVKnZcM5GoftqjpgU3yxxu-uOGFOYgeDou6d_wZAVsn85mTlyzzMe50JO7PtZ7p3gvJ61hrHJcxDvTDyDVa89wIobKNl0JCvWvIBUX5qc9R3223nJP5M-8v6tKQlEgiaEuOrPFsqkZCAwR7He8cp5-S6E40-8xY27hub2rV2TZllS9UVoT_WaAIRBzgS0CfCZIyZw4rM8WWCOL48rTNzU49NDTOOMV4MwgJx91yrvM16UV510yGHQeYk8k7-W6tFAIsy6aSaWwrOYQ8SLS86VrcLwq4WsHklxs_ZT7UZcYCZL5SUsFs0XqNfocK0SJJtKWOMtBvEU8YE2icmFclvjE1E-lQ5t740emKFphAo304gYegyrWOkcgM-sZQOp3NJLl0doGOHTXN1SE6qBcTBOUobsMtf8SyeZC2YrNDlZuH6QCU-QiAOtrSmglmV058HqGhaFvQpn_u2EcOoyxlAjvMjVhVHeHlBxuPgZW6lrt1Zku2fSh__1BOdyRB-0cQr4BdK2EfcJm_r0Zs9MKdwOoxx88dRi4gbenWT6ox3IbDxhmUCAWPoWvq0hxJd9y01ioiLYj1xBvTEcBsgdkdr7p0D3_JRKbx6k2ST3NxrvPjNEUjq9tPfbIlHjI5W-CtIo0tv61qMnwbhgTaVS3WZ0Rk6b0z8QieX52cx1-UQCWwH_BSZNlypXAdBsnMLIBchYWvRD420GpFiV0dx1KzsOp4p1_LFjW4bdsNSWYzA-yC91_baCRoZnhjD3yBj33WVP8DC7h1qMevFyRg3j_9aMiSnfa0QO1N5pZyK
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame D827 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssx834CUtTSP7gsCmeRvUF0eh-3Jl-uIE0x8T0H3a8_seSJ0mEzL4cpU1rcYklkvJ0ygPAf0WlZ_upHBiBOhyUHCXQtrltJtLehwP_b93qvBsrNC8Zy&sig=Cg0ArKJSzECwQpolc0zeEAE&id=lidar2&mcvt=1000&p=1000,515,1250,815&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20230726&bin=7&avms=nio&bs=1600,1200&mc=0.79&vu=1&app=0&itpl=3&adk=1717219177&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1690976990040&rpt=98&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 58AA 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 02 Aug 2023 11:49:51 GMT
congstarfont.woff2
s0.2mdn.net/creatives/assets/4234010/ Frame A53C 		98 KB
98 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4234010/congstarfont.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16903489346352849191/1676550659977.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1d019867c120344469403527c7d958861b81d0fc873813c97ee135f707d74122
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/16903489346352849191/1676550659977.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:51 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100772
x-xss-protection
0
last-modified
Thu, 05 Aug 2021 09:13:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 02 Aug 2023 12:04:51 GMT
86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff
s0.2mdn.net/creatives/assets/1881029/ Frame A53C 		57 KB
57 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/1881029/86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16903489346352849191/1676550659977.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
853a8c7e34be5549a44fc541e13876f5c2838123142f527dab2265950feaeefb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/16903489346352849191/1676550659977.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:39:19 GMT
x-content-type-options
nosniff
age
632
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58447
x-xss-protection
0
last-modified
Wed, 15 Feb 2017 10:23:50 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 02 Aug 2023 11:54:19 GMT
syncframe
gum.criteo.com/ Frame C5E7 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.walla.co.il
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.136.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 02 Aug 2023 11:49:51 GMT
server
Kestrel
server-processing-duration-in-ticks
749796
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.136.js
static.criteo.net/js/ld/ 		93 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.136.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.136.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0c1ce1aa8e07e9cd49cd881147c0495b5c636dab10ab1c30ceb935b74a8c0ecd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 19 May 2023 17:15:21 GMT
server
nginx
etag
W/"6467aea9-175c4"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 03 Aug 2023 11:49:51 GMT
fEcdG_B7pUQXAq0S1D0jGwFCW0QHifFmsZMHxcblrt4.js
pagead2.googlesyndication.com/bg/ Frame 250D 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/fEcdG_B7pUQXAq0S1D0jGwFCW0QHifFmsZMHxcblrt4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c471d1bf07ba5441702ad12d43d231b01425b440789f166b19307c5c6e5aede
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 09:08:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
9702
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14619
x-xss-protection
0
last-modified
Mon, 24 Jul 2023 13:39:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 01 Aug 2024 09:08:09 GMT
03032023-031219542-600_500_q_540x720_2208-homespot-3067c234b1-4281-42de-bb34-74dd037ff707.png
s0.2mdn.net/4528404/ Frame A53C 		201 KB
201 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/03032023-031219542-600_500_q_540x720_2208-homespot-3067c234b1-4281-42de-bb34-74dd037ff707.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d069c59a0c6560c826434ce5ae6084e3fbe9b00e4cfa15b8cd0b52fb5729e3a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/16903489346352849191/index.html?e=69&leftOffset=0&topOffset=0&c=ceYuvTh8B1&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 02:43:50 GMT
x-content-type-options
nosniff
age
32761
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
206111
x-xss-protection
0
last-modified
Fri, 03 Mar 2023 11:12:19 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 03 Aug 2023 02:43:50 GMT
03032023-031219571-600_500_homespot-router-weiss-wlane42aa675-71b9-4dcb-82a4-02763006e23c.png
s0.2mdn.net/4528404/ Frame A53C 		103 KB
103 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/03032023-031219571-600_500_homespot-router-weiss-wlane42aa675-71b9-4dcb-82a4-02763006e23c.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
37c2275346a926539fe51e964a5825e79bdcff0b0f53f55c9681dab96e69be49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/16903489346352849191/index.html?e=69&leftOffset=0&topOffset=0&c=ceYuvTh8B1&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 04:57:20 GMT
x-content-type-options
nosniff
age
24751
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
105668
x-xss-protection
0
last-modified
Fri, 03 Mar 2023 11:12:19 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 03 Aug 2023 04:57:20 GMT
cds-pips.js
cdn.taboola.com/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230731-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id
z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding
gzip
via
1.1 varnish
date
Wed, 02 Aug 2023 11:49:51 GMT
x-amz-request-id
0JBK6D7APT5ADMZ4
age
1892
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1340
x-amz-id-2
IUZ+b+cP4hBNiLuWQPyAQ4ZgatIQn21iinOb+mNtRel9PUwloDWGQnt123Xbd4hjb81E3CbOovU=
x-served-by
cache-cph2320025-CPH
last-modified
Wed, 12 Oct 2022 13:57:57 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1690976991.381136,VS0,VE0
etag
"383fa66d2a0a09f4a6e64a9593ad43bb"
vary
Accept-Encoding
content-type
application/javascript
abp
20
access-control-allow-origin
*
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
1289
fEcdG_B7pUQXAq0S1D0jGwFCW0QHifFmsZMHxcblrt4.js
pagead2.googlesyndication.com/bg/ Frame 79CB 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/fEcdG_B7pUQXAq0S1D0jGwFCW0QHifFmsZMHxcblrt4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c471d1bf07ba5441702ad12d43d231b01425b440789f166b19307c5c6e5aede
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 09:08:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
9702
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14619
x-xss-protection
0
last-modified
Mon, 24 Jul 2023 13:39:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 01 Aug 2024 09:08:09 GMT
03032023-031219542-600_500_q_540x720_2208-homespot-3067c234b1-4281-42de-bb34-74dd037ff707.png
s0.2mdn.net/4528404/ Frame A53C 		201 KB
201 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/03032023-031219542-600_500_q_540x720_2208-homespot-3067c234b1-4281-42de-bb34-74dd037ff707.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d069c59a0c6560c826434ce5ae6084e3fbe9b00e4cfa15b8cd0b52fb5729e3a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16903489346352849191/index.html?e=69&leftOffset=0&topOffset=0&c=ceYuvTh8B1&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 02:43:50 GMT
x-content-type-options
nosniff
age
32761
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
206111
x-xss-protection
0
last-modified
Fri, 03 Mar 2023 11:12:19 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 03 Aug 2023 02:43:50 GMT
InterstateCondensedBlack.woff2
s0.2mdn.net/creatives/assets/4925812/ Frame 58AA 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4925812/InterstateCondensedBlack.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6578138867263583433/index-09647504.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3b7bf416424abed17314649bb71a1de7a3afc6af66840d04b730e69652e27ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/6578138867263583433/index-09647504.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:42:20 GMT
x-content-type-options
nosniff
age
451
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14644
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 09:13:06 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 02 Aug 2023 11:57:20 GMT
06232023-053002206-background_quadratisch.png
s0.2mdn.net/4528404/ Frame 58AA 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/06232023-053002206-background_quadratisch.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a4338b399e437bda69b997b7de46a7869b9244a1f7cebc91ddaf57329c41e7ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6578138867263583433/index.html?e=69&leftOffset=0&topOffset=0&c=DxqKZwJqII&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 17:24:56 GMT
x-content-type-options
nosniff
age
66295
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28774
x-xss-protection
0
last-modified
Fri, 23 Jun 2023 12:30:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 02 Aug 2023 17:24:56 GMT
annick_sitzend.png
s0.2mdn.net/4528404/ Frame 58AA 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/annick_sitzend.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7327225cdf3eb28cd7f8ed4ab98de9d079fe2f007c3d73fd58dc4c757cf6b4cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6578138867263583433/index.html?e=69&leftOffset=0&topOffset=0&c=DxqKZwJqII&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 14:21:27 GMT
x-content-type-options
nosniff
age
77304
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2539328
x-xss-protection
0
last-modified
Fri, 23 Jun 2023 12:30:04 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 02 Aug 2023 14:21:27 GMT
congstar-stoerer_gb-plus_full.svg
s0.2mdn.net/4528404/1687525202405/ Frame 58AA 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/1687525202405/congstar-stoerer_gb-plus_full.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd5e51e4be28957472ed34851536685ff162bb43dec37c9a7be46de1c1b72ee9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6578138867263583433/index.html?e=69&leftOffset=0&topOffset=0&c=DxqKZwJqII&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 06:01:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20900
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1929
x-xss-protection
0
last-modified
Fri, 23 Jun 2023 13:00:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 03 Aug 2023 06:01:31 GMT
dc_oe=ChMI3eHWlvS9gAMVxIk4Ch2WTQOIEAAYACCPzO5cQhMI-Jb_lfS9gAMVdEGkBB0iPwD-;stragg=1;&timestamp=1690976991446;str=nextSlide;strtype=1
ade.googlesyndication.com/ddm/activity/ Frame 7622 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI3eHWlvS9gAMVxIk4Ch2WTQOIEAAYACCPzO5cQhMI-Jb_lfS9gAMVdEGkBB0iPwD-;stragg=1;&timestamp=1690976991446;str=nextSlide;strtype=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sid
mug.criteo.com/ Frame C5E7
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=walla.co.il&sn=ChromeSyncframe&so=3&topUrl=www.walla.co.il&bundle=0an6819sd0E3MFptMUZ3aGR2NEFxYTFNeVd2UGRNVmxKNXNWMWpHTWpNdW5Nc0V3VnVnMjRr...
  • https://mug.criteo.com/sid?cpp=Nlt_GHw5bXZURVVFeGc4WmRYUkREV1V5SFUvZzZqZmU2bzg0RDNhY1ZPNks2ZVpqSjhHMUVIT2c3T1BFWGlIbVZYOUljdEQ4QkE3Nml0QXFXQ0xKbEVlT2w2aXBkRjhPV3p0b1JGaWlqdzh3eUdtVnVwT2k3dUNLSUhYeW...
428 B
652 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=Nlt_GHw5bXZURVVFeGc4WmRYUkREV1V5SFUvZzZqZmU2bzg0RDNhY1ZPNks2ZVpqSjhHMUVIT2c3T1BFWGlIbVZYOUljdEQ4QkE3Nml0QXFXQ0xKbEVlT2w2aXBkRjhPV3p0b1JGaWlqdzh3eUdtVnVwT2k3dUNLSUhYeW9IUlM0bDNwMWFoNW1mMWFjN1BRTjM3T0tvNnl2NjhUdGxTT1NsQTZVMFRIT0ZySFFCdndTalpEQnBubXZrNFl0N2FWRlVLNlR1M3l3OWNXR08yMG9Lb08rN0kzRk55b0o5MFBFRmliYm1BcG9XemhhcmJpeFR6eU5lY1pJWXROY3J0UGpTTXh0bUxuMUo3VVZxR3Jtc2xadzREK0xUQW53U3ZTdloxemc4UlZ1LzhHeGxyUT18&cppv=2
Protocol
H2
Server
178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
836ce6018f856937e51e563812cfe6157d51c351756209a70e918925c0ec7bb7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:51 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
973210
expires
0

Redirect headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:50 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=Nlt_GHw5bXZURVVFeGc4WmRYUkREV1V5SFUvZzZqZmU2bzg0RDNhY1ZPNks2ZVpqSjhHMUVIT2c3T1BFWGlIbVZYOUljdEQ4QkE3Nml0QXFXQ0xKbEVlT2w2aXBkRjhPV3p0b1JGaWlqdzh3eUdtVnVwT2k3dUNLSUhYeW9IUlM0bDNwMWFoNW1mMWFjN1BRTjM3T0tvNnl2NjhUdGxTT1NsQTZVMFRIT0ZySFFCdndTalpEQnBubXZrNFl0N2FWRlVLNlR1M3l3OWNXR08yMG9Lb08rN0kzRk55b0o5MFBFRmliYm1BcG9XemhhcmJpeFR6eU5lY1pJWXROY3J0UGpTTXh0bUxuMUo3VVZxR3Jtc2xadzREK0xUQW53U3ZTdloxemc4UlZ1LzhHeGxyUT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
273772
content-length
0
expires
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 5544 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuwyHvmRqny7MgARpT2sev9-WKLaFOY9LfUMTagUwSv-s_JN193-fx7r5MNvc9_CTsQa0fvh8HAMVeotJDPhCHx25Am10E0SVY5W7JJEvwTnn0SGjil295VgHU4BuO6CWe7ScMac0H3Vx6o&sai=AMfl-YQt9pd0oJSf_zBC3Tyk09-uveAlmJ3CTti2iyjppe96WPRQPiua-Kyt7xDgGiVONs3sXF5FvBEBYvjs3i8PFg2dsJMQYaC6uZG4pfrRuyIpfaGI0uSZxlIakvJK&sig=Cg0ArKJSzAGhfyB-vB12EAE&cid=CAQSPABpAlJWKTAjV-VNk8W0i_xZg4r3sdASqjCwd4qKtphtuRQXPNh2QKxOBGgtrae17XzV95t8YH11j7uwIhgB&id=lidar2&mcvt=1020&p=1000,199,1250,499&mtos=0,1020,1020,1020,1020&tos=0,1020,0,0,0&v=20230726&bin=7&avms=nio&bs=0,0&mc=0.79&if=1&vu=1&app=0&itpl=20&adk=1472875564&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1690976990051&rpt=447&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
pips.taboola.com/ 		64 B
245 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
aa22a483fca0acfc570c09a9f9a61f1610a8f0afa9843924e05f1871e499f781

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-served-by
cache-fra-etou8220057-FRA
date
Wed, 02 Aug 2023 11:49:51 GMT
via
1.1 varnish
server
Varnish
access-control-allow-methods
GET
x-cache
HIT
access-control-allow-origin
https://www.walla.co.il
cache-control
no-store
accept-ranges
bytes
content-length
64
retry-after
0
x-cache-hits
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 7622 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstJlfQMyLihTtvDMswAvgEqb2XXeEtG4_ECWKVP4KAfyl2uOw1iGAt3voZAZIrUGH_gTxSkksiraVGJURHqg9-_9QcxO8jNIkV1aMtaa18-isOOSiFzk1qPZM_xgkCxhgVoUNt4-4r7JKOG&sai=AMfl-YQajxQJvOJdqPg3W_FkRhOtEzn35KUwcTqOAhqkVkf03S_D0cQSpV7a4NDfvqNp_S8nipw3X6cdXONZ7nPhUb-wlJsf2pdvU48xsabDsRATi4OoPAU4D4xB9IDI&sig=Cg0ArKJSzJw5F7i7JANMEAE&cid=CAQSPABpAlJWKTAjV-VNk8W0i_xZg4r3sdASqjCwd4qKtphtuRQXPNh2QKxOBGgtrae17XzV95t8YH11j7uwIhgB&id=lidar2&mcvt=1046&p=173,315,423,1285&mtos=1046,1046,1046,1046,1046&tos=1046,0,0,0,0&v=20230726&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=885339186&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1690976990027&rpt=523&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
cds.taboola.com/ 		0
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=40abb326-6c0d-40b6-a0ad-5d4b31d68375-tuctbc3c85c&uad=2722cb522f4fe3f0f788fb0b73cb835e95cfc60e6808e5e401f1add3d186da92&mbl=ZmFsc2U=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 02 Aug 2023 11:49:51 GMT
cache-control
no-store
server
nginx
activeview
pagead2.googlesyndication.com/pcs/ Frame B0ED 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuF4DNSOsZxzNBKp6L6muryn7KkH4Qj8C1__xlkEVVywvExpwrgnPL2Uy4GBNb-F2n7aREYY8WEJx37I5JJo7SEtat2yuHtnlwka0v3LI4P19KOMurQ8MAaP2xIT-psciyAqMPEoEwiwVUC&sai=AMfl-YRm5MbtxZjP5l1PjmaOEVdvwuMziYt_x0IjTOViAOoWe-_sVJGBECNMSjb0dcmo3jg6PtyyxUP6MAIL3yeE9a2m71Lc8Ly9kMy2uMNqkzrVR3s3Opxl918FeR_r&sig=Cg0ArKJSzE6rsiEFXznzEAE&cid=CAQSPABpAlJWKTAjV-VNk8W0i_xZg4r3sdASqjCwd4qKtphtuRQXPNh2QKxOBGgtrae17XzV95t8YH11j7uwIhgB&id=lidar2&mcvt=1008&p=161,1558,201,1599&mtos=1008,1008,1008,1008,1008&tos=1008,0,0,0,0&v=20230726&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2273020715&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1690976990020&rpt=429&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B0ED 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8086517330724&version=m202307240101&ct=76&x=1&cor=7694688194193672000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7622 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7284906445394&version=m202307240101&ct=76&x=1&cor=18274985154457166000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
gum.criteo.com/sid/ 		2 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.walla.co.il%2F&domain=www.walla.co.il&cw=1&pbt=1&lsw=1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1690934400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:51 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
186190
expires
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.walla.co.il%2F&domain=www.walla.co.il&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Wed, 02 Aug 2023 11:49:51 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
190675
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
pd
pixelgroup-d.openx.net/w/1.0/ Frame 367A 		0
80 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pixelgroup-d.openx.net/w/1.0/pd
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1690934400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Wed, 02 Aug 2023 11:49:51 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 38A1 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1690934400000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.164.238 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-164-238.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=130884
content-encoding
gzip
content-length
5606
content-type
text/html
date
Wed, 02 Aug 2023 11:49:51 GMT
expires
Fri, 04 Aug 2023 00:11:15 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
beacon
ap.lijit.com/ Frame F3D7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13421168
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1690934400000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.86 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Wed, 02 Aug 2023 11:49:51 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap4ams1
sync
eb2.3lift.com/ Frame DDC2 		37 B
140 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1690934400000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Wed, 02 Aug 2023 11:49:51 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 5036 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1690934400000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
18937
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 02 Aug 2023 11:49:51 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 27 Jul 2023 06:34:02 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
486, 64269
X-Served-By
cache-lga13626-LGA, cache-cph2320041-CPH
X-Timer
S1690976992.975093,VS0,VE0
/
csync.smilewanted.com/ Frame 3592 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1690934400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1bff8594649b1033f7a86bd894b3f760d65a0e4759164d8d92d0ef8387c91b1f

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7f0619974a3018ef-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 02 Aug 2023 11:49:51 GMT
server
cloudflare
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame B069 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1690934400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
808
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
7f061997ae4b39eb-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 02 Aug 2023 11:49:51 GMT
expires
Wed, 02 Aug 2023 15:49:51 GMT
last-modified
Mon, 25 Jul 2022 19:18:26 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 21A4 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1690934400000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 02 Aug 2023 11:49:51 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 9F4C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1690976988159
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1690934400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
/
ssc-cms.33across.com/ps/ Frame 3106 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=cR0USG9OKr6ykwaKkv7mNO&gdpr_consent=undefined&us_privacy=undefined&gpp=&gpp_sid=
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1690934400000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.24 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip24.67-202-105.static.steadfastdns.net
Software
33XP017 /
Resource Hash

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Wed, 02 Aug 2023 11:49:52 GMT
server
33XP017
x-33x-status
2000208
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5544 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8879576855245&version=m202307240101&ct=76&x=1&cor=7756739584864327000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 38A1 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=45852664&p=160447&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
4a7566220ac6c6f3e1d4f43b8ac29b69af130a100457fba72b0d540c867fc6dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Wed, 02 Aug 2023 11:49:50 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame 3592 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
569715
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
7f0619979aa818ef-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
usync.js
eus.rubiconproject.com/ Frame 21A4 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
b8394c49ee89ce9f45ce2ea337f1a86ff36a488bc7c97e0bafc9913a5dd10e37

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Wed, 02 Aug 2023 11:49:51 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Aug 2023 10:04:37 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=80128
Connection
keep-alive
Content-Length
10114
Expires
Thu, 03 Aug 2023 10:05:19 GMT
Pug
image2.pubmatic.com/AdServer/ Frame EA5E
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6787409872298853058
568 B
642 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6787409872298853058
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
7921a6035cc8a0981a5dee737dd3d29b150ddd48407717d3fca4b6376f2b0e70

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
568
content-type
text/html; charset=UTF-8
date
Wed, 02 Aug 2023 11:49:52 GMT
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6787409872298853058
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
image2.pubmatic.com/AdServer/ Frame 9D10
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5142336724495103824
42 B
194 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5142336724495103824
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 02 Aug 2023 11:49:51 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Wed, 02 Aug 2023 11:49:52 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5142336724495103824
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
Pug
simage2.pubmatic.com/AdServer/ Frame F409
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 02 Aug 2023 11:49:50 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Wed, 02 Aug 2023 11:49:51 GMT
expires
Wed, 02 Aug 2023 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
1064199
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame B41B
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=41AF2F61-DF1E-47AD-B75E-FCBEF85865DC&redir=true&gdpr=0&gdpr_consent=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=41AF2F61-DF1E-47AD-B75E-FCBEF85865DC&redir=true&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=41AF2F61-DF1E-47AD-B75E-FCBEF85865DC&redir=true&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.222.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 02 Aug 2023 11:49:52 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
WJ7SN9QV2WDNXYBEFDCV

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Wed, 02 Aug 2023 11:49:52 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=41AF2F61-DF1E-47AD-B75E-FCBEF85865DC&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
J3NCZYX7DRTRBVT0TRQG
Pug
image2.pubmatic.com/AdServer/ Frame B8BE
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=kevu25Pt6IqK77WMn-ug2JLnuo2Kub-MxuadYzew
42 B
335 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=kevu25Pt6IqK77WMn-ug2JLnuo2Kub-MxuadYzew
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 02 Aug 2023 11:49:51 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Wed, 02 Aug 2023 11:49:52 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=kevu25Pt6IqK77WMn-ug2JLnuo2Kub-MxuadYzew
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 38A1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Qa8vYd8eR623Xvy--Fhl3A%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Server
23.213.164.238 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-164-238.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:52 GMT
content-encoding
gzip
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=130883
accept-ranges
bytes
content-length
5606
expires
Fri, 04 Aug 2023 00:11:15 GMT

Redirect headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:51 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame 38A1 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=41AF2F61-DF1E-47AD-B75E-FCBEF85865DC&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.78.10 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-78-10.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:52 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.2.34
content-length
49
expires
0
ids
idsync.frontend.weborama.fr/ Frame 38A1
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=810402193
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=41AF2F61-DF1E-47AD-B75E-FCBEF85865DC
0
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=41AF2F61-DF1E-47AD-B75E-FCBEF85865DC
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Server
34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.131.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:51 GMT
via
1.1 google
last-modified
Wed, 02 Aug 2023 11:49:52 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=41AF2F61-DF1E-47AD-B75E-FCBEF85865DC
date
Wed, 02 Aug 2023 11:49:51 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
p
a.audrte.com/ Frame 38A1
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=41AF2F61-DF1E-47AD-B75E-FCBEF85865DC
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=OWRoMjdXSG5jU3dTRk9odXc3MFRhMlR3UQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=5010584359958224364&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
HTTP/1.1
Server
54.172.28.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-172-28-235.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Wed, 02 Aug 2023 11:49:52 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Wed, 02 Aug 2023 11:49:52 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame 38A1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDFBRjJGNjEtREYxRS00N0FELUI3NUUtRkNCRUY4NTg2NURD&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 02 Aug 2023 11:49:50 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:51 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 38A1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOoxkNRQfetjY9h4Sm67Ca8&google_cver=1
42 B
495 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOoxkNRQfetjY9h4Sm67Ca8&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 02 Aug 2023 11:49:51 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:51 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOoxkNRQfetjY9h4Sm67Ca8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 38A1 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.158.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:51 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Tue, 01 Aug 2023 11:49:51 GMT
generic
match.adsrvr.org/track/cmf/ Frame 38A1 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 02 Aug 2023 11:49:51 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 38A1
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5010584359958224364
42 B
322 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5010584359958224364
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 02 Aug 2023 11:49:52 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5010584359958224364
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
usermatch
ssum-sec.casalemedia.com/ Frame B4B5 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
746bb444475aa2dba95fb69b420eb29963236e3bb8d4a1f2618250f0ef8d398b

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1728
Content-Type
text/html
Date
Wed, 02 Aug 2023 11:49:52 GMT
Expires
0
Keep-Alive
timeout=1, max=500
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
drop_cookie_sw.php
csync.smilewanted.com/ Frame 1143 		0
653 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7f061997fb1918ef-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 02 Aug 2023 11:49:52 GMT
server
cloudflare
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 162C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
async_usersync
ib.adnxs.com/ Frame 5036 		0
596 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:52 GMT
an-x-request-uuid
28c72d99-9984-4c52-b6d0-2692b0c0e371
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
217.114.218.24; 217.114.218.24; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
ap.lijit.com/ Frame F17D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.86 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Wed, 02 Aug 2023 11:49:52 GMT
X-Sovrn-Pod
ad_ap4ams1
casale
match.adsrvr.org/track/cmf/ Frame B4B5 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 02 Aug 2023 11:49:52 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame B4B5
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZMpC3hY46L-Ts4Y28pudWQAADHgAAAAB&gpp=&gpp_sid=
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZMpC3hY46L-Ts4Y28pudWQAADHgAAAAB&gpp=&gpp_sid=&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZMpC3hY46L-Ts4Y28pudWQAADHgAAAAB&gpp=&gpp_sid=&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Aug 2023 11:49:52 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
VQ8CZQQJRF4KF1DRDNY3
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 02 Aug 2023 11:49:52 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
CDF4XC6B10SVERHEWZ2D
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZMpC3hY46L-Ts4Y28pudWQAADHgAAAAB&gpp=&gpp_sid=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame B4B5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZMpC3hY46L-Ts4Y28pudWQAADHgAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEDYcvhJpJAHMDht6d2JtE8c&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEDYcvhJpJAHMDht6d2JtE8c&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Aug 2023 11:49:52 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEDYcvhJpJAHMDht6d2JtE8c&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ZMpC3hY46L-Ts4Y28pudWQAADHgAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame B4B5 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZMpC3hY46L-Ts4Y28pudWQAADHgAAAAB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:cb40:4a86:732c:5dc5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:52 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum-sec.casalemedia.com/ Frame B4B5
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=U91oU8B11Qrams5
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=U91oU8B11Qrams5
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Aug 2023 11:49:52 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Wed, 02 Aug 2023 11:49:51 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-785-gcf3d607#rel-ec2-master i-0b0237ae7bbf6c9f9@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=U91oU8B11Qrams5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame B4B5
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=yO_OWMrpyAnT65UPxu-AW8vjmg7TvZ8Pn-L3G2k7
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=yO_OWMrpyAnT65UPxu-AW8vjmg7TvZ8Pn-L3G2k7
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Aug 2023 11:49:52 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:52 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=yO_OWMrpyAnT65UPxu-AW8vjmg7TvZ8Pn-L3G2k7
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sync
ssbsync.smartadserver.com/api/ Frame B4B5 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.151 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:51 GMT
content-length
0
crum
dsum.casalemedia.com/ Frame B4B5
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=c33cc91b-fd30-36d8-9001da4b
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=c33cc91b-fd30-36d8-9001da4b
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Aug 2023 11:49:52 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

date
Wed, 02 Aug 2023 11:49:52 GMT
via
1.1 google
server
nginx/1.25.1
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=c33cc91b-fd30-36d8-9001da4b
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
119
htw-pixel.gif
cdn.indexww.com/ht/ Frame B4B5 		43 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZMpC3hY46L.Ts4Y28pudWQAA%263192
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:52 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
24781
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7f061998ea234dac-FRA
content-length
43
expires
Thu, 03 Aug 2023 11:49:52 GMT
/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame B0C5
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
95 B
241 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.201.8.249 Ergolding, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.249.8.201.138.clients.your-server.de
Software
nginx/1.14.1 / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
image/png
date
Wed, 02 Aug 2023 11:49:47 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx/1.14.1
x-powered-by
PHP/8.2.4

Redirect headers

content-type
text/html; charset=UTF-8
date
Wed, 02 Aug 2023 11:49:47 GMT
location
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
pixel
cm.g.doubleclick.net/ Frame 21A4
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDczYjk3OWQ3M2VkMjQ0MmUzNWQ2ZjU4ZDkwYzUzYjE4NWE1MGI2Yg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDczYjk3OWQ3M2VkMjQ0MmUzNWQ2ZjU4ZDkwYzUzYjE4NWE1MGI2Yg
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDczYjk3OWQ3M2VkMjQ0MmUzNWQ2ZjU4ZDkwYzUzYjE4NWE1MGI2Yg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
cc9654c54e9aa67bf2b10be1073297a8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 21A4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEP4FncFnhiCe4VorvQ69fO0&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEP4FncFnhiCe4VorvQ69fO0&google_cver=1
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEP4FncFnhiCe4VorvQ69fO0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 21A4
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=oGsezUhdTgOvU01ef8z8rw&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=oGsezUhdTgOvU01ef8z8rw
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=oGsezUhdTgOvU01ef8z8rw
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Aug 2023 11:49:52 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
SXVCXQX70HSJKBHZ89JP
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=oGsezUhdTgOvU01ef8z8rw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync.php
pixel.rubiconproject.com/exchange/ Frame 21A4 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 21A4
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/vmlYx7WehPp2SrxvJY36bMn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-Q.Bxr85E2oLHUyeHNxZ8U5bkET.B6sK2oeFaiA--~A
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-Q.Bxr85E2oLHUyeHNxZ8U5bkET.B6sK2oeFaiA--~A
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Wed, 02 Aug 2023 11:49:52 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-Q.Bxr85E2oLHUyeHNxZ8U5bkET.B6sK2oeFaiA--~A
content-length
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 21A4
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=waposvIcSjCv0dQaZZaSTg&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=waposvIcSjCv0dQaZZaSTg
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=waposvIcSjCv0dQaZZaSTg
Protocol
HTTP/1.1
Server
52.94.222.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 02 Aug 2023 11:49:52 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
Q9WQBATVEJ22QF2GYZVP
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=waposvIcSjCv0dQaZZaSTg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 21A4
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEtUTzFFSUEtMUQtTUVLUw==
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGt0ed7yHO_2JKVVtdK4wR0&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEtUTzFFSUEtMUQtTUVLUw==&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEtUTzFFSUEtMUQtTUVLUw==&google_push=
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEtUTzFFSUEtMUQtTUVLUw==&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Expires
0
rubicon
match.adsrvr.org/track/cmf/ Frame 21A4 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 02 Aug 2023 11:49:52 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
generic
match.adsrvr.org/track/cmf/ Frame 9348
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5594854542
70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5594854542
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Wed, 02 Aug 2023 11:49:52 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Wed, 02 Aug 2023 11:49:52 GMT
etag
RX7a457ebda96349c3b5a4cd7d6143fdff003
expires
0
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5594854542
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma
no-cache
smwt256.gif
us.ck-ie.com/ Frame 331E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.110.114 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Wed, 02 Aug 2023 11:49:52 GMT
Server
nginx
5010584359958224364
csync.smilewanted.com/set_partner_userid_get/adform/ Frame D228
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
  • https://csync.smilewanted.com/set_partner_userid_get/adform/5010584359958224364
0
454 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/adform/5010584359958224364
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7f061999bdd718ef-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 02 Aug 2023 11:49:52 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-length
0
content-type
text/plain
date
Wed, 02 Aug 2023 11:49:52 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/adform/5010584359958224364
server
nginx
v1
match.sharethrough.com/universal/ Frame EEF0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.68.130.198 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-68-130-198.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Wed, 02 Aug 2023 11:49:52 GMT
smw888.gif
us.ck-ie.com/ Frame 8448 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.110.114 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Wed, 02 Aug 2023 11:49:52 GMT
Server
nginx
ev6oEwxfWd7YTbNoLO5b
csync.smilewanted.com/set_partner_userid_get/rtbhouse/ Frame 0F1F
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=smilewanted
  • https://creativecdn.com/cm-notify?pi=smilewanted&tc=1
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/ev6oEwxfWd7YTbNoLO5b?pi=smilewanted&tc=1
0
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/ev6oEwxfWd7YTbNoLO5b?pi=smilewanted&tc=1
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7f06199aefa818ef-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 02 Aug 2023 11:49:52 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Wed, 02 Aug 2023 11:49:52 GMT Wed, 02 Aug 2023 11:49:52 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/ev6oEwxfWd7YTbNoLO5b?pi=smilewanted&tc=1
pragma
no-cache
dc_oe=ChMIyL2SlvS9gAMV0UcdCR3EEg8OEAAYACDa14tXQhMI0tH1lfS9gAMVv-27CB20cgE3;met=1;ecn1=1;etm1=0;eid1=960584;
ade.googlesyndication.com/ddm/activity/ Frame 174B 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIyL2SlvS9gAMV0UcdCR3EEg8OEAAYACDa14tXQhMI0tH1lfS9gAMVv-27CB20cgE3;met=1;ecn1=1;etm1=0;eid1=960584;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 174B 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CtB_f3ELKZNLzL7_b7_UPtOWFuAPr0sWTb9jTw8-JEb__uePXAhABIJmjzypglYKAgKwHoAHIx7XyAsgBBagDAcgDE5gEAKoEngJP0K0CzJS52GsX-cJ299NrAi8GiCEHG-zQwXW74mYQ7FaV-VevNb8df_A64rBAP5w_xoyMoxbrGR6bRCOOOJHbF6E-i7uG0g3YG0_N1cf5PhvkTdGL4_dqCxuuk7oJSAZ7LdsltfXLv5HG1SPdixYPpoAINwtfWmacClTp0rR85sLafwgwprqYxFNeCL60aaZvUAGppCqC_JlPobFwWhRO6UPsWSIy1rxhyErAyYVuxlrp9eBByZd9zMb-UL8Mwv72P5CHBlH4wwJbOuoD2MTRsiirPNXUG3Ryk3-UR_gBVUZBszKL42Grtoj23kyNWGXNuoaPGCXl-9_5bGOS5rUOfQUmLM5bErJCGMYYg9N6FQb3q6N85PneWC11Sj82wAS7tLi-3APgBAOQBgGgBk6AB6C4yo0BqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDAgqBgoEw7CxArAToqzZEdATANgTDIgUAtgUAdAVAfgWAYAXAQ&sigh=1bSq9ZI9TLk&label=videoplaytime25&ad_mt=2665&sdkv=h.3.583.1&vci=CkUIAhoLQWRTZW5zZS9BZFggAyoMNjM3NzE2NzM4ODkyQABaImRvdWJsZWNsaWNrYnlnb29nbGUuY29tLW9taWQtdmlkZW8KjQEIARIVYmlkLmcuZG91YmxlY2xpY2submV0GgNEQk0gAyoJNTQ0MzY3MTIxMgkxODI2NDM2NzRAsQFSNQjnBxAPJQAAIEEoAToHdW5rbm93bkIHdW5rbm93bkjqAlAAWhBLdThSazVlM2Y3RDNDRkhQWhtkb3VibGVjbGlja2J5Z29vZ2xlLmNvbS1kc3AYAQ..
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/prebid/ Frame 71D4
Redirect Chain
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%...
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=c6780213fba4eaf93d58c3a20f3bf581
43 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=c6780213fba4eaf93d58c3a20f3bf581
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
an-x-request-uuid
21104677-a9c2-41ab-a84f-89a87575a780
cache-control
no-store, no-cache, private
content-length
43
content-type
image/gif
date
Wed, 02 Aug 2023 11:49:52 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
217.114.218.24; 217.114.218.24; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7f06199acf8218ef-FRA
content-type
text/html; charset=UTF-8
date
Wed, 02 Aug 2023 11:49:52 GMT
location
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=c6780213fba4eaf93d58c3a20f3bf581
server
cloudflare
async_usersync
ib.adnxs.com/ Frame 5036 		0
596 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:53 GMT
an-x-request-uuid
88108f86-6592-4bca-8b0e-d1cd08bd3331
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
217.114.218.24; 217.114.218.24; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 38A1 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=160447&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:53 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
03032023-031219571-600_500_homespot-router-weiss-wlane42aa675-71b9-4dcb-82a4-02763006e23c.png
s0.2mdn.net/4528404/ Frame A53C 		103 KB
103 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/03032023-031219571-600_500_homespot-router-weiss-wlane42aa675-71b9-4dcb-82a4-02763006e23c.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
37c2275346a926539fe51e964a5825e79bdcff0b0f53f55c9681dab96e69be49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16903489346352849191/index.html?e=69&leftOffset=0&topOffset=0&c=ceYuvTh8B1&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 04:57:20 GMT
x-content-type-options
nosniff
age
24754
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
105668
x-xss-protection
0
last-modified
Fri, 03 Mar 2023 11:12:19 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 03 Aug 2023 04:57:20 GMT
03082023-005400008-600_500_stern_jetzt-20-GB-extra99df2c33-380e-453a-a6e4-28b19ae3adc3.png
s0.2mdn.net/4528404/ Frame A53C 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/03082023-005400008-600_500_stern_jetzt-20-GB-extra99df2c33-380e-453a-a6e4-28b19ae3adc3.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1c01134c8fb953c6e6f93a4692d6384c5f372c3eac2d9fd95a991bd37f1d8a46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16903489346352849191/index.html?e=69&leftOffset=0&topOffset=0&c=ceYuvTh8B1&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 22:14:42 GMT
x-content-type-options
nosniff
age
48912
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25833
x-xss-protection
0
last-modified
Wed, 08 Mar 2023 08:54:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 02 Aug 2023 22:14:42 GMT
dc_oe=ChMIyufWlvS9gAMVatgRCB3KFQGdEAAYACC6vfdKQhMI-Zb_lfS9gAMVdEGkBB0iPwD-;stragg=1;&timestamp=1690976994417;str=Show%20Slide%200;strtype=1
ade.googlesyndication.com/ddm/activity/ Frame 5544 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIyufWlvS9gAMVatgRCB3KFQGdEAAYACC6vfdKQhMI-Zb_lfS9gAMVdEGkBB0iPwD-;stragg=1;&timestamp=1690976994417;str=Show%20Slide%200;strtype=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIyL2SlvS9gAMV0UcdCR3EEg8OEAAYACDa14tXQhMI0tH1lfS9gAMVv-27CB20cgE3;met=1;ecn1=1;etm1=0;eid1=18;
ade.googlesyndication.com/ddm/activity/ Frame 174B 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIyL2SlvS9gAMV0UcdCR3EEg8OEAAYACDa14tXQhMI0tH1lfS9gAMVv-27CB20cgE3;met=1;ecn1=1;etm1=0;eid1=18;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 174B 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CtB_f3ELKZNLzL7_b7_UPtOWFuAPr0sWTb9jTw8-JEb__uePXAhABIJmjzypglYKAgKwHoAHIx7XyAsgBBagDAcgDE5gEAKoEngJP0K0CzJS52GsX-cJ299NrAi8GiCEHG-zQwXW74mYQ7FaV-VevNb8df_A64rBAP5w_xoyMoxbrGR6bRCOOOJHbF6E-i7uG0g3YG0_N1cf5PhvkTdGL4_dqCxuuk7oJSAZ7LdsltfXLv5HG1SPdixYPpoAINwtfWmacClTp0rR85sLafwgwprqYxFNeCL60aaZvUAGppCqC_JlPobFwWhRO6UPsWSIy1rxhyErAyYVuxlrp9eBByZd9zMb-UL8Mwv72P5CHBlH4wwJbOuoD2MTRsiirPNXUG3Ryk3-UR_gBVUZBszKL42Grtoj23kyNWGXNuoaPGCXl-9_5bGOS5rUOfQUmLM5bErJCGMYYg9N6FQb3q6N85PneWC11Sj82wAS7tLi-3APgBAOQBgGgBk6AB6C4yo0BqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGiDAgqBgoEw7CxArAToqzZEdATANgTDIgUAtgUAdAVAfgWAYAXAQ&sigh=1bSq9ZI9TLk&label=videoplaytime50&ad_mt=5062&sdkv=h.3.583.1&vci=CkUIAhoLQWRTZW5zZS9BZFggAyoMNjM3NzE2NzM4ODkyQABaImRvdWJsZWNsaWNrYnlnb29nbGUuY29tLW9taWQtdmlkZW8KjQEIARIVYmlkLmcuZG91YmxlY2xpY2submV0GgNEQk0gAyoJNTQ0MzY3MTIxMgkxODI2NDM2NzRAsQFSNQjnBxAPJQAAIEEoAToHdW5rbm93bkIHdW5rbm93bkjqAlAAWhBLdThSazVlM2Y3RDNDRkhQWhtkb3VibGVjbGlja2J5Z29vZ2xlLmNvbS1kc3AYAQ..
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.m3u8
amg01742-walla-wallanews-ono-btlna.amagi.tv/playlist/amg01742-walla-wallanews-ono/cb543e1f7c6c648f9ed43d67d8ef42a4f9421fde1d6988693eb5518975d1073edce2a59caa08ff16388f1ede7f0a66413a3e951fda77118fd87... Frame 0EA1 		13 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://amg01742-walla-wallanews-ono-btlna.amagi.tv/playlist/amg01742-walla-wallanews-ono/cb543e1f7c6c648f9ed43d67d8ef42a4f9421fde1d6988693eb5518975d1073edce2a59caa08ff16388f1ede7f0a66413a3e951fda77118fd87eb141453c5728cfffe729a2c05616b7db083429b56a062a866a68ac39437ed0e21f48a238b6720a5aa82a66443d80b846ac7757db80148e78208bb3dc60396d390ec90c1fbcbf5ba0f8ff5e43ca78f0e4491dc42916b39f41c8d64da681d50ecb5e8e73a31180c1f2d8804181d79635a05fe706123256152d44abf2b93cccb8be4c7bfb562d541354e8bae18f245ea37233907c62a9c503da06dc8635841a5ad3e27c80e542ec46bf07aee246e2dfd320b79558d6a679585dc7c7a19cfa273abc2c9cc88c85232bc0a0463c2f5d0ea9d1e2daa1d4be3ca4ba415462741df62e3d72adb4508992a286a0928858902cc4fd26f95756636c1e0b8a51a3d53895799d309fc71d25535a57edb46184d7891060390fb18950824740f9c3ddd7964e1ada70175fdf65db700c7883613f2bab7eafda7447a11227a9797df7513e8502dbbd2ffea892a52533a7d1ca47b03ebee04482b857fe346c1753e2a26c6c444a7cc2e72958632e8d16b2a1bf8b1d3e09e2f3c2e9d31369574b707c38cbb3b73ecbf483437b31ce5c216c716a67b50cc466d205094d6efe17dda8066396444609e3b43449557c9cabe0d7d38b96981371e500c616e20ed55751d3fd/164/640x360_642400/index.m3u8
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/9330_f4446c29729bfb4db823_f4446c29729bfb4db823_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-49.fra6.r.cloudfront.net
Software
/
Resource Hash
592ff5bb81903b6900629d20850bb581c798f526b07011734a546ef7ba4631f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:54 GMT
via
1.1 google, 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
content-encoding
br
last-modified
Wed, 02 Aug 2023 11:49:54 GMT
x-amz-cf-pop
FRA6-C1
x-cache-status
FRA-fa985ced, miss
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/x-mpegURL
access-control-allow-origin
https://www.walla.co.il
x-cache
Miss from cloudfront
cache-control
max-age=1
access-control-allow-credentials
true
accept-ranges
none
x-amz-cf-id
6QLx_4xajKYYuPl-SK2W9McHwOzVwOB7q5lJ3BYyiKt3My87pyUYgg==
PugMaster
image6.pubmatic.com/AdServer/ Frame 38A1 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=54878064&p=160447&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
28048a639c916e07254a215fd7415372590c87c227080bb9bf0ea721d8c48f14

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Wed, 02 Aug 2023 11:49:54 GMT
content-length
2029
content-type
text/html; charset=UTF-8
match
c1.adform.net/serving/cookie/ Frame 7816 		35 B
591 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=41AF2F61-DF1E-47AD-B75E-FCBEF85865DC&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Wed, 02 Aug 2023 11:49:55 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 8970
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3834717352970909905&gdpr=0&gdpr_consent=
42 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3834717352970909905&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 02 Aug 2023 11:49:54 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
93113edc-4b3f-4b86-9873-fbece2719777
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Wed, 02 Aug 2023 11:49:55 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3834717352970909905&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
217.114.218.24; 217.114.218.24; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame A030
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7262690891818072211&gdpr=0&gdpr_consent=
42 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7262690891818072211&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 02 Aug 2023 11:49:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Wed, 02 Aug 2023 11:49:55 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7262690891818072211&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Pug
simage2.pubmatic.com/AdServer/ Frame 5BCF
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=k1hVeDC4WaZja4O8TDTQD9ly2hg&gdpr=0&gdpr_consent=
42 B
298 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=k1hVeDC4WaZja4O8TDTQD9ly2hg&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 02 Aug 2023 11:49:54 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Wed, 02 Aug 2023 11:49:55 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=k1hVeDC4WaZja4O8TDTQD9ly2hg&gdpr=0&gdpr_consent=
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame 0619 		85 B
259 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Wed, 02 Aug 2023 11:49:55 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-cph2320056-CPH
x-timer
S1690976995.117490,VS0,VE95
Pug
image2.pubmatic.com/AdServer/ Frame 8701
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEcGtVN0psSVlBQUNjZGtTRHZkdw&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AADpkU7JlIYAACcdkSDvdw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_par...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AADpkU7JlIYAACcdkSDvdw&pid=558502&do=add&gdpr=0
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AADpkU7JlIYAACcdkSDvdw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%2...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=3986590336847046134&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADpkU7JlIYAACcdkSDvdw&gdpr=0&gdpr_consent=
42 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADpkU7JlIYAACcdkSDvdw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 02 Aug 2023 11:49:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Wed, 02 Aug 2023 11:49:56 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADpkU7JlIYAACcdkSDvdw&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
mw
mwzeom.zeotap.com/ Frame 38A1 		95 B
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=41AF2F61-DF1E-47AD-B75E-FCBEF85865DC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:55 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
7f0619abcbc46964-FRA
access-control-allow-headers
*
content-length
95
info2
uipglob.semasio.net/pubmatic/1/ Frame 38A1
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=41AF2F61-DF1E-47AD-B75E-FCBEF85865DC&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=41AF2F61-DF1E-47AD-B75E-FCBEF85865DC&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=41AF2F61-DF1E-47AD-B75E-FCBEF85865DC&sInitiator=external&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
77.243.51.121 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:50:04 GMT
frontend-id
7
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:50:04 GMT
frontend-id
11
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=41AF2F61-DF1E-47AD-B75E-FCBEF85865DC&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 38A1
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=41AF2F61-DF1E-47AD-B75E-FCBEF85865DC&gdpr=0&gdpr_consent=
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=d260a5231f26a803d248d3371d65a5ee&gdpr=0
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=804cb39095bbdaf8/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1
  • https://c1.adform.net/serving/cookie/match?party=1242&redirect=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D68%26icm%26cver%26mapped%3D__ADFUID__%26gdpr%3D1
  • https://pixel.onaudience.com/?partner=68&icm&cver&mapped=5010584359958224364&gdpr=1
  • https://spl.zeotap.com/?zdid=1332&zcluid=804cb39095bbdaf8
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=88813a73-346f-4cef-5821-7e2d7347b981&reqId=779665fb-3a02-4480-6989-7eaccf5cd9be&zclui...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEAuWsv5aaltkSst6dNclwl0&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=88813a73-346f-4cef-5821-7e2d7347b981&reqId=779665fb-3a02-4480-6989-7ea...
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEAuWsv5aaltkSst6dNclwl0&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=88813a73-346f-4cef-5821-7e2d7347b981&reqId=779665fb-3a02-4480-6989-7eaccf5cd9be&zcluid=804cb39095bbdaf8&zdid=1332
Protocol
H2
Server
2606:4700:10::6816:1857 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:55 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
7f0619b0583e6964-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:55 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEAuWsv5aaltkSst6dNclwl0&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=88813a73-346f-4cef-5821-7e2d7347b981&reqId=779665fb-3a02-4480-6989-7eaccf5cd9be&zcluid=804cb39095bbdaf8&zdid=1332
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
469
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
ups.analytics.yahoo.com/ups/58292/ Frame 38A1 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=41AF2F61-DF1E-47AD-B75E-FCBEF85865DC&redir=true&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 -, , ASN (),
Reverse DNS
Software
ATS/9.1.10.64 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:55 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.64
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
41AF2F61-DF1E-47AD-B75E-FCBEF85865DC
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 38A1 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/41AF2F61-DF1E-47AD-B75E-FCBEF85865DC?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:cb40:4a86:732c:5dc5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:55 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
x.bidswitch.net/ Frame 38A1
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=a89279c2-b82c-4238-846a-41a30f2c2b62&gdpr=0&gdpr_consent=
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=a89279c2-b82c-4238-846a-41a30f2c2b62&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=63385e41-6f73-4254-84a3-feecfd04a8fe&ssp=pubmatic&expires=30&user_group=5&bsw_param=a89279c2-b82c-4238-846a-41a30f2c2b62
43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=4&user_id=63385e41-6f73-4254-84a3-feecfd04a8fe&ssp=pubmatic&expires=30&user_group=5&bsw_param=a89279c2-b82c-4238-846a-41a30f2c2b62
Protocol
H2
Server
18.196.113.49 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-113-49.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:49:55 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

Location
https://x.bidswitch.net/sync?dsp_id=4&user_id=63385e41-6f73-4254-84a3-feecfd04a8fe&ssp=pubmatic&expires=30&user_group=5&bsw_param=a89279c2-b82c-4238-846a-41a30f2c2b62
Date
Wed, 02 Aug 2023 11:49:55 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
current
pubmatic-match.dotomi.com/match/bounce/ Frame 38A1 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=41AF2F61-DF1E-47AD-B75E-FCBEF85865DC&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:20::2010 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:55 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 38A1
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8215906233994764765&gdpr=0&gdpr_consent=&us_privacy=
1 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8215906233994764765&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Wed, 02 Aug 2023 11:49:53 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8215906233994764765&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Wed, 02 Aug 2023 11:49:54 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
InterstateRegular-Bold.woff2
s0.2mdn.net/creatives/assets/4925812/ Frame 58AA 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4925812/InterstateRegular-Bold.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6578138867263583433/index-09647504.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9d52c7c5050b088109075328a9e830e4bfdf6446c763b9e69c637d5c0e11d599
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/6578138867263583433/index-09647504.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:46:16 GMT
x-content-type-options
nosniff
age
220
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29232
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 09:13:13 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 02 Aug 2023 12:01:16 GMT
InterstateCondensed.woff2
s0.2mdn.net/creatives/assets/4925812/ Frame 58AA 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4925812/InterstateCondensed.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6578138867263583433/index-09647504.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
241bb801b29748e542884f7b902c02f12f6a318ba97f70224986634926dbc433
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/6578138867263583433/index-09647504.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 11:45:54 GMT
x-content-type-options
nosniff
age
242
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28596
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 09:13:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 02 Aug 2023 12:00:54 GMT
logo.svg
s0.2mdn.net/4528404/1687521602712/ Frame 58AA 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/1687521602712/logo.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0d80991c6e4b62d5c77985c1e293aad44cc120e03aee7ae6936c79d25a0e467
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6578138867263583433/index.html?e=69&leftOffset=0&topOffset=0&c=DxqKZwJqII&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 07:40:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14989
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1913
x-xss-protection
0
last-modified
Fri, 23 Jun 2023 12:00:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 03 Aug 2023 07:40:07 GMT
cta_mit-pfeil_01.svg
s0.2mdn.net/4528404/1687937402098/ Frame 58AA 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/1687937402098/cta_mit-pfeil_01.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a9cba16c5a30dc7cc3bdcbba2a45e9e2e28ec4437894302c6676369ed0ec732
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6578138867263583433/index.html?e=69&leftOffset=0&topOffset=0&c=DxqKZwJqII&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 20:34:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54943
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1134
x-xss-protection
0
last-modified
Wed, 28 Jun 2023 07:30:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 02 Aug 2023 20:34:13 GMT
congstar-stoerer_gb-plus_small.svg
s0.2mdn.net/4528404/1687525202075/ Frame 58AA 		2 KB
1010 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/1687525202075/congstar-stoerer_gb-plus_small.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
644aace6e359180bf6b29b4a7b172f7b6cb8c937fa531eed22a6447fab6a2c8c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6578138867263583433/index.html?e=69&leftOffset=0&topOffset=0&c=DxqKZwJqII&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 21:51:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
50300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
974
x-xss-protection
0
last-modified
Fri, 23 Jun 2023 13:00:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 02 Aug 2023 21:51:36 GMT
dc_oe=ChMI3eHWlvS9gAMVxIk4Ch2WTQOIEAAYACCPzO5cQhMI-Jb_lfS9gAMVdEGkBB0iPwD-;stragg=1;&timestamp=1690976996444;str=nextSlide;strtype=1
ade.googlesyndication.com/ddm/activity/ Frame 7622 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI3eHWlvS9gAMVxIk4Ch2WTQOIEAAYACCPzO5cQhMI-Jb_lfS9gAMVdEGkBB0iPwD-;stragg=1;&timestamp=1690976996444;str=nextSlide;strtype=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI3eHWlvS9gAMVxIk4Ch2WTQOIEAAYACCPzO5cQhMI-Jb_lfS9gAMVdEGkBB0iPwD-;stragg=1;&timestamp=1690976996456;str=nextSlide;strtype=1
ade.googlesyndication.com/ddm/activity/ Frame 7622 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI3eHWlvS9gAMVxIk4Ch2WTQOIEAAYACCPzO5cQhMI-Jb_lfS9gAMVdEGkBB0iPwD-;stragg=1;&timestamp=1690976996456;str=nextSlide;strtype=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Aug 2023 11:49:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

386 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| 33 object| 34 object| 35 object| 36 object| 37 function| addScriptPromise object| _0x1a15 function| _0x14cd object| googletag object| WallaTargeting string| _taboolaOS object| twttr string| isAAB string| pageNumberInSession string| fatherSessionInSession object| dataLayer object| wallaGlobalEventData object| wallaEnv object| slotslist function| gtag function| ga object| _sf_async_config string| loadDataState function| smartlook boolean| isMobile undefined| showInterstitial undefined| interstitialData undefined| timestamp undefined| attempts undefined| served undefined| hourPassed undefined| url undefined| ref undefined| refFits undefined| adunit undefined| getInterstitialData object| google_tag_data object| gaplugins object| _cb_shared object| pSUPERFLY_mab object| _cbq object| pSUPERFLY object| __LOADABLE_LOADED_CHUNKS__ function| postscribe object| google_tag_manager_external object| google_tag_manager function| _ object| dmp object| permutive function| fbq function| _fbq object| ggeac object| google_js_reporting_queue function| _typeof object| TRC object| _taboola object| _tblConsole object| GooglebQhCsO object| _0xbf5f function| _0x3e21 object| _vadHb object| vadprebidChunk object| vadprebid object| _pbjsGlobals object| ADAGIO object| _cbm string| GoogleAnalyticsObject object| gaGlobal object| gaData object| google_conversion_id object| google_custom_params object| google_remarketing_only object| adoric object| __twttrll object| __twttr object| regeneratorRuntime string| __strip_step__ boolean| WallaA11 string| pm_pgtp undefined| msg undefined| google_measure_js_timing function| GooglemKTybQhCsO object| google_conversion_date object| google_conversion_time number| google_conversion_snippets number| google_conversion_first_time object| google_conversion_js_version object| google_conversion_format object| google_enable_display_cookie_match object| google_conversion_type object| google_conversion_order_id object| google_conversion_language object| google_conversion_value object| google_conversion_currency object| google_conversion_domain object| google_conversion_label object| google_conversion_color object| google_disable_viewthrough object| google_gtag_event_data object| google_conversion_linker object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_allow_ad_personalization_signals object| google_restricted_data_processing object| google_conversion_items object| google_conversion_merchant_id object| google_user_id object| onload_callback object| opt_image_generator object| google_gtm_url_processor object| google_conversion_page_url object| google_conversion_referrer_url object| google_gtm object| google_gcl_cookie_prefix object| google_gcl_cookie_path object| google_gcl_cookie_flags object| google_gcl_cookie_domain object| google_gcl_cookie_max_age_seconds object| google_read_gcl_cookie_opt_out object| google_basket_feed_country object| google_basket_feed_language object| google_basket_discount object| google_basket_transaction_type object| google_additional_conversion_params object| google_additional_params object| google_transport_url object| google_gtm_experiments object| __adoric__ boolean| IS_ADORIC_LOADED object| Criteo number| google_unique_id function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id string| trc_item_url object| TRCImpl function| PlayerSdk object| WallaPlayerApi boolean| _tb_dis string| pm_ppy string| _pmep string| _pmep_geo string| _pmpmk boolean| _pmasync boolean| _pmoptimization boolean| _pmoptimizationmanipulation boolean| _pmhp boolean| _pmsb object| pmk object| pmglb object| pmfa object| pmad object| pmdebug_c object| _pmenv object| _pma undefined| _tb_d undefined| _tb_rand object| _pm_ecd function| _pmloadfile function| pmws_request_done function| _tb_getUrlParameter object| webpackChunk_smartlook_recorder object| ox_esp object| signal_decrypted function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_na object| sync16589_wa object| sync16589_xa function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_K function| sync16589_L function| sync16589_M function| sync16589_J function| sync16589_la function| sync16589_ma function| sync16589_N function| sync16589_O function| sync16589_oa function| sync16589_P function| sync16589_pa function| sync16589_qa function| sync16589_ra function| sync16589_Q function| sync16589_sa function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_R function| sync16589_S function| sync16589_ya function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_W function| sync16589_za function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Da function| sync16589_Aa function| sync16589_1 function| sync16589_Ca function| sync16589_Ba function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Fa function| sync16589_Ga function| sync16589_Ia function| sync16589_Ea function| sync16589_7 function| sync16589_Ha function| sync16589_Ka function| sync16589_Ja function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_La function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_$ function| sync16589_Pa function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa object| lotame_sync_16589 function| setImmediate function| clearImmediate object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_139 object| Criteo_identitytag_139 object| __uid2SecureSignalProvider object| __uid2 object| pbjs object| _33across object| _pmk function| TBWidgetFacebook function| TBVideoElem function| TBVideoEvents function| TBOptimizationAutoPlayInfoFromXPathAndURL function| TBWidgetVideoPlayer function| TBGenericVideoModule function| TBOtherPlayer function| TBVideoMetaData function| TBVideo function| TBVideoDetectionYoutubeAPI function| TBOptimizationTouchAndClickEventTracker function| TBWidgetStorage object| PMFileLoader object| PMPage object| PMTemplate function| PMTracking function| PMUniversalGA function| PMMdotLabs function| PMComScore function| PMPublisher function| TBOptimization function| PMGlobal function| pmws_getlocation_done object| pmdebug object| pmws object| pi object| _pm_mcg object| image object| sas object| apntag object| _ADAGIO number| google_global_correlator object| GoogleGcLKhOms number| taboola_view_id object| closure_lm_513876 object| a object| sw_consent object| owpbjsChunk object| owpbjs object| PWT string| nam object| placementData object| google_image_requests object| tbopt object| cmTag object| _cm_wfCounters object| ONFOCUS object| criteo_pubtag_prebid_136 object| Criteo_prebid_136

84 Cookies

Domain/Path Name / Value
.walla.co.il/ Name: _cb
Value: Dj5g6eDO0eCdBTNNv1
.walla.co.il/ Name: _chartbeat2
Value: .1690976986891.1690976986891.1.UcPd8DjhC7vBEVtTKBi0y7TEawSj.1
.walla.co.il/ Name: _cb_svref
Value: null
.walla.co.il/ Name: _gcl_au
Value: 1.1.1150359355.1690976987
.walla.co.il/ Name: _t_tests
Value: eyJnbUVhYzZOY0RsQjNhIjp7ImNob3NlblZhcmlhbnQiOiJBIiwic3BlY2lmaWNMb2NhdGlvbiI6WyJEdGtDUEoiXX0sIjVrTDJnaDVqQWZhSEkiOnsiY2hvc2VuVmFyaWFudCI6IkEiLCJzcGVjaWZpY0xvY2F0aW9uIjpbIkJaS0h5QSJdfSwiQzZJdkNVclVRMElGSSI6eyJjaG9zZW5WYXJpYW50IjoiQSIsInNwZWNpZmljTG9jYXRpb24iOlsiRFFuaXI2Il19LCJGb0ZIb01jam9SMEtsIjp7ImNob3NlblZhcmlhbnQiOiJCIiwic3BlY2lmaWNMb2NhdGlvbiI6WyJEYU1fcXYiLCJ0bXVfdSJdfSwiaU03S055bjlhUkdkbSI6eyJjaG9zZW5WYXJpYW50IjoiQiIsInNwZWNpZmljTG9jYXRpb24iOlsiRGdTV192Il19LCJlSmJIbU5uTnMyMEdDIjp7ImNob3NlblZhcmlhbnQiOiJCIiwic3BlY2lmaWNMb2NhdGlvbiI6WyJER09pdkQiXX0sIkIydWs1aUY4MjV3c2IiOnsiY2hvc2VuVmFyaWFudCI6IkIiLCJzcGVjaWZpY0xvY2F0aW9uIjpbIkJiTzN4MyJdfSwiMDFyYXNMTFlsdGtDeiI6eyJjaG9zZW5WYXJpYW50IjoiQSIsInNwZWNpZmljTG9jYXRpb24iOlsiQ1ZYSEtTIl19LCJUWkhOUzlWbzFwMzU2Ijp7ImNob3NlblZhcmlhbnQiOiJBIiwic3BlY2lmaWNMb2NhdGlvbiI6WyJxX1NuRCJdfSwiTlNjem5vM3JCWHFZVSI6eyJjaG9zZW5WYXJpYW50IjoiQSIsInNwZWNpZmljTG9jYXRpb24iOlsibzlFdjciXX0sIk1CV2V2cjZaZlVyWFAiOnsiY2hvc2VuVmFyaWFudCI6IkEiLCJzcGVjaWZpY0xvY2F0aW9uIjpbIi0yMmVoIl19LCJTOWhwZkRqZEN0dFlEIjp7ImNob3NlblZhcmlhbnQiOiJDIiwic3BlY2lmaWNMb2NhdGlvbiI6WyJCUExoX1MiXX0sImV3emxDZ2VCTTFWRkIiOnsiY2hvc2VuVmFyaWFudCI6IkEiLCJzcGVjaWZpY0xvY2F0aW9uIjpbIkJHQ25MZyJdfSwiS0JwanhpMlZUbzlmcCI6eyJjaG9zZW5WYXJpYW50IjoiQyIsInNwZWNpZmljTG9jYXRpb24iOlsiQ0hMcjBKIl19LCJWTWg2NDZBS0EyYW5OIjp7ImNob3NlblZhcmlhbnQiOiJCIiwic3BlY2lmaWNMb2NhdGlvbiI6WyJEXzNuX1kiXX0sInp0bWsyZmU4cnhLV2YiOnsiY2hvc2VuVmFyaWFudCI6IkEiLCJzcGVjaWZpY0xvY2F0aW9uIjpbIkI1SE5reSIsIkNUbnRUUSJdfSwibW9iYXRKQXZmVGhwdiI6eyJjaG9zZW5WYXJpYW50IjoiQSIsInNwZWNpZmljTG9jYXRpb24iOlsiQmtxS28tIl19LCJsaWZ0X2V4cCI6Im0ifQ==
.walla.co.il/ Name: _gid
Value: GA1.3.1300387108.1690976987
.walla.co.il/ Name: _gat_UA-4780630-1
Value: 1
www.walla.co.il/ Name: strip_step
Value: 2
.walla.co.il/ Name: _wpnis
Value: 2
.walla.co.il/ Name: _wfsis
Value: https://www.walla.co.il
.walla.co.il/ Name: _ga_RYD7X7E8VN
Value: GS1.1.1690976987.1.0.1690976987.0.0.0
.walla.co.il/ Name: _ga_TSQY5YTYZ0
Value: GS1.1.1690976987.1.0.1690976987.0.0.0
.walla.co.il/ Name: vad-loc-code
Value: de
www.walla.co.il/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.doubleclick.net/ Name: IDE
Value: AHWqTUns6b4vo9M8HOFVKJToEL7UYkW-KSwAFyIJyy6G2TuyZYvz3SlZGAprOT5Y
.walla.co.il/ Name: _fbp
Value: fb.2.1690976988096.1681039165
.walla.co.il/ Name: _ga
Value: GA1.3.2119126147.1690976987
.walla.co.il/ Name: lotame_domain_check
Value: walla.co.il
.dxmdp.com/ Name: dmpid
Value: 84eda7d2-9d81-4d9f-96df-9397808caca0
.criteo.com/ Name: uid
Value: c076a92c-50ef-40a1-9228-32e6df77ce66
.adnxs.com/ Name: icu
Value: ChgIgKNkEAoYASABKAEw3IWppgY4AUABSAEQ3IWppgYYAA..
.adnxs.com/ Name: uuid2
Value: 3834717352970909905
.walla.co.il/ Name: __gads
Value: ID=d3a3a5791364b0b2:T=1690976988:RT=1690976988:S=ALNI_MZPLojV7kc2FRD0p4dg4SG5AVAiXg
.walla.co.il/ Name: __gpi
Value: UID=00000c754fd627ea:T=1690976988:RT=1690976988:S=ALNI_MZvbOflay9kZEjQnyU2LPH3g2QtPg
.openx.net/ Name: i
Value: d45391e2-70d6-4ea8-8ea5-0c3d26a9a32c|1690976988
.rubiconproject.com/ Name: khaos
Value: LKTO1EIA-1D-MEKS
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qr9SJxs+yxW2LU1ZxogGjlwOA+xFj1I9sfQKCb/4IkTDoTz3Ts+mZ40uOYdOTdJHhkjwJGYVf1/R+BxGCOXoSK1/sl3J0mLRJa+xUA9sgf/4b7FQD2yB//h
.dxmdp.com/ Name: audids
Value:
.betweendigital.com/ Name: dc
Value: lux1
.betweendigital.com/ Name: tuuid
Value: 537b61ae-e392-52d6-ba3c-23fedef66123
.betweendigital.com/ Name: ss
Value: 1
.doubleclick.net/ Name: APC
Value: Aa3gxNomluWDhDIl1S9s8XGCjRr86_BMPxz1XkZjaS-_2Z419JSx4w
.betweendigital.com/ Name: ut
Value: ZMpC3QAEdKDxQp5cqyiiJXOYrDeq7M4j6gJEvQ==
www.walla.co.il/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3D40abb326-6c0d-40b6-a0ad-5d4b31d68375-tuctbc3c85c
.turn.com/ Name: uid
Value: 8215906233994764765
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-7a457ebd-a963-49c3-b5a4-cd7d6143fdff-003%22%7D
.casalemedia.com/ Name: CMID
Value: ZMpC3hY46L.Ts4Y28pudWQAA
.casalemedia.com/ Name: CMPS
Value: 3192
.casalemedia.com/ Name: CMPRO
Value: 3192
.blismedia.com/ Name: b
Value: 64CA42DEBAECBEB5BDA10DA3BLIS
.lijit.com/ Name: ljt_reader
Value: HFVlsGZHfXGRSmJESuGNAQTf
.simpli.fi/ Name: suid
Value: 2A7AD850A6354339B09C1E152051765E
.vtracy.de/ Name: tr_id
Value: vi-46f09c89-5108-422a-a22a-56e63a3da50e
.vtracy.de/ Name: tr_dt
Value: 2023-08-02+13%3A49%3A50
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 41AF2F61-DF1E-47AD-B75E-FCBEF85865DC
.yahoo.com/ Name: A3
Value: d=AQABBN5CymQCEIf_1QodnywYQRPa9Jnq3gQFEgEBAQGUy2TUZAAAAAAA_eMAAA&S=AQAAAhE8zS0cSI09ABzHa576R0w
.mathtag.com/ Name: mt_mop
Value: 4:1690976991
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZMpC3gAFfLfQAABY
.tribalfusion.com/ Name: ANON_ID
Value: a8ntuJw5EGiAaINQfTsPWZc6QMoLaQbDDx6PZabZapWYZbUc3tTXGnmUop9EJmuN5wgZdZaT1RI2PF5XPdP0REoFK9IG4P
.walla.co.il/ Name: cto_bundle
Value: 8EMuOF9sd0E3MFptMUZ3aGR2NEFxYTFNeVd1NjNtMyUyRm9aQnVaaUQ3ZkVvVFljWmRVSXZzckp4eDBHdjFiQXNmNnRyZ0NiQ2xWWENlQWpOVlN1NkxNQURQMUtBdVFoQkxnYWE5SVlUT2pZcGFOTHVQTk41YyUyRllzRmZtUXBxRTNGMmUlMkJURHBWUGZ4dko3Q0Vrb0IlMkJLT3M2dUJDUSUzRCUzRA
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: DPSync3
Value: 1692144000%3A201_245_241_235
.pubmatic.com/ Name: SyncRTB3
Value: 1692144000%3A13_54_161_56_46_251_220_21_8%7C1692230400%3A35
.quantserve.com/ Name: mc
Value: 64ca42e0-08684-b5877-f26a9
.weborama.fr/ Name: AFFICHE_W
Value: 0zgUKfLAVjDT67
.adform.net/ Name: C
Value: 1
.quantserve.com/ Name: d
Value: EJUBEgHOKfijC_vLEA
.de17a.com/ Name: guid
Value: 1.6787409872298853058
.adform.net/ Name: uid
Value: 5010584359958224364
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_9vEyGtoZmlgaW5maWlkaGgIAG-1tXMQAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MTI2NjM3MjGxNDU0MLYwMhHiM9QNcDHzMPELd_YIz8sDAJ7hIHclAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MTI2NjM3MjGxNDU0MLYwMhHiM9QNcDHzMPELd_YIz8sDAJ7hIHclAAAA
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEOoxkNRQfetjY9h4Sm67Ca8&KRTB&23025-CAESEOoxkNRQfetjY9h4Sm67Ca8&KRTB&23386-CAESEOoxkNRQfetjY9h4Sm67Ca8
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-kevu25Pt6IqK77WMn-ug2JLnuo2Kub-MxuadYzew&KRTB&19420-kevu25Pt6IqK77WMn-ug2JLnuo2Kub-MxuadYzew&KRTB&22979-kevu25Pt6IqK77WMn-ug2JLnuo2Kub-MxuadYzew&KRTB&23403-kevu25Pt6IqK77WMn-ug2JLnuo2Kub-MxuadYzew
.w55c.net/ Name: wfivefivec
Value: U91oU8B11Qrams5
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-5142336724495103824
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-7a457ebd-a963-49c3-b5a4-cd7d6143fdff-003%22%2C%22nxtrdr%22%3Afalse%2C%22zdxidn%22%3A%222069.66%22%7D
.w55c.net/ Name: matchcasale
Value: 5
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-5010584359958224364&KRTB&23263-5010584359958224364&KRTB&23481-5010584359958224364
.pubmatic.com/ Name: PugT
Value: 1690976992
.brand-display.com/ Name: _knxq_
Value: c33cc91b-fd30-36d8-9001da4b.1690976992.0.1690976992.1690976992
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.creativecdn.com/ Name: u
Value: ev6oEwxfWd7YTbNoLO5b
.creativecdn.com/ Name: ts
Value: 1690976992
.audrte.com/ Name: arcki2
Value: 9dh27WHncSwSFOhuw70Ta2TwQ!20220908!1690976992416!ip#217.114.218.24
.audrte.com/ Name: arcki2_pubmatic
Value: 41AF2F61-DF1E-47AD-B75E-FCBEF85865DC!20220908!1690976992418
.smilewanted.com/ Name: sw_user_params_infos
Value: P6xR736plr0Y8JOQ5T%2FbrFtzCxnjzLde7cVfbni%2BucJ7qqoKnmeRLY%2BBUSQTmbVIK1MKwa2KMihqwcuttfclQWJZSVSEM8hBoNTWjjz%2BH01M4pLuYJn%2BfurVJPB6gRW7Xe5Vf57gfITfqqr110JIJaU7qL9C25MMz%2BNAJzmUJPtiycFfsUZithnq9CcTKR6Qihah2d%2B1dQ1U%2BpqND3aHSrZpsHqdb8iIYzd4eNgggDcunCMtFgeT6Pf%2BPcO4brkDpVOYtbUHwcr7rpm%2BHWY0Oe%2BRswiQZhC8EH7Z91g%2BqbV8zzym1UzEFaLEfhs%2Bl7xIHHe8khQp9GjNqNCkUHWt8RHc%2FN0xakwtAMRcEI8yUR58sTMsQNAiNpfHonkKdlD6
.adnxs.com/ Name: anj
Value: dTM7k!M40<EVNsVF']wIg2GUdvuLC)!A#Ed.TOKKnyW<U1`VROYQM-:DsA:]AF<>aVFFAh>oNiNaa#NV^08]Wjx7K5/X%W#.wLP<6FISa`*%l8h01fNR!ybuSvPNj)DWPq?gWi.RB'=`i^xG@=N%^Z-cHSx3nXm/!7HEFG(j89
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJzbWlsZXdhbnRlZCI6eyJ1aWQiOiJjNjc4MDIxM2ZiYTRlYWY5M2Q1OGMzYTIwZjNiZjU4MSIsImV4cGlyZXMiOiIyMDIzLTEwLTMxVDExOjQ5OjUyWiJ9fSwiYmlydGhkYXkiOiIyMDIzLTA4LTAyVDExOjQ5OjUyWiJ9
.audrte.com/ Name: arcki2_ddp2
Value: 9dh27WHncSwSFOhuw70Ta2TwQ!20220908!1690976992579
.amazon-adsystem.com/ Name: ad-id
Value: A8M1wVYJ50y9pAvxARfrvoQ
.audrte.com/ Name: arcki2_adform
Value: 5010584359958224364!20220908!1690976992737
.pubmatic.com/ Name: SPugT
Value: 1690976993
.ads.pubmatic.com/ Name: KCCH
Value: YES

3 Console Messages

Source Level URL
Text
network error URL: https://cdn.permutive.com/bdbae668-c577-4545-8fc2-4ad4eab52b2c-web.js?d=2023-08-02
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=41AF2F61-DF1E-47AD-B75E-FCBEF85865DC&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6787409872298853058
Message:
Failed to load resource: the server responded with a status of 502 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

12890047.adoric-om.com
1fdf44aa92c382f32e15c6e0bb845c80.safeframe.googlesyndication.com
a.audrte.com
a.tribalfusion.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.turn.com
ade.googlesyndication.com
ads.betweendigital.com
ads.creative-serving.com
ads.pubmatic.com
ads.stickyadstv.com
adservice.google.com
ajax.googleapis.com
am-match.taboola.com
am-trc-events.taboola.com
am-vid-events.taboola.com
amg01742-walla-wallanews-ono-btlna.amagi.tv
ap.lijit.com
app.adoric-om.com
bcp.crwdcntrl.net
bh.contextweb.com
bid.g.doubleclick.net
bidder.criteo.com
bs.yandex.ru
c1.adform.net
cdn-ima.33across.com
cdn-uw2-prod.tsv2.amagi.tv
cdn.id5-sync.com
cdn.indexww.com
cdn.jsdelivr.net
cdn.permutive.com
cdn.prod.uidapi.com
cdn.taboola.com
cdn.valuad.cloud
cds.taboola.com
cf.dxmcdn.com
cm.adform.net
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
cr.frontend.weborama.fr
creativecdn.com
csi.gstatic.com
csync.smilewanted.com
d2r08ja41ypc0t.cloudfront.net
d5p.de17a.com
dal.walla.co.il
dclk-match.dotomi.com
dis.criteo.com
dmp.adform.net
dmp.brand-display.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
esp.rtbhouse.com
eus.rubiconproject.com
event.dxmdp.com
fastlane.rubiconproject.com
gcdn.2mdn.net
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hb-api.omnitagjs.com
hb-dot-valuad.appspot.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id5-sync.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image6.pubmatic.com
images.taboola.com
images.wcdn.co.il
imasdk.googleapis.com
imprammp.taboola.com
invstatic101.creativecdn.com
js-sec.indexww.com
loada.exelator.com
mab.chartbeat.com
mabping.chartbeat.net
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
mp.4dex.io
mug.criteo.com
mwzeom.zeotap.com
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
ping.chartbeat.net
pips.taboola.com
pixel.onaudience.com
pixel.rubiconproject.com
pixelgroup-d.openx.net
platform.twitter.com
pm-widget.taboola.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid.smilewanted.com
prg.smartadserver.com
pro.ip-api.com
pubads.g.doubleclick.net
pubmatic-match.dotomi.com
r.turn.com
r1---sn-4g5edns6.c.2mdn.net
red.vtracy.de
region1.google-analytics.com
rtb-csync.smartadserver.com
rtb.openx.net
s.amazon-adsystem.com
s.tribalfusion.com
s0.2mdn.net
script.4dex.io
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
spl.zeotap.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssc.33across.com
ssum-sec.casalemedia.com
static.adoric.com
static.chartbeat.com
static.criteo.net
static.smilewanted.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.mathtag.com
sync.richaudience.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.teads.tv
syndication.twitter.com
tags.crwdcntrl.net
tags.dxmdp.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
trc.taboola.com
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
us.ck-ie.com
vidstat.taboola.com
web-sdk.smartlook.com
web.hb.ad.cpe.dotomi.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.walla.co.il
x.bidswitch.net
104.102.35.84
104.18.11.47
104.18.24.112
104.18.24.185
104.19.150.54
104.22.69.131
104.244.42.72
13.224.189.75
13.227.219.86
13.227.219.97
13.248.245.213
138.201.8.249
141.226.224.32
141.226.228.48
142.250.185.226
142.250.186.130
142.250.186.66
142.250.186.98
146.59.148.16
151.101.129.44
151.101.130.49
151.101.193.108
162.19.138.119
178.250.1.9
178.250.7.13
18.195.32.10
18.196.113.49
18.198.69.109
18.66.97.111
185.184.8.90
185.255.84.151
185.29.132.241
185.64.189.112
185.64.190.78
185.64.191.210
185.80.39.216
185.86.138.151
185.86.138.155
185.89.211.84
188.42.191.196
193.0.160.131
198.47.127.20
198.47.127.205
2.16.202.99
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
205.185.216.42
208.93.169.131
209.54.182.161
213.155.156.166
216.52.2.86
23.213.164.238
2600:9000:2057:1a00:18:1fcd:353:c61
2600:9000:2057:aa00:4:1c73:c740:93a1
2600:9000:2057:c000:a:e047:753:be1
2600:9000:20eb:c800:11:da61:a100:93a1
2602:803:c003:200::44
2606:2800:234:59:254c:406:2366:268c
2606:4700:10::6816:1857
2606:4700:10::ac43:266a
2606:4700:20::ac43:4bf1
2606:4700::6810:5514
2606:4700::6812:19ad
2606:4700::6812:272
2607:f8b0:4001:c61::78
2620:116:800d:21:b314:a0ef:ab7c:d546
2a00:1450:4001:6d::6
2a00:1450:4001:803::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:810::200e
2a00:1450:4001:813::200e
2a00:1450:4001:827::2014
2a00:1450:4001:828::2001
2a00:1450:4001:828::2002
2a00:1450:4001:828::200a
2a00:1450:4001:829::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2006
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2004
2a00:1450:4001:830::200a
2a00:1450:4001:831::2008
2a00:1450:400c:c02::9d
2a02:2638:3::3
2a02:2638:d::a
2a02:2638:d::d
2a02:6b8::90
2a02:6ea0:c700::19
2a02:fa8:8806:20::2010
2a02:fa8:8806:20::2100
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a04:4e42:400::714
2a04:4e42::300
2a05:d018:d29:3605:cb40:4a86:732c:5dc5
2a06:98c1:3120::3
3.122.126.194
3.124.112.76
3.68.130.198
3.71.149.231
34.102.146.192
34.111.129.221
34.111.131.239
34.111.151.213
34.120.135.53
34.120.218.58
34.149.20.76
34.160.198.118
34.96.105.8
34.96.70.87
35.190.39.111
35.204.158.49
35.227.252.103
35.244.159.8
37.157.6.233
46.228.174.117
5.135.209.97
51.77.64.70
51.89.9.251
52.21.223.114
52.212.242.190
52.223.40.198
52.49.50.175
52.58.63.153
52.71.47.12
52.94.222.140
54.172.28.235
54.224.144.126
54.74.76.239
63.34.78.10
65.9.66.68
67.202.105.24
69.173.144.138
69.173.144.139
74.125.206.157
77.243.51.121
8.2.110.114
85.114.159.118
95.101.149.233
99.86.4.49
001acbb15d9c69510c0817e6dde361bff098406fad182ab3c367f86ff3da8343
0050922084fccb60b02397abadcb0cf88929765f12c2d817c5f675b935bcd196
0266f1413b772dfa298d717f940a6a36ba5fc069c6bb2d19fcae93ee15d773fd
026a089688456c68238f86bbf1abbbe0d80a547711220a147b529dbc91d2a730
02b9a34773ec700d23a92657536ca41b37bdd6012f2604ed935ebc25b5cbccd0
04af9b5f5e7d4140b6b8e4610c0f93714093f9f7bfe6df57766f70a4caf8c80d
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06629d4561f4f5300f64a9bd017f09f07617d10fe67e3c82feabd39d52aad534
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
09647504671a7ef9bb925c74c26e6be969edc1ded8ef8a94aa4b1ab1cdfc60af
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0be100794564bd3b902d1ab407bb9662940060c057c7669eb03bb1cbd69db8f8
0c1ce1aa8e07e9cd49cd881147c0495b5c636dab10ab1c30ceb935b74a8c0ecd
0c2dc4c75f65029c557cd0f5e0ceefbb5152a2fe91b81a7e32de1107f91a05f3
0ca578004c17a038ab0b78306e6bf07a05fd2f4617cd4d2c9b774ef09b796a1e
0cbdcc7e5bc4af4fa7963965c349288c941fddde011311ab6e16a70a98df7dc4
0df359c453dcc2f746597f52d28a7c6166aaf0cda018960a79643e8526de141b
0f7d8517a9252b589b6d574954c9c7a74539894b8a87b9e31e4d2e0cb8d4dfa3
1083d32b6bd31c5bb8b662eb0bd3840484d66a62b699da6acd56b83f7ba05a5a
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13c880788c665edaa8d59fcae64edadba378c13bcdeb0860d835f4faeb0a83c4
15288727a5b8d5400bad2146718c4e7900437d89971e8920028a6a1d9ec3255d
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
173c5232fc94635df462181cf6ffeeaecc0ce9604a65d33e64ecf1e28543d8f8
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
188aae7cbef4f04bc49f96b816c3ca8e442f9c649d0318906ac30439706a3552
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
1a9cba16c5a30dc7cc3bdcbba2a45e9e2e28ec4437894302c6676369ed0ec732
1bff8594649b1033f7a86bd894b3f760d65a0e4759164d8d92d0ef8387c91b1f
1c01134c8fb953c6e6f93a4692d6384c5f372c3eac2d9fd95a991bd37f1d8a46
1c54b9d1b579c59f8245fd21a021725c0dbde06ec90f44df1bbc03458f40dfe8
1d019867c120344469403527c7d958861b81d0fc873813c97ee135f707d74122
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1ecf4282b8bf7972fef393a13e12bf34447d1020801384e2ce514e7013b0e653
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
20eefda5e8fdfa079f96d95aa209ad655ec7025054be4c5d5157d9873e2cc29e
233ea4a6b15a4c0190686852b27706807fe2fec270d3c9f3e8167d4dddaa0250
23e2409494818d5a7bbcf232f0818db8599da2d9c3c1856572f95ffc7b4b1d2e
24011b4c797fe6c785e814b4ca1ab08109552ab9defeaae981e06163eb196bb2
241bb801b29748e542884f7b902c02f12f6a318ba97f70224986634926dbc433
259370cf0a380366a96e31df0d482d4d7c5d59f52788c3e4db0119493c8e50cb
27a269fad52fb81fccb25485bf480f6d8bbbc641bdcdcf8cb1a77ec7677fda18
28048a639c916e07254a215fd7415372590c87c227080bb9bf0ea721d8c48f14
284a7c8583cb60bb8fc9d3d599f916c1634ece2b93f135777a490359fda2018f
28eac36479c83ab5c1d7881ae078eff90ba02be1ac4f082b75505830e323b0be
292b06419875f9f4692ad49d65f451e150df458443785d416e853a89e4c7ad5e
29f35c2c30f76a8a6cf5f079cef45f6316b5fefc26da8c1e128c49f537e50988
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2dda23d88c847231d28401a1418c049d4b3bc3c136a958ffaaf2a19602a5db29
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
301bf90c72cd880946376981a30c087ebfdb02bf1a96780e311b7c48a0ed03a2
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
308162ab6182eb0cfc70a372cf450a31cb07c86c2a4a53650e7c9e4784f56330
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
31f4c5a62160b5b5551d04087e5b4d28a320414b826e210c82030e179badfcfd
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33a6bceccdad3831c446c41d3f3eccf4753b5646b9205cda82960bb4dcd2249a
3499b57abade421fe89bc1736b5161b643ed4b1e1f5819a8d07d9627a392cd86
359771d066a0d128f3cd23649852281933721b7af09cd672b096fbdc6fae98b2
37c2275346a926539fe51e964a5825e79bdcff0b0f53f55c9681dab96e69be49
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3b6a9f2ffcdb9f912a7aedfcd1a86a159a38f7f592edec6f6d2623b079d94c5e
3bdc3d1c49a5861451ccc309d7bc2510c30463ca0a32471b4d988274b391d5a8
3ce180dce4e114166047284e549a6dae0c28ec609c5539920da8fa3a0c6a9034
3d51281c48855e72491ac211f85647013e608b1eadd4033f235d26f7ef38a6b5
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
3ea555c1e979c28e1d20d729c64ff36b267b83dcabdefe96460d9ae860e4082f
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf
40083197f6c3fad2ef5d99095c72f3a60072e92bdfcd920dd91299f3679027b7
41dbddff878f15fcd19149ebcf4606b69a80c42a080699e84e48eaf143dcc3f8
41fcd7abe2a8f24a5e8c058cd6b04475172bbe622b4150b22a9861c8917536a5
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
443343d25e80e7e80b0ed2f16bb6aeab2fa933b1ec58470234ef3505eb56e73e
4487a470b5b991aee82f852d6038c563fdf8e33f931870d00613828cca7aa619
44eeb4568b704c0f0a9909aed03ad7458799c0face22b0b8d1333ce5cbd5cfed
45b7902783ce43139eabd352b624b5e927de7a034d180f37be25ef9652661612
461115fd9b3f8467130edbf4925cec1642e5a618edfce50a4822472d066991ed
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46d23daa0a57a967ac07f516491d96b833bf2b56152dd035e85cb8ba89716bf0
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4924e12a30059184d9bd1c36294dcdf957f5f2da452209448b35a93aa785cca5
4a7566220ac6c6f3e1d4f43b8ac29b69af130a100457fba72b0d540c867fc6dd
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4db5d5660210b1bc58a19565f20f97404656f988862ee06b4e3578c5a3b8085b
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fd404a3dd41ba5796289aa477fbab1ca6d8417713f348dc46088f0f304a4c86
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50795dddaa17612e809ddf339489bc1fdff6f7bcc76115ba6eeb17eccb68eb47
51f3359dfda7f7e3bb7ca5440eba096f6b170c38da65853d53fc56bdd65f396a
526570790fb55c7376917efb0561bac7302c8946d3cfb0daf15e3669c6ee1ee5
52d4d3b3926d9a304dbf75982d78cb25f5242c4a2e87906724f0db762d87ff01
52ee32b27f94df028a6aee40831f88de1a49ebaeaacf58f69f7188f85b7bdfa3
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55e1bb5ac96493124163d21acdc1a9e620d826d6654f94a9fab30cd8a648c0b3
56dc3f20e9bfd5faaa6cb74b9e2b1c4f6ef120732aa1f111b56e988123800fbd
589df44fa16ed9d7d62f3531245ecad8890ed1f7847b24e72ec76093165ddc88
5927b526dea517c6d58a54685beb027c35c2f7dfef38f318d487ff4275d3913a
592ff5bb81903b6900629d20850bb581c798f526b07011734a546ef7ba4631f1
597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf
5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de
5d2840fc0bf868ec7e60c9e2f14a0f623b865ee0a7f8459fbfb25881709f7838
5d571c24dd581cd84d7fb29cf1ca60872930eb09dec2678e282ddfd2b6091086
5e5278ced9ec4bd5255603ee5dabfd6f7100ef1aea082e72bf11cecadb2bf6d2
5fe4e4cc0eea4ffb607d0fa93af2d37504a7278361eb212e7a58c870c466dd8b
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
616caa77f3b26bf752bc7e76e496c90f09e972978a16e9fd7111d8f23009f504
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
623fc8e358a6564dcebbe993a5feb5f624eddc9385997761e2fbcf7caf06732b
62db05cbc08f8a152afa78e6c309221aac46be5a9927d700dc5dcd79b694af7d
644aace6e359180bf6b29b4a7b172f7b6cb8c937fa531eed22a6447fab6a2c8c
645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4
64e07ecaecc267e1549ba93f92ac4c1220bb2f4b14919a02bce60e8dcdcaad66
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6871e1e6f366d0b46b9cc9beceaa98d41f0915196224700fcc5ca8a5006a330b
69ccee7561324d62b56186f49876111b90537a9024fb41bc662c9ef11166fd34
6a6ed8fb7eb7237c120e697c7ad190ebcf04ad1f286ae4e09cc4bfd7eb063ff7
6b80bbf7ae265b520fa60847fdfd3e9f8099a99a37941b27ea673f65f024f459
6d7450d9086a4837270fcc85baa255570d4c60dbbd9288bc64aa5aa2ff04c059
6dba6e329dfb9cefab40d65bd87209b0f98f585e82f455bff4ffb75e99573a23
6e02dd34b1017ee295f27243e309b54b618988cb0788bcc3acf49824b0ed6175
6e280428a44bc882ae26b470a2db85b137a53cbc4dbc44e29f83b813f66cb22c
6f88ad1b185e443ce4a39c76c65fa4b6f199c1521398535cc5452b19304d5f17
6fea3890606d1f2885c18e3675b18d1219297ee5cdc16847d9a66598b88fcf8b
701511a8f659a2d9900ee663be0d19caa776005208107690d1f43ce6d8bd870e
7327225cdf3eb28cd7f8ed4ab98de9d079fe2f007c3d73fd58dc4c757cf6b4cf
73f1fabecfcc042f6fae535add4ebef47bc1ce579375f2374f4ddfbb1ca4f673
746bb444475aa2dba95fb69b420eb29963236e3bb8d4a1f2618250f0ef8d398b
756a483dfdd4d21d23a86759cfd47637f199493892c554fe3827e21ce7b53c1d
76d0d144cab37ceb245da2686fc8b5188508a91aee42773c8caba340dd7e4309
77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39
7921a6035cc8a0981a5dee737dd3d29b150ddd48407717d3fca4b6376f2b0e70
795a830b0b31bbb525291b12e54586cc1a04986b913e6354a10cf03a17189e2d
7c471d1bf07ba5441702ad12d43d231b01425b440789f166b19307c5c6e5aede
801d6ff0dd3191cc7e44d8060ed2336706e8301bf4478df935f1ef87a82c11de
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
836ce6018f856937e51e563812cfe6157d51c351756209a70e918925c0ec7bb7
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
853a8c7e34be5549a44fc541e13876f5c2838123142f527dab2265950feaeefb
861ac263132d0b6dff10b6b5a7c51c290e45f257bb628c92016f5a0790543516
893b8c01f38f7d5ba1525463505f7c6301efdf0cd7489f1e5d35e89553cb3799
8a52b24971743a95b1653a9e971dc63dc76973ff2aba3e1f19fad2b440d9b1a9
8a617d5238d3f9c742fe845ee5a9821bcb8f741d3dac12ad327dd86907822a8a
8ac4d31233baa94433f305d393674f22af5cca5e2f4c7b555c06d602135bcd13
8b929999ca3ae00acd708904b7d18257d6454d641777c670ad7f7a4e4f3d8c25
8ca6863d16ef1aab9af8b4982cf5ac4cd13952cab01ef684ec9db53a62f1d981
8cce178d2af1945d796fb0f59a956e2d51086ed8d5dd8152efc951c05ecf1f6b
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8db8c284e5e2466a013f497b5b1ecee8adc2977abd9e4087e8fb67743c8c86cf
8f342b37e775567bee8dd3fb781154db5f4a1ade6130a46b85188876ded56531
8f64ba588cf6d908d3aa14724b4e34ccce4e6d6eb29e5767839659b766e11981
8f7018f33777001d751d8c8d9107bb98e2b2dc3e6c6375a85518365653147c8e
8ff0571e454b75517b28b02b1749dbcafa80d1cf6c4786c8fc45ee6f3fd13bcc
9117bb06a9e660dd06c258479ab33e8471275667432fe5c5349e6f2e68b0e673
91db1e1d3a016da0ff257d8d7d5a83137152fdb169ba28ba9f5cbf60f2381fe9
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
963bd10345f70bf05d8735d5e33a7586d1c4b5e8a5b45861d36febe8be0d9af8
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
98170f42a67dfc5eaba4006c5070ceb7898869e05dd4e99c4b79607ca44c5cd2
9966325185672707cb236f7080ded8154b0d073f9fb42b90f4e39009f2973e88
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9d52c7c5050b088109075328a9e830e4bfdf6446c763b9e69c637d5c0e11d599
9e3035b7f5b0074bf8401e498b2160a29e3f13741f03e537ad98e9a1836a701f
9efc937921f32143bb9ff6026a84610dde3909d749563deb3ff75a7219a21f91
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0321d7f4006d1ef24eb6f33f7252ab8bcbb9237a56c49aad5abe30b085ae3fa
a1cb876b8d4ac161aa3960063801ce2a3e1f893863524b9132de74867fe9d16b
a4338b399e437bda69b997b7de46a7869b9244a1f7cebc91ddaf57329c41e7ae
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a59afcb6bf5166e0e0687c864e8e8141c61560e5ed467cd217c450c1cb459845
a5b1a7254329f61b1a5354c14196b416544a5cf81d317850d0101386df23fb2e
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a809e97013b56c1fcf48f4c59d3bd5ed1c40aced0212a4eb1f463ba0788cc1db
a8441b850c7e2bfa72c090b01c2468fadb48dd4a71e97ae7b2f26f9ca238ae36
a9556451882c7b86d689ee82a86c2b360cf0acea6d92a4165c80054371e52336
aa22a483fca0acfc570c09a9f9a61f1610a8f0afa9843924e05f1871e499f781
ab994d90fb6b4e3841442d2a52de882b13b872c9f09c7765a55319aca262a71c
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ad9dc28caa0fca7a160f2f4c9907725629603a32a137934e5cdcc2652323f637
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308
afe8eb324ec4e60aa70cad58ceeb9630c7d7fb27d1e367c1bbb4338a9bb2fb33
b034ecd1482f554009ac75629be1b505f2ec7a0e9b5d8d69ccfcbd03b11d9606
b118568858df50612fa3591132d6d6bb41ddf00f8c74ad8cccd16e5510691aad
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1b4b9e3c6649d7edbc5429ccd5dac23804ae4b00f962f2bc3e799b6a0304a2c
b3eac0550b379114427c1361eccd17319ca02132838d4f93b2d39666c2ba53a4
b4bfea87f3fe4c0b0a5d33c60faa33b58eca3268bd26fd58cd300bef6f0833ae
b5c00549ffea334564e92da54007efda3b15638bd64babde024b439891e1165b
b62a89701f26ec1da28a7957e9dbdf26c5151089025c31795f9534a0ea878600
b7ee2e2c1f36198a263d4d442d6752e78d61fecd54473cb5c1c3dbb8b6053817
b8394c49ee89ce9f45ce2ea337f1a86ff36a488bc7c97e0bafc9913a5dd10e37
b83f885e4b5c5702a89c7ab944f16e40f1a59b33157baa872196124d128e68cd
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbf48c7d5cd81b2a68a89d00e0adba17b74f3c1eeeac398f24f7f63a9f27368b
bcb119f96a9e5068c249668908f679d111bbde0867559eb59673e5e2a0340dd5
bcf7bc5e84340b80fb05a2240efc79e4325d8cd4372b865a3ab35f0e4343c14d
bdd296ab322e7c6544b26dfaa32a80f974e3c1f574924c160a01e5ea6d4a771f
bdfaf1494e9dc2a16a30af1a81a6c3bf6c35af2493044377b7e3d28861ddb49d
bfde7d8c3faf39da42713b587dbed55d088a5afc1664a79565a8391735c63df1
c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7
c2095f6920579eb6938ef2ddecc5652d5a9557555a32b019969e329a93731897
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c389d207da73b5d7be9fa49df70526c5dbf2d1063ba29341d76569b7505ef82b
c3b7bf416424abed17314649bb71a1de7a3afc6af66840d04b730e69652e27ac
c42eec61276b3b65bb70f1383f73437e43de68f57a5bacac54409cb95ad09111
c67ae0b8f661c79b1bc63451bfff95d124641bd0102459cf39b28f4e5400d5f1
c7e3e2281e670435dd46492437a30bcf0c59368d824ac1aa591571d35c81d88b
c877d16fba023f3bd02c5a3a27a9e70886fab643d424a2e5ff2707f6b545f78b
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c99ff58c3dc4deb821c87dc9c45aed4af66541ceb1b0f62ec208114ffc37dbf4
ca372f1d4ced7e2a37e83eb5b880159ba569a4fbf613b9cc2894a6c8726c13f6
cb83af0eec1fb71fb35196225c4a4a8964b7e47b52f9a85679c808907abd2b09
cc6edb8c4cd1b734aa8792ff58881ffe0ef9c71ebea0ce2434febd071224b707
cd5e51e4be28957472ed34851536685ff162bb43dec37c9a7be46de1c1b72ee9
cd761999e95a96d74a3853a66f59b6c360d58e26f46d5bd382ba0660246e2832
ce3152168290b1b92efe3a9ec4ee91acf3b91397b117aecaa158ae938bb826f8
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cff8001763a4cb0cb81352e07fb9927790673baaeda29140c072f30c5933cf10
d069c59a0c6560c826434ce5ae6084e3fbe9b00e4cfa15b8cd0b52fb5729e3a1
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0d80991c6e4b62d5c77985c1e293aad44cc120e03aee7ae6936c79d25a0e467
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d182f478bc4a639270ddb0e6eca77f38efe03edd4162395bfdf6a5441f19fc6e
d5c2f46f6fa1c65285c59762ea527a94eae3baa7e84969e11dcc2b8000bc79dd
d5cd01e2ad16f34488c095f6c25f3c891c6a29419368f96fba0b28cab42789f8
d602ef42deb77f6a8ba9c57b5635bfb211ce49f19f1b5700baa6d434a5a9742d
d658d875fc3585c4c508c403d9d0843e192845b6e101a09e887b757a895b1790
d685d349bc446d06cf68755fd4dbd95bb51f8913ad08cea281e371aa1fc284eb
d81e26c91ec4bba312b39dc1eb8c1b7c09a4e5d1430b09f96fcab55002662bd1
d845af1f0c23a4d6e415a829ee32ecd3b051e1b9539970687046dd38ae78c98d
d8bc4ce6c78f9cd603252404512ad07fc23c89a15c7a6dc0d049f2b431aa23c6
d8df52b241467596315f4089dd46ce5cb7432aa39f10fd7fb913fa74a8e200f5
db2c529bd81e24285880e7644c808ece637a5e7d2ad1f757e87b131536890bf7
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de6cd2ebe2b44ff08a6c8b7c126c46911b5b52400247fdeffc8814ab21669343
e22dac599cac42d62e365402826c06ff27c951788330b14a07046b0828598666
e253c035ba9ec55d5b9463864759e9b4519d5d24e2b3ed1f0b09199e662dbceb
e2bd61e16123fb9afc53c76006634fa509a1a41547523f66f07e562e72926efb
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3a62ce28a6b2342ee3b1cb6af4c227da5774fe49d128fbc5f471eb845e10b46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e422901370f2b04ac1984fe73e0b31bf8a8e5d3264aab45e45586e3818657e5a
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6d6defa67b3b89cb20b719ccc49bf489ab3fc19a0426620b55d513859c5acca
e728fe40da58cadf21a03d28ed7d43ccc98bc825c608596883052911b570476c
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e95eb0ba4673316cb69bd8c40117241231ed026963e9cb5bd3b877308f8d8763
eac5e525a8d45ece425cf093c119ef849bed34c925860a53c9120ac544bb6190
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
ebbe84e55b388c782babbc38e8460a1841ee9fe7d9f871bcc1002476c395c119
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef39d0d27b499b0fe070bd0961dbd9ca1aeb0ada339c62fe14dc65177d4c3f96
ef9f4e5595c87f7bab17859c9e649bc27a66aae8e407d0c72b179a336f6be282
f0b06901c61425209523bc5929df4871248ce6d83bba4d9052917f8b3b586a72
f2448fbc7bf766266d8b9053417d658c80147317e470c85cfab33de5970a7df0
f37d1ad4ff54c0819a950c6bf692c4294e593e2df41f3ad3f2cd11d281ebead0
f42ab8c066e4920fe750d485cae44e623efa7d824b48f8b56128be8edec7adf2
f6473010cd957f90c8cd325638af7ca00d5fc3375d74dff6df8b99df4b7eb3b9
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
fad60f8f97110470e488bdd7537487da13e8064a84df56ad9d98769b839f9778
fba5c7d3750000b669c9c3bd2d7fa3bd1eb6a1dc564a9752c4116ad0f7562c1b
fbdd8e926fe49830d07f3459d33fb838cf15d4e902ce088ccf8510305cb01ec8
fc42a5746ed064ac32f39cfd040b703f65e1c6a31276289a41995e45c87d4ad0
fd3121a04a4b745f71058c38f7902b207de37f86aa3a9674eda80a2baf366382
fdb3a5f6e3182c980503f12c3b7d7a6cbbf899db34df26816ac905acb58f7cdb
ff1c52f99eac10c8308421f138f6220b2efb8dbb3627e48a694a0d49170fff3b